Vulnerability-Lookup

CVE-2013-0266 (GCVE-0-2013-0266)

Vulnerability from cvelistv5 – Published: 2013-03-08 21:00 – Updated: 2026-04-30 16:33

Title

Puppetlabs-cinder: packstack: openstack: puppetlabs-cinder: information disclosure of openstack administrative passwords due to world-readable configuration files.

Summary

A flaw was found in the `puppetlabs-cinder` module, as used in PackStack. This vulnerability is due to incorrect file permissions, specifically world-readable permissions, on the `cinder.conf` and `api-paste.ini` configuration files. A local user can exploit this by reading these files, which leads to the disclosure of OpenStack administrative passwords. This information disclosure could allow unauthorized access to sensitive OpenStack resources.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-276 - Incorrect Default Permissions

Assigner

redhat

References

URL

GSD-2013-0266

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permissions for the (1) cinder.conf and (2) api-paste.ini configuration files, which allows local users to read OpenStack administrative passwords by reading the files.

Aliases

CVE-2013-0266

Aliases

CVE-2013-0266

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-0266",
    "description": "manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permissions for the (1) cinder.conf and (2) api-paste.ini configuration files, which allows local users to read OpenStack administrative passwords by reading the files.",
    "id": "GSD-2013-0266",
    "references": [
      "https://www.suse.com/security/cve/CVE-2013-0266.html",
      "https://access.redhat.com/errata/RHSA-2013:0595"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-0266"
      ],
      "details": "manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permissions for the (1) cinder.conf and (2) api-paste.ini configuration files, which allows local users to read OpenStack administrative passwords by reading the files.",
      "id": "GSD-2013-0266",
      "modified": "2023-12-13T01:22:15.580495Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2013-0266",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permissions for the (1) cinder.conf and (2) api-paste.ini configuration files, which allows local users to read OpenStack administrative passwords by reading the files."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2013-0595.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0595.html"
          },
          {
            "name": "https://github.com/puppetlabs/puppetlabs-cinder/commit/7da792fbd40c0e6eae1ee093aa00e0b177bd2ebc",
            "refsource": "MISC",
            "url": "https://github.com/puppetlabs/puppetlabs-cinder/commit/7da792fbd40c0e6eae1ee093aa00e0b177bd2ebc"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=908581",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908581"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openstack:essex:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openstack:folsom:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-0266"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permissions for the (1) cinder.conf and (2) api-paste.ini configuration files, which allows local users to read OpenStack administrative passwords by reading the files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-362"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=908581",
              "refsource": "MISC",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908581"
            },
            {
              "name": "RHSA-2013:0595",
              "refsource": "REDHAT",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0595.html"
            },
            {
              "name": "https://github.com/puppetlabs/puppetlabs-cinder/commit/7da792fbd40c0e6eae1ee093aa00e0b177bd2ebc",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://github.com/puppetlabs/puppetlabs-cinder/commit/7da792fbd40c0e6eae1ee093aa00e0b177bd2ebc"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-03-18T04:00Z",
      "publishedDate": "2013-03-08T21:55Z"
    }
  }
}

GHSA-J8CR-2GXR-HVVJ

Vulnerability from github – Published: 2022-05-05 02:48 – Updated: 2022-05-05 02:48

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-0266"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-362"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-03-08T21:55:00Z",
    "severity": "LOW"
  },
  "details": "manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permissions for the (1) cinder.conf and (2) api-paste.ini configuration files, which allows local users to read OpenStack administrative passwords by reading the files.",
  "id": "GHSA-j8cr-2gxr-hvvj",
  "modified": "2022-05-05T02:48:42Z",
  "published": "2022-05-05T02:48:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0266"
    },
    {
      "type": "WEB",
      "url": "https://github.com/puppetlabs/puppetlabs-cinder/commit/7da792fbd40c0e6eae1ee093aa00e0b177bd2ebc"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908581"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0595.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

RHSA-2013:0595

Vulnerability from csaf_redhat - Published: 2013-03-05 20:55 - Updated: 2025-11-21 17:42

Summary

Red Hat Security Advisory: openstack-packstack security and bug fix update

Severity

Moderate

Notes

Topic: An updated openstack-packstack package that fixes two security issues and several bugs is now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details: PackStack is a command line utility that uses Puppet modules to support rapid deployment of OpenStack on existing servers over an SSH connection. PackStack is suitable for deploying both single node proof of concept installations and more complex multi-node installations. A flaw was found in PackStack. During manifest creation, the manifest file was written to /tmp/ with a predictable file name. A local attacker could use this flaw to perform a symbolic link attack, overwriting an arbitrary file accessible to the user running PackStack with the contents of the manifest, which could lead to a denial of service. Additionally, the attacker could read and potentially modify the manifest being generated, allowing them to modify systems being deployed using OpenStack. (CVE-2013-0261) It was discovered that the cinder.conf and all api-paste.ini configuration files were created with world-readable permissions. A local attacker could use this flaw to view administrative passwords, allowing them to control systems deployed and managed by OpenStack. (CVE-2013-0266) The CVE-2013-0261 issue was discovered by Kurt Seifried of the Red Hat Security Response Team, and CVE-2013-0266 was discovered by Derek Higgins of the Red Hat OpenStack team. This update also fixes several bugs in the openstack-packstack package. All users of openstack-packstack are advised to upgrade to this updated package, which corrects these issues.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2013-0261

(1) installer/basedefs.py and (2) modules/ospluginutils.py in PackStack allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.

4.6 ()


                        
                          AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendor Fix Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://access.redhat.com/errata/RHSA-2013:0595

CVE-2013-0266

2.1 ()


                        
                          AV:L/AC:L/Au:N/C:P/I:N/A:N

References

URL

Category

	https://access.redhat.com/errata/RHSA-2013:0595	self
	https://access.redhat.com/security/updates/classi…	external
	https://bugzilla.redhat.com/show_bug.cgi?id=886592	external
	https://bugzilla.redhat.com/show_bug.cgi?id=890295	external
	https://bugzilla.redhat.com/show_bug.cgi?id=892942	external
	https://bugzilla.redhat.com/show_bug.cgi?id=903187	external
	https://bugzilla.redhat.com/show_bug.cgi?id=904669	external
	https://bugzilla.redhat.com/show_bug.cgi?id=905516	external
	https://bugzilla.redhat.com/show_bug.cgi?id=905737	external
	https://bugzilla.redhat.com/show_bug.cgi?id=906006	external
	https://bugzilla.redhat.com/show_bug.cgi?id=906410	external
	https://bugzilla.redhat.com/show_bug.cgi?id=907624	external
	https://bugzilla.redhat.com/show_bug.cgi?id=907737	external
	https://bugzilla.redhat.com/show_bug.cgi?id=908101	external
	https://bugzilla.redhat.com/show_bug.cgi?id=908581	external
	https://bugzilla.redhat.com/show_bug.cgi?id=910211	external
	https://bugzilla.redhat.com/show_bug.cgi?id=910818	external
	https://bugzilla.redhat.com/show_bug.cgi?id=911653	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2013-0261	self
	https://bugzilla.redhat.com/show_bug.cgi?id=908101	external
	https://www.cve.org/CVERecord?id=CVE-2013-0261	external
	https://nvd.nist.gov/vuln/detail/CVE-2013-0261	external
	https://access.redhat.com/security/cve/CVE-2013-0266	self
	https://bugzilla.redhat.com/show_bug.cgi?id=908581	external
	https://www.cve.org/CVERecord?id=CVE-2013-0266	external
	https://nvd.nist.gov/vuln/detail/CVE-2013-0266	external

Acknowledgments

Red Hat Security Response Team Kurt Seifried

Red Hat OpenStack team Derek Higgins

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated openstack-packstack package that fixes two security issues and\nseveral bugs is now available for Red Hat OpenStack Folsom.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "PackStack is a command line utility that uses Puppet modules to support\nrapid deployment of OpenStack on existing servers over an SSH connection.\nPackStack is suitable for deploying both single node proof of concept\ninstallations and more complex multi-node installations.\n\nA flaw was found in PackStack. During manifest creation, the manifest file\nwas written to /tmp/ with a predictable file name. A local attacker could\nuse this flaw to perform a symbolic link attack, overwriting an arbitrary\nfile accessible to the user running PackStack with the contents of the\nmanifest, which could lead to a denial of service. Additionally, the\nattacker could read and potentially modify the manifest being generated,\nallowing them to modify systems being deployed using OpenStack.\n(CVE-2013-0261)\n\nIt was discovered that the cinder.conf and all api-paste.ini configuration\nfiles were created with world-readable permissions. A local attacker could\nuse this flaw to view administrative passwords, allowing them to control\nsystems deployed and managed by OpenStack. (CVE-2013-0266)\n\nThe CVE-2013-0261 issue was discovered by Kurt Seifried of the Red Hat\nSecurity Response Team, and CVE-2013-0266 was discovered by Derek Higgins\nof the Red Hat OpenStack team.\n\nThis update also fixes several bugs in the openstack-packstack package.\n\nAll users of openstack-packstack are advised to upgrade to this updated\npackage, which corrects these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2013:0595",
        "url": "https://access.redhat.com/errata/RHSA-2013:0595"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "886592",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=886592"
      },
      {
        "category": "external",
        "summary": "890295",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=890295"
      },
      {
        "category": "external",
        "summary": "892942",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=892942"
      },
      {
        "category": "external",
        "summary": "903187",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=903187"
      },
      {
        "category": "external",
        "summary": "904669",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=904669"
      },
      {
        "category": "external",
        "summary": "905516",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=905516"
      },
      {
        "category": "external",
        "summary": "905737",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=905737"
      },
      {
        "category": "external",
        "summary": "906006",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=906006"
      },
      {
        "category": "external",
        "summary": "906410",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=906410"
      },
      {
        "category": "external",
        "summary": "907624",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907624"
      },
      {
        "category": "external",
        "summary": "907737",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907737"
      },
      {
        "category": "external",
        "summary": "908101",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908101"
      },
      {
        "category": "external",
        "summary": "908581",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908581"
      },
      {
        "category": "external",
        "summary": "910211",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=910211"
      },
      {
        "category": "external",
        "summary": "910818",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=910818"
      },
      {
        "category": "external",
        "summary": "911653",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=911653"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0595.json"
      }
    ],
    "title": "Red Hat Security Advisory: openstack-packstack security and bug fix update",
    "tracking": {
      "current_release_date": "2025-11-21T17:42:47+00:00",
      "generator": {
        "date": "2025-11-21T17:42:47+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2013:0595",
      "initial_release_date": "2013-03-05T20:55:00+00:00",
      "revision_history": [
        {
          "date": "2013-03-05T20:55:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2013-03-05T21:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:42:47+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "OpenStack Folsom",
                "product": {
                  "name": "OpenStack Folsom",
                  "product_id": "6Server-Folsom",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openstack:2::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenStack Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
                "product": {
                  "name": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
                  "product_id": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openstack-packstack@2012.2.2-1.0.dev408.el6ost?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src",
                "product": {
                  "name": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src",
                  "product_id": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openstack-packstack@2012.2.2-1.0.dev408.el6ost?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch as a component of OpenStack Folsom",
          "product_id": "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch"
        },
        "product_reference": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
        "relates_to_product_reference": "6Server-Folsom"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src as a component of OpenStack Folsom",
          "product_id": "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src"
        },
        "product_reference": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src",
        "relates_to_product_reference": "6Server-Folsom"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Kurt Seifried"
          ],
          "organization": "Red Hat Security Response Team",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2013-0261",
      "discovery_date": "2012-01-31T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "908101"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "(1) installer/basedefs.py and (2) modules/ospluginutils.py in PackStack allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "packstack: insecure use of /tmp in manifest creation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
          "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-0261"
        },
        {
          "category": "external",
          "summary": "RHBZ#908101",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908101"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0261",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-0261"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0261",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0261"
        }
      ],
      "release_date": "2013-01-31T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-03-05T20:55:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
          "product_ids": [
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:0595"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "packstack: insecure use of /tmp in manifest creation"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Derek Higgins"
          ],
          "organization": "Red Hat OpenStack team",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2013-0266",
      "discovery_date": "2013-02-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "908581"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permissions for the (1) cinder.conf and (2) api-paste.ini configuration files, which allows local users to read OpenStack administrative passwords by reading the files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "packstack: puppetlabs-cinder / manifests / base.pp weak file permissions",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
          "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-0266"
        },
        {
          "category": "external",
          "summary": "RHBZ#908581",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908581"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0266",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-0266"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0266",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0266"
        }
      ],
      "release_date": "2013-02-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-03-05T20:55:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
          "product_ids": [
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:0595"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "packstack: puppetlabs-cinder / manifests / base.pp weak file permissions"
    }
  ]
}

RHSA-2013_0595

Vulnerability from csaf_redhat - Published: 2013-03-05 20:55 - Updated: 2024-11-22 06:07

Summary

Red Hat Security Advisory: openstack-packstack security and bug fix update

Severity

Moderate

Notes

CVE-2013-0261

(1) installer/basedefs.py and (2) modules/ospluginutils.py in PackStack allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.

4.6 ()


                        
                          AV:L/AC:L/Au:N/C:P/I:P/A:P

CVE-2013-0266

2.1 ()


                        
                          AV:L/AC:L/Au:N/C:P/I:N/A:N

References

URL

Category

	https://access.redhat.com/errata/RHSA-2013:0595	self
	https://access.redhat.com/security/updates/classi…	external
	https://bugzilla.redhat.com/show_bug.cgi?id=886592	external
	https://bugzilla.redhat.com/show_bug.cgi?id=890295	external
	https://bugzilla.redhat.com/show_bug.cgi?id=892942	external
	https://bugzilla.redhat.com/show_bug.cgi?id=903187	external
	https://bugzilla.redhat.com/show_bug.cgi?id=904669	external
	https://bugzilla.redhat.com/show_bug.cgi?id=905516	external
	https://bugzilla.redhat.com/show_bug.cgi?id=905737	external
	https://bugzilla.redhat.com/show_bug.cgi?id=906006	external
	https://bugzilla.redhat.com/show_bug.cgi?id=906410	external
	https://bugzilla.redhat.com/show_bug.cgi?id=907624	external
	https://bugzilla.redhat.com/show_bug.cgi?id=907737	external
	https://bugzilla.redhat.com/show_bug.cgi?id=908101	external
	https://bugzilla.redhat.com/show_bug.cgi?id=908581	external
	https://bugzilla.redhat.com/show_bug.cgi?id=910211	external
	https://bugzilla.redhat.com/show_bug.cgi?id=910818	external
	https://bugzilla.redhat.com/show_bug.cgi?id=911653	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2013-0261	self
	https://bugzilla.redhat.com/show_bug.cgi?id=908101	external
	https://www.cve.org/CVERecord?id=CVE-2013-0261	external
	https://nvd.nist.gov/vuln/detail/CVE-2013-0261	external
	https://access.redhat.com/security/cve/CVE-2013-0266	self
	https://bugzilla.redhat.com/show_bug.cgi?id=908581	external
	https://www.cve.org/CVERecord?id=CVE-2013-0266	external
	https://nvd.nist.gov/vuln/detail/CVE-2013-0266	external

Acknowledgments

Red Hat Security Response Team Kurt Seifried

Red Hat OpenStack team Derek Higgins

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated openstack-packstack package that fixes two security issues and\nseveral bugs is now available for Red Hat OpenStack Folsom.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "PackStack is a command line utility that uses Puppet modules to support\nrapid deployment of OpenStack on existing servers over an SSH connection.\nPackStack is suitable for deploying both single node proof of concept\ninstallations and more complex multi-node installations.\n\nA flaw was found in PackStack. During manifest creation, the manifest file\nwas written to /tmp/ with a predictable file name. A local attacker could\nuse this flaw to perform a symbolic link attack, overwriting an arbitrary\nfile accessible to the user running PackStack with the contents of the\nmanifest, which could lead to a denial of service. Additionally, the\nattacker could read and potentially modify the manifest being generated,\nallowing them to modify systems being deployed using OpenStack.\n(CVE-2013-0261)\n\nIt was discovered that the cinder.conf and all api-paste.ini configuration\nfiles were created with world-readable permissions. A local attacker could\nuse this flaw to view administrative passwords, allowing them to control\nsystems deployed and managed by OpenStack. (CVE-2013-0266)\n\nThe CVE-2013-0261 issue was discovered by Kurt Seifried of the Red Hat\nSecurity Response Team, and CVE-2013-0266 was discovered by Derek Higgins\nof the Red Hat OpenStack team.\n\nThis update also fixes several bugs in the openstack-packstack package.\n\nAll users of openstack-packstack are advised to upgrade to this updated\npackage, which corrects these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2013:0595",
        "url": "https://access.redhat.com/errata/RHSA-2013:0595"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "886592",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=886592"
      },
      {
        "category": "external",
        "summary": "890295",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=890295"
      },
      {
        "category": "external",
        "summary": "892942",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=892942"
      },
      {
        "category": "external",
        "summary": "903187",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=903187"
      },
      {
        "category": "external",
        "summary": "904669",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=904669"
      },
      {
        "category": "external",
        "summary": "905516",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=905516"
      },
      {
        "category": "external",
        "summary": "905737",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=905737"
      },
      {
        "category": "external",
        "summary": "906006",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=906006"
      },
      {
        "category": "external",
        "summary": "906410",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=906410"
      },
      {
        "category": "external",
        "summary": "907624",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907624"
      },
      {
        "category": "external",
        "summary": "907737",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907737"
      },
      {
        "category": "external",
        "summary": "908101",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908101"
      },
      {
        "category": "external",
        "summary": "908581",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908581"
      },
      {
        "category": "external",
        "summary": "910211",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=910211"
      },
      {
        "category": "external",
        "summary": "910818",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=910818"
      },
      {
        "category": "external",
        "summary": "911653",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=911653"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0595.json"
      }
    ],
    "title": "Red Hat Security Advisory: openstack-packstack security and bug fix update",
    "tracking": {
      "current_release_date": "2024-11-22T06:07:35+00:00",
      "generator": {
        "date": "2024-11-22T06:07:35+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2013:0595",
      "initial_release_date": "2013-03-05T20:55:00+00:00",
      "revision_history": [
        {
          "date": "2013-03-05T20:55:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2013-03-05T21:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T06:07:35+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "OpenStack Folsom",
                "product": {
                  "name": "OpenStack Folsom",
                  "product_id": "6Server-Folsom",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openstack:2::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenStack Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
                "product": {
                  "name": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
                  "product_id": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openstack-packstack@2012.2.2-1.0.dev408.el6ost?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src",
                "product": {
                  "name": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src",
                  "product_id": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openstack-packstack@2012.2.2-1.0.dev408.el6ost?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch as a component of OpenStack Folsom",
          "product_id": "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch"
        },
        "product_reference": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
        "relates_to_product_reference": "6Server-Folsom"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src as a component of OpenStack Folsom",
          "product_id": "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src"
        },
        "product_reference": "openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src",
        "relates_to_product_reference": "6Server-Folsom"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Kurt Seifried"
          ],
          "organization": "Red Hat Security Response Team",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2013-0261",
      "discovery_date": "2012-01-31T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "908101"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "(1) installer/basedefs.py and (2) modules/ospluginutils.py in PackStack allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "packstack: insecure use of /tmp in manifest creation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
          "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-0261"
        },
        {
          "category": "external",
          "summary": "RHBZ#908101",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908101"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0261",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-0261"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0261",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0261"
        }
      ],
      "release_date": "2013-01-31T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-03-05T20:55:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
          "product_ids": [
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:0595"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "packstack: insecure use of /tmp in manifest creation"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Derek Higgins"
          ],
          "organization": "Red Hat OpenStack team",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2013-0266",
      "discovery_date": "2013-02-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "908581"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permissions for the (1) cinder.conf and (2) api-paste.ini configuration files, which allows local users to read OpenStack administrative passwords by reading the files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "packstack: puppetlabs-cinder / manifests / base.pp weak file permissions",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
          "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-0266"
        },
        {
          "category": "external",
          "summary": "RHBZ#908581",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908581"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0266",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-0266"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0266",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0266"
        }
      ],
      "release_date": "2013-02-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-03-05T20:55:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258",
          "product_ids": [
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:0595"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.noarch",
            "6Server-Folsom:openstack-packstack-0:2012.2.2-1.0.dev408.el6ost.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "packstack: puppetlabs-cinder / manifests / base.pp weak file permissions"
    }
  ]
}

FKIE_CVE-2013-0266

Vulnerability from fkie_nvd - Published: 2013-03-08 21:55 - Updated: 2026-04-30 17:16

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2013-0595.html	Vendor Advisory
secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2013-0266
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=908581
secalert@redhat.com	https://github.com/puppetlabs/puppetlabs-cinder/commit/7da792fbd40c0e6eae1ee093aa00e0b177bd2ebc
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-0595.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=908581
af854a3a-2127-422b-91ae-364da2661108	https://github.com/puppetlabs/puppetlabs-cinder/commit/7da792fbd40c0e6eae1ee093aa00e0b177bd2ebc

Impacted products

	Vendor	Product	Version
	openstack	essex	-
	openstack	folsom	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openstack:essex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEEA665A-AE0F-4C48-87F0-83F3EB4E65CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openstack:folsom:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5BA13BC-F088-45AA-AD10-B74F89CE5375",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in the `puppetlabs-cinder` module, as used in PackStack. This vulnerability is due to incorrect file permissions, specifically world-readable permissions, on the `cinder.conf` and `api-paste.ini` configuration files. A local user can exploit this by reading these files, which leads to the disclosure of OpenStack administrative passwords. This information disclosure could allow unauthorized access to sensitive OpenStack resources."
    },
    {
      "lang": "es",
      "value": "manifests/base.pp en el m\u00f3dulo puppetlabs-cinder, tal como se utiliza en PackStack le da permisos de lectura para todo el mundo a los archovs de configuraci\u00f3n (1) cinder.conf y (2) api-paste.ini, lo que permite a usuarios locales leer contrase\u00f1as de administarci\u00f3n de OpenStack mediante la lectura de dichos archivos.\r\n"
    }
  ],
  "id": "CVE-2013-0266",
  "lastModified": "2026-04-30T17:16:24.183",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "secalert@redhat.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2013-03-08T21:55:01.960",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0595.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2013-0266"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908581"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/puppetlabs/puppetlabs-cinder/commit/7da792fbd40c0e6eae1ee093aa00e0b177bd2ebc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0595.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/puppetlabs/puppetlabs-cinder/commit/7da792fbd40c0e6eae1ee093aa00e0b177bd2ebc"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-276"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-0266 (GCVE-0-2013-0266)

GSD-2013-0266

GHSA-J8CR-2GXR-HVVJ

RHSA-2013:0595

RHSA-2013_0595

FKIE_CVE-2013-0266

Tags

Sightings

Nomenclature