OSSA-2011-001: Path traversal issues registering malicious images using EC2 API

Date:

December 13, 2011

CVE:

CVE-2011-4596

Affects

  • Nova: All versions

Description

David Black reported two issues in OpenStack Nova’s support for EC2 RegisterImage action. By registering images from malicious tarballs or manifests, an attacker could potentially traverse directories and overwrite files with the rights of the user Nova runs under. Only setups allowing the EC2 API and the S3/RegisterImage method for registering images are affected.

Patches

Credits

  • David Black (CVE-2011-4596)

References