Home page logo

oss-sec logo oss-sec mailing list archives

CVE request -- vdsm: certificate generation upon node creation
From: Petr Matousek <pmatouse () redhat com>
Date: Sat, 10 Nov 2012 21:30:20 +0100

When new node image is being created, vdsm.rpm is added to the node
image and self-signed key (and certificate) is created. This key/cert
allows vdsm to start and serve requests from anyone who has a matching
key/cert which could be anybody holding the node image.

Upstream fix:


This issue was discovered by Dan Kenigsberg of Red Hat.


Petr Matousek / Red Hat Security Response Team

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]