Test ID:	1.3.6.1.4.1.25623.1.0.841450
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-1851-1)
Summary:	The remote host is missing an update for the 'python-keystoneclient' package(s) announced via the USN-1851-1 advisory.
Description:	Summary: The remote host is missing an update for the 'python-keystoneclient' package(s) announced via the USN-1851-1 advisory. Vulnerability Insight: Eoghan Glynn and Alex Meade discovered that python-keystoneclient did not properly perform expiry checks for the PKI tokens used in Keystone. If Keystone were setup to use PKI tokens (the default in Ubuntu 13.04), a previously authenticated user could continue to use a PKI token for longer than intended. Affected Software/OS: 'python-keystoneclient' package(s) on Ubuntu 13.04. Solution: Please install the updated package(s). CVSS Score: 5.5 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2104 RHSA-2013:0944 http://rhn.redhat.com/errata/RHSA-2013-0944.html USN-1851-1 http://www.ubuntu.com/usn/USN-1851-1 USN-1875-1 http://www.ubuntu.com/usn/USN-1875-1 [oss-security] 20130528 [OSSA 2013-014] Missing expiration check in Keystone PKI tokens validation (CVE-2013-2104) http://www.openwall.com/lists/oss-security/2013/05/28/7 https://bugs.launchpad.net/python-keystoneclient/+bug/1179615 openSUSE-SU-2013:1089 http://lists.opensuse.org/opensuse-updates/2013-06/msg00198.html
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.