3786 matches found
UBUNTU-CVE-2013-7130
The icreateimagesandbacking aka createimagesandbacking method in libvirt driver in OpenStack Compute Nova Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users vi...
PT-2014-2798 · Openstack +1 · Openstack Compute +1
Name of the Vulnerable Software and Affected Versions: OpenStack Compute Nova versions Folsom through Havana Description: The issue allows local users to cause a denial of service, specifically host file system disk consumption, via a compressed QCOW2 image. This is due to the incomplete...
CVE-2013-7130
The icreateimagesandbacking aka createimagesandbacking method in libvirt driver in OpenStack Compute Nova Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users vi...
[SECURITY] Fedora 19 Update: openstack-nova-2013.1.4-6.fc19
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...
[SECURITY] Fedora 20 Update: openstack-nova-2013.2.1-4.fc20
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...
Fedora Update for openstack-nova FEDORA-2013-22667
Check for the Version of openstack-nova OpenVAS Vulnerability Test Fedora Update for openstack-nova FEDORA-2013-22667 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...
Moderate: Red Hat Security Advisory: openstack-nova security and bug fix update
Updated openstack-nova packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...
CVE-2013-7048
OpenStack Compute Nova Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots...
CVE-2013-7048
OpenStack Compute Nova Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots...
CVE-2013-7048
CVE-2013-7048 affects OpenStack Nova (Grizzly 2013.1.4, Havana 2013.2.1 and earlier). The libvirt/live-snapshot path permissions were world-writable/world-readable in the temporary directory used for live snapshots, allowing a local attacker with shell access to read and modify snapshots before u...
CVE-2013-7048
OpenStack Compute Nova Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots...
CVE-2013-7048
OpenStack Compute Nova Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots...
Keystone: trust circumvention through EC2-style tokens
The ec2tokens API in OpenStack Identity Keystone before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2toke...
Moderate: Red Hat Security Advisory: openstack-keystone security and bug fix update
Updated openstack-keystone packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base scor...
KALI Linux 1.0.6 released; officially added Emergency Self Destruct feature
A few days back the developers of one of the most advance open source operating system for penetration testing called 'KALI Linux' announced that they were planning to include "emergency self-destruction of LUKS".They patched a utility called cryptsetup, which introduces a self destruction featur...
[SECURITY] Fedora 20 Update: openstack-nova-2013.2.1-2.fc20
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...
Fedora Update for openstack-nova FEDORA-2013-22693
Check for the Version of openstack-nova OpenVAS Vulnerability Test Fedora Update for openstack-nova FEDORA-2013-22693 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...
[SECURITY] Fedora 20 Update: openstack-nova-2013.2-4.fc20
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...
OpenStack Compute (Nova) 不安全目录权限漏洞
BUGTRAQ ID: 64266 CVECAN ID: CVE-2013-7048 OpenStack Compute Nova是用Python编写的云计算构造控制器,属于laaS系统的一部分。 OpenStack Compute Nova Havana、Grizzly在实现上存在不安全目录权限导致的安全漏洞,攻击者可利用此漏洞在受影响目录内执行未授权操作。 0 openstack Nova 厂商补丁: openstack --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
[SECURITY] Fedora 19 Update: openstack-nova-2013.1.4-3.fc19
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...