Release date:
Updated on:
Affected Systems:
RedHat Fedora 16
Openstack Swift
Description:
--------------------------------------------------------------------------------
Bugtraq id: 55420
CVE (CAN) ID: CVE-2012-4406
OpenStack is a cloud computing platform jointly developed by Rackspace and NASA. It helps Service providers and enterprises implement cloud Infrastructure services (as a Service, IaaS) similar to Amazon EC2 and S3 ). OpenStack consists of two main modules: Nova and Swift. The former is the virtual server deployment and business computing module developed by NASA, and the latter is the distributed cloud storage module developed by Rackspack, which can be used together, it can also be used separately.
OpenStack Swift has a security vulnerability. After successful exploitation, attackers can execute arbitrary code in affected applications.
<* Source: Thierry Carrez (koon@gentoo.org)
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Openstack
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://horizon.openstack.org/intro.html