Launchpad CVE tracker

CVE 2014-1428

A vulnerability in generate_filestorage_key of Ubuntu MAAS allows an attacker to brute-force filenames. This issue affects Ubuntu MAAS versions prior to 1.9.2.

Related bugs and status

CVE-2014-1428 (Candidate) is related to these bugs:

Bug #1379826: uuid.uuid1() is not suitable as an unguessable identifier/token

		In	Importance	Status
1379826	uuid.uuid1() is not suitable as an unguessable identifier/token	MAAS	Critical	Fix Released
1379826	uuid.uuid1() is not suitable as an unguessable identifier/token	MAAS 1.5	Critical	Won't Fix
1379826	uuid.uuid1() is not suitable as an unguessable identifier/token	MAAS 1.2	Critical	Won't Fix
1379826	uuid.uuid1() is not suitable as an unguessable identifier/token	MAAS 1.6	Critical	Won't Fix
1379826	uuid.uuid1() is not suitable as an unguessable identifier/token	MAAS 1.7	Undecided	Won't Fix
1379826	uuid.uuid1() is not suitable as an unguessable identifier/token	MAAS 1.9	Critical	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2014-1428

References