Comment 62 for bug 1496277
Revision history for this message
| Tristan Cacqueray (tristan-cacqueray) wrote Re: template-validate may read server local files (CVE-2015-5295) | #62 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Alright, my bad, comment #30 suggested the python-heatclient could get fixed as well.
Here is the final impact description removing client affect:
Title: Heat denial of service through template-validate
Reporter: Steven Hardy (Red Hat)
Products: Heat
Affects: <=2015.1.2, ==5.0.0
Description:
Steven Hardy from Red Hat reported a vulnerability in Heat template validation. By referencing a local file like /dev/zero, an authenticated user may trick the heat engine service to load arbritrary local file content resulting in a Denial of Service attack through memory exhaustion. Note that the file content is not written back to the user, though the user can determine if a file exists and if it is readable by heat-engine. All Heat setups are affected.