CVE 2013-6433
The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file.
Related bugs and status
CVE-2013-6433 (Candidate) is related to these bugs:
Bug #1185019: rootwrap sudoers configuration does not follow packaging guidelines
Bug #1328134: [SRU] icehouse 2014.1.1 point release
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1328134 | [SRU] icehouse 2014.1.1 point release | nova (Ubuntu) | Undecided | Invalid | ||
1328134 | [SRU] icehouse 2014.1.1 point release | ceilometer (Ubuntu) | Undecided | Invalid | ||
1328134 | [SRU] icehouse 2014.1.1 point release | cinder (Ubuntu) | Undecided | Invalid | ||
1328134 | [SRU] icehouse 2014.1.1 point release | glance (Ubuntu) | Undecided | Invalid | ||
1328134 | [SRU] icehouse 2014.1.1 point release | heat (Ubuntu) | Undecided | Invalid | ||
1328134 | [SRU] icehouse 2014.1.1 point release | horizon (Ubuntu) | Undecided | Invalid | ||
1328134 | [SRU] icehouse 2014.1.1 point release | keystone (Ubuntu) | Undecided | Invalid | ||
1328134 | [SRU] icehouse 2014.1.1 point release | neutron (Ubuntu) | Undecided | Invalid | ||
1328134 | [SRU] icehouse 2014.1.1 point release | ceilometer (Ubuntu Trusty) | Undecided | Fix Released | ||
1328134 | [SRU] icehouse 2014.1.1 point release | cinder (Ubuntu Trusty) | Undecided | Fix Released | ||
1328134 | [SRU] icehouse 2014.1.1 point release | glance (Ubuntu Trusty) | Undecided | Fix Released | ||
1328134 | [SRU] icehouse 2014.1.1 point release | heat (Ubuntu Trusty) | Undecided | Fix Released | ||
1328134 | [SRU] icehouse 2014.1.1 point release | horizon (Ubuntu Trusty) | Undecided | Fix Released | ||
1328134 | [SRU] icehouse 2014.1.1 point release | keystone (Ubuntu Trusty) | Undecided | Fix Released | ||
1328134 | [SRU] icehouse 2014.1.1 point release | neutron (Ubuntu Trusty) | Undecided | Fix Released | ||
1328134 | [SRU] icehouse 2014.1.1 point release | nova (Ubuntu Trusty) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.