Thanks for the investigation and the effort. Really appreciate that.
Regards
sw3
On Sat, 15 May 2021 at 7:10 am, Swe Win Aung <email address hidden> wrote:
> Hi Melanie
>
> The is for the investigation and your effort. Really appreciate that.
>
> Regards
> sw3
>
> On Sat, 15 May 2021 at 1:06 am, melanie witt <email address hidden>
> wrote:
>
>> ** Also affects: nova/train
>> Importance: Undecided
>> Status: New
>>
>> ** Also affects: nova/ussuri
>> Importance: Undecided
>> Status: New
>>
>> ** Also affects: nova/wallaby
>> Importance: Undecided
>> Status: New
>>
>> ** Also affects: nova/victoria
>> Importance: Undecided
>> Status: New
>>
>> --
>> You received this bug notification because you are subscribed to the bug
>> report.
>> https://bugs.launchpad.net/bugs/1927677
>>
>> Title:
>> novnc allowing open direction which could potentially be used for
>> phishing
>>
>> Status in OpenStack Compute (nova):
>> In Progress
>> Status in OpenStack Compute (nova) train series:
>> New
>> Status in OpenStack Compute (nova) ussuri series:
>> New
>> Status in OpenStack Compute (nova) victoria series:
>> New
>> Status in OpenStack Compute (nova) wallaby series:
>> New
>> Status in OpenStack Security Advisory:
>> Incomplete
>>
>> Bug description:
>> This bug report is related to Security.
>>
>> Currently novnc is allowing open direction, which could potentially be
>> used for phishing attempts
>>
>> To test.
>> https://<sites' vnc domain>//example.com/%2F..
>> include .. at the end
>>
>> For example:
>> http://vncproxy.my.domain.com//example.com/%2F..
>>
>> It will redirect to example.com. You can replace example.com with some
>> legitimate domain or spoofed domain.
>>
>> The description of the risk is
>> By modifying untrusted URL input to a malicious site, an attacker may
>> successfully launch a phishing scam and steal user credentials.
>> Because the server name in the modified link is identical to the
>> original site, phishing attempts may have a more trustworthy appearance.
>>
>> To manage notifications about this bug go to:
>> https://bugs.launchpad.net/nova/+bug/1927677/+subscriptions
>>
> --
> Sent from Gmail Mobile. Please excuse random autocorrects and "tpyos"
>
--
Sent from Gmail Mobile. Please excuse random autocorrects and "tpyos"
Hi Melanie
Thanks for the investigation and the effort. Really appreciate that.
Regards
sw3
On Sat, 15 May 2021 at 7:10 am, Swe Win Aung <email address hidden> wrote:
> Hi Melanie /bugs.launchpad .net/bugs/ 1927677 //example. com/%2F. . vncproxy. my.domain. com//example. com/%2F.. /bugs.launchpad .net/nova/ +bug/1927677/ +subscriptions
>
> The is for the investigation and your effort. Really appreciate that.
>
> Regards
> sw3
>
> On Sat, 15 May 2021 at 1:06 am, melanie witt <email address hidden>
> wrote:
>
>> ** Also affects: nova/train
>> Importance: Undecided
>> Status: New
>>
>> ** Also affects: nova/ussuri
>> Importance: Undecided
>> Status: New
>>
>> ** Also affects: nova/wallaby
>> Importance: Undecided
>> Status: New
>>
>> ** Also affects: nova/victoria
>> Importance: Undecided
>> Status: New
>>
>> --
>> You received this bug notification because you are subscribed to the bug
>> report.
>> https:/
>>
>> Title:
>> novnc allowing open direction which could potentially be used for
>> phishing
>>
>> Status in OpenStack Compute (nova):
>> In Progress
>> Status in OpenStack Compute (nova) train series:
>> New
>> Status in OpenStack Compute (nova) ussuri series:
>> New
>> Status in OpenStack Compute (nova) victoria series:
>> New
>> Status in OpenStack Compute (nova) wallaby series:
>> New
>> Status in OpenStack Security Advisory:
>> Incomplete
>>
>> Bug description:
>> This bug report is related to Security.
>>
>> Currently novnc is allowing open direction, which could potentially be
>> used for phishing attempts
>>
>> To test.
>> https://<sites' vnc domain>
>> include .. at the end
>>
>> For example:
>> http://
>>
>> It will redirect to example.com. You can replace example.com with some
>> legitimate domain or spoofed domain.
>>
>> The description of the risk is
>> By modifying untrusted URL input to a malicious site, an attacker may
>> successfully launch a phishing scam and steal user credentials.
>> Because the server name in the modified link is identical to the
>> original site, phishing attempts may have a more trustworthy appearance.
>>
>> To manage notifications about this bug go to:
>> https:/
>>
> --
> Sent from Gmail Mobile. Please excuse random autocorrects and "tpyos"
>
--
Sent from Gmail Mobile. Please excuse random autocorrects and "tpyos"