[Bug 1006815] Re: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token
Please review this vulnerability description. Once confirmed it will go out in an OSSA. This applies to this bug as well as bug 1006822. Title: Some actions in Keystone admin API do not validate token Impact: High Reporter: Jason Xu Products: Keystone Affects: Essex (prior to 2012.1.2), Folsom (prior to folsom-2 development milestone) Description: Jaxon Xu reported a vulnerability in Keystone. Two admin API actions did not require a valid token. The first was listing roles for a user. The second was the ability to get, create, and delete services. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/1006815 Title: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1006815/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1006815] Re: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token
russel - description is good, run with it. ** Description changed: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't - validate token + validate the authentication token before returning a response. - we can get the same result without a token in HTTP head. + i.e. we can get the same result without a token in HTTP head. Eg: without a token jason@ubuntu:~/project/keystone$ curl http://0.0.0.0:35357/v2.0/tenants/1f73672bf2184a909abc8fe67e7a537d/users/b84f6dbb6d7b4130a8a9e9298ec96164/roles | python -m json.tool - % Total% Received % Xferd Average Speed TimeTime Time Current - Dload Upload Total SpentLeft Speed + % Total% Received % Xferd Average Speed TimeTime Time Current + Dload Upload Total SpentLeft Speed 10072 100720 0308 0 --:--:-- --:--:-- --:--:-- 346 { - roles: [ - { - id: 06906f69ffd44ad0b9fc86d1c3d1bcbd, - name: admin - } - ] + roles: [ + { + id: 06906f69ffd44ad0b9fc86d1c3d1bcbd, + name: admin + } + ] } with token jason@ubuntu:~/project/keystone$ curl -H X-Auth-Token:ecab59a3f4e2468b9934c24f8660a809 http://0.0.0.0:35357/v2.0/tenants/1f73672bf2184a909abc8fe67e7a537d/users/b84f6dbb6d7b4130a8a9e9298ec96164/roles | python -m json.tool - % Total% Received % Xferd Average Speed TimeTime Time Current - Dload Upload Total SpentLeft Speed + % Total% Received % Xferd Average Speed TimeTime Time Current + Dload Upload Total SpentLeft Speed 10072 100720 0242 0 --:--:-- --:--:-- --:--:-- 270 { - roles: [ - { - id: 06906f69ffd44ad0b9fc86d1c3d1bcbd, - name: admin - } - ] + roles: [ + { + id: 06906f69ffd44ad0b9fc86d1c3d1bcbd, + name: admin + } + ] } - What we expect: without a token jason@ubuntu:~/project/keystone$ curl http://0.0.0.0:35357/v2.0/tenants/1f73672bf2184a909abc8fe67e7a537d/users/b84f6dbb6d7b4130a8a9e9298ec96164/roles | python -m json.tool % Total% Received % Xferd Average Speed Time Time Time Current - Dload Upload Total SpentLeft Speed + Dload Upload Total SpentLeft Speed 100 116 100 1160 0848 0 --:--:-- --:--:-- --:--:-- 1026 { - error: { - code: 401, - message: The request you have made requires authentication., - title: Not Authorized - } + error: { + code: 401, + message: The request you have made requires authentication., + title: Not Authorized + } } - Attached is a diff of the changes. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/1006815 Title: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1006815/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1006815] Re: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token
Description looks good to me. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/1006815 Title: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1006815/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1006815] Re: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token
OSSA sent: https://lists.launchpad.net/openstack/msg17034.html -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/1006815 Title: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1006815/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1006815] Re: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token
** This bug has been flagged as a security vulnerability -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/1006815 Title: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1006815/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1006815] Re: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token
** Changed in: keystone Milestone: folsom-2 = 2012.2 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/1006815 Title: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1006815/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1006815] Re: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token
** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2012-4456 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/1006815 Title: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1006815/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1006815] Re: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token
Test coverage log. ** Attachment added: 2012.1+stable~20120824-a16a0ab9-0ubuntu2.log https://bugs.launchpad.net/bugs/1006815/+attachment/3283183/+files/2012.1%2Bstable%7E20120824-a16a0ab9-0ubuntu2.log ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/1006815 Title: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1006815/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1006815] Re: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token
** Changed in: keystone (Ubuntu) Status: New = Fix Released ** Changed in: keystone (Ubuntu Precise) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/1006815 Title: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1006815/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1006815] Re: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token
** Branch linked: lp:ubuntu/precise-proposed/keystone -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/1006815 Title: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1006815/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1006815] Re: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token
** Also affects: keystone (Ubuntu) Importance: Undecided Status: New ** Also affects: keystone (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: keystone (Ubuntu Quantal) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/1006815 Title: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1006815/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1006815] Re: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token
The attachment keystone_tenant_api_bug.patch of this bug report has been identified as being a patch. The ubuntu-reviewers team has been subscribed to the bug report so that they can review the patch. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-reviewers team please also unsubscribe the team from this bug report. [This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/1006815 Title: Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1006815/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs