Eucalyptus Walrus Request Manipulation Security Bypass Vulnerability

Bugtraq ID:	58680
Class:	Design Error
CVE:	CVE-2012-4066
Remote:	Yes
Local:	No
Published:	Feb 28 2013 12:00AM
Updated:	Mar 19 2015 08:17AM
Credit:	Reported by the vendor.
Vulnerable:	Red Hat Fedora 17 Eucalyptus Systems Eucalyptus 2.0.3 Eucalyptus Systems Eucalyptus 2.0.2 Eucalyptus Systems Eucalyptus 2.0.1 Eucalyptus Systems Eucalyptus 2.0.0 Eucalyptus Systems Eucalyptus 1.6.2
Not Vulnerable:

Eucalyptus Walrus Request Manipulation Security Bypass Vulnerability

Eucalyptus is prone to a security-bypass vulnerability.

Remote attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions.

Eucalyptus versions prior to 3.2.1 are vulnerable.

Eucalyptus Walrus Request Manipulation Security Bypass Vulnerability

An attacker can exploit these issues using readily available tools.

Eucalyptus Walrus Request Manipulation Security Bypass Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Eucalyptus Walrus Request Manipulation Security Bypass Vulnerability

References:

• Eucalyptus Homepage (Eucalyptus Systems)