Create an account

Subscribe to LWN

Shumway lands in Firefox

LWN.net Weekly Edition for October 3, 2013

Integrity and embedded devices

NUMA scheduling progress

LWN.net Weekly Edition for September 26, 2013

Weekly edition	Kernel	Security	Distributions	Contact Us	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ	Sponsors

python-keystoneclient: password disclosure

Package(s):

python-keystoneclient

CVE #(s):

CVE-2013-2013

Created:

June 28, 2013

Updated:

September 18, 2013

Description:

From the openSUSE bug report:

OpenStack keystone places a username and password on the command line, which allows local users to obtain credentials by listing the process.

Alerts:

openSUSE	openSUSE-SU-2013:1090-1	2013-06-27
Fedora	FEDORA-2013-14302	2013-08-15
Fedora	FEDORA-2013-13900	2013-08-21
Slackware	SSA:2013-260-01	2013-09-17

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds