OSSA-2013-006: VNC proxy can connect to the wrong VM

Date:February 26, 2013
CVE:CVE-2013-0335

Affects

  • Nova: All versions

Description

Loganathan Parthipan (HP) and Rohit Karajgi (NTT Data) independently reported a vulnerability in Nova. If a user requests a console and then deletes the VM, it is possible that the console token could allow connectivity to a different VM before the console token expires if the VNC port gets reused in that time period. This issue can be worked around by disabling VNC support.

Credits

  • Loganathan Parthipan from HP (CVE-2013-0335)
  • Rohit Karajgi from NTT Data (CVE-2013-0335)