Ubuntu 12.04 LTS / 12.10 / 13.10 : swift vulnerability (USN-2207-1)
Medium Nessus Plugin ID 73904
SynopsisThe remote Ubuntu host is missing a security-related patch.
DescriptionSamuel Merritt discovered a timing attack vulnerability in OpenStack Swift. If Swift was configured to use the TempURL middleware, an attacker could exploit this to guess valid secret URLs and obtain unintended access to objects publicly shared with specific recipients.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected python-swift package.