Kseifried

**Name of the Vulnerable Software and Affected Versions** ctdb versions prior to 2.3 **Description** The issue is related to the insecure creation of temporary files in ctdb, which has an unspecified impact. This is connected to several temporary file vulnerabilities found in various parts of the ctdb code, including `tcp/tcp connect.c`, `server/eventscript.c`, `tools/ctdb diagnostics`, `config/gdb backtrace`, and `include/ctdb private.h`. **Recommendations** For versions prior to 2.3, update to version 2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to temporary files created by ctdb to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** OpenStack devstack (affected versions not specified) **Description** The issue allows local users to obtain sensitive information, including the LDAP password and admin token secret, by reading the keystone.conf file due to its world-readable permissions. **Recommendations** For devstack, consider changing the permissions of the keystone.conf file to restrict read access to authorized users only, until a more permanent fix is available.

**Name of the Vulnerable Software and Affected Versions** OpenStack Identity (Keystone) version 2013.1.1 **Description** The issue allows local users to obtain sensitive information by reading the log file when DEBUG mode logging is enabled. Specifically, it logs the `admin token` and `LDAP password` in plaintext. **Recommendations** For OpenStack Identity (Keystone) version 2013.1.1, consider disabling DEBUG mode logging to prevent sensitive information from being logged in plaintext. As a temporary workaround, restrict access to the log file to minimize the risk of exploitation.