Ubuntu Security Notice (C) 2013-2014 Canonical, Inc. / NASL script (C) 2013-2014 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
Eoghan Glynn and Alex Meade discovered that python-keystoneclient did
not properly perform expiry checks for the PKI tokens used in
Keystone. If Keystone were setup to use PKI tokens (the default in
Ubuntu 13.04), a previously authenticated user could continue to use a
PKI token for longer than intended.
Update the affected python-keystoneclient package.
Risk factor :
Medium / CVSS Base Score : 5.5
CVSS Temporal Score : 4.5
Public Exploit Available : true