OpenStack Compute (nova)

Comment 11 for bug 1927677

Revision history for this message

Swe W Aung (sirswa) wrote on 2021-05-14: Re: [Bug 1927677] Re: novnc allowing open direction which could potentially be used for phishing

#11

Hi Melanie

Thanks for the investigation and the effort. Really appreciate that.

Regards
sw3

On Sat, 15 May 2021 at 7:10 am, Swe Win Aung <email address hidden> wrote:

> Hi Melanie
>
> The is for the investigation and your effort. Really appreciate that.
>
> Regards
> sw3
>
> On Sat, 15 May 2021 at 1:06 am, melanie witt <email address hidden>
> wrote:
>
>> ** Also affects: nova/train
>> Importance: Undecided
>> Status: New
>>
>> ** Also affects: nova/ussuri
>> Importance: Undecided
>> Status: New
>>
>> ** Also affects: nova/wallaby
>> Importance: Undecided
>> Status: New
>>
>> ** Also affects: nova/victoria
>> Importance: Undecided
>> Status: New
>>
>> --
>> You received this bug notification because you are subscribed to the bug
>> report.
>> https://bugs.launchpad.net/bugs/1927677
>>
>> Title:
>> novnc allowing open direction which could potentially be used for
>> phishing
>>
>> Status in OpenStack Compute (nova):
>> In Progress
>> Status in OpenStack Compute (nova) train series:
>> New
>> Status in OpenStack Compute (nova) ussuri series:
>> New
>> Status in OpenStack Compute (nova) victoria series:
>> New
>> Status in OpenStack Compute (nova) wallaby series:
>> New
>> Status in OpenStack Security Advisory:
>> Incomplete
>>
>> Bug description:
>> This bug report is related to Security.
>>
>> Currently novnc is allowing open direction, which could potentially be
>> used for phishing attempts
>>
>> To test.
>> https://<sites' vnc domain>//example.com/%2F..
>> include .. at the end
>>
>> For example:
>> http://vncproxy.my.domain.com//example.com/%2F..
>>
>> It will redirect to example.com. You can replace example.com with some
>> legitimate domain or spoofed domain.
>>
>> The description of the risk is
>> By modifying untrusted URL input to a malicious site, an attacker may
>> successfully launch a phishing scam and steal user credentials.
>> Because the server name in the modified link is identical to the
>> original site, phishing attempts may have a more trustworthy appearance.
>>
>> To manage notifications about this bug go to:
>> https://bugs.launchpad.net/nova/+bug/1927677/+subscriptions
>>
> --
> Sent from Gmail Mobile. Please excuse random autocorrects and "tpyos"
>
--
Sent from Gmail Mobile. Please excuse random autocorrects and "tpyos"

Hi Melanie

Thanks for the investigation and the effort. Really appreciate that.

Regards
sw3

On Sat, 15 May 2021 at 7:10 am, Swe Win Aung <sirswa@gmail.com> wrote:

> Hi Melanie
>
> The is for the investigation and your effort. Really appreciate that.
>
> Regards
> sw3
>
> On Sat, 15 May 2021 at 1:06 am, melanie witt <1927677@bugs.launchpad.net>
> wrote:
>
>> ** Also affects: nova/train
>>    Importance: Undecided
>>        Status: New
>>
>> ** Also affects: nova/ussuri
>>    Importance: Undecided
>>        Status: New
>>
>> ** Also affects: nova/wallaby
>>    Importance: Undecided
>>        Status: New
>>
>> ** Also affects: nova/victoria
>>    Importance: Undecided
>>        Status: New
>>
>> --
>> You received this bug notification because you are subscribed to the bug
>> report.
>> https://bugs.launchpad.net/bugs/1927677
>>
>> Title:
>>   novnc allowing open direction which could potentially be used for
>>   phishing
>>
>> Status in OpenStack Compute (nova):
>>   In Progress
>> Status in OpenStack Compute (nova) train series:
>>   New
>> Status in OpenStack Compute (nova) ussuri series:
>>   New
>> Status in OpenStack Compute (nova) victoria series:
>>   New
>> Status in OpenStack Compute (nova) wallaby series:
>>   New
>> Status in OpenStack Security Advisory:
>>   Incomplete
>>
>> Bug description:
>>   This bug report is related to Security.
>>
>>   Currently novnc is allowing open direction, which could potentially be
>>   used for phishing attempts
>>
>>   To test.
>>   https://<sites' vnc domain>//example.com/%2F..
>>   include .. at the end
>>
>>   For example:
>>   http://vncproxy.my.domain.com//example.com/%2F..
>>
>>   It will redirect to example.com. You can replace example.com with some
>>   legitimate domain or spoofed domain.
>>
>>   The description of the risk  is
>>   By modifying untrusted URL input to a malicious site, an attacker may
>> successfully launch a phishing scam and steal user credentials.
>>   Because the server name in the modified link is identical to the
>> original site, phishing attempts may have a more trustworthy appearance.
>>
>> To manage notifications about this bug go to:
>> https://bugs.launchpad.net/nova/+bug/1927677/+subscriptions
>>
> --
> Sent from Gmail Mobile. Please excuse random autocorrects and "tpyos"
>
-- 
Sent from Gmail Mobile. Please excuse random autocorrects and "tpyos"