3785 matches found
PYSEC-2012-21
virt/disk/api.py in OpenStack Compute Nova 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an...
CVE-2012-3447
virt/disk/api.py in OpenStack Compute Nova 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an...
CVE-2012-1585
OpenStack Compute Nova Essex before 2011.3 allows remote authenticated users to cause a denial of service Nova-API log file and disk consumption via a long server name...
CVE-2012-1585
OpenStack Compute Nova Essex before 2011.3 allows remote authenticated users to cause a denial of service Nova-API log file and disk consumption via a long server name...
CVE-2012-1585
OpenStack Compute Nova Essex before 2011.3 allows remote authenticated users to cause a denial of service Nova-API log file and disk consumption via a long server name...
CVE-2012-3447
virt/disk/api.py in OpenStack Compute Nova 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an...
[SECURITY] Fedora 17 Update: openstack-nova-2012.1.1-4.fc17
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...
DEBIAN-CVE-2012-3361
virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...
CVE-2012-3361
virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...
CVE-2012-3360
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
CVE-2012-3360
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
PYSEC-2012-39
virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...
Design/Logic Flaw
virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...
PYSEC-2012-38
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
CVE-2012-3360
CVE-2012-3360 affects OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1) when used with libvirt-based hypervisors. The vulnerability arises in virt/disk/api.py where a directory traversal via a .. in the path attribute of a file element allows remote authenticated users to write arbitrar...
CVE-2012-3361
CVE-2012-3361 affects OpenStack OpenStack Compute (Nova) in Folsom (2012.2), Essex (2012.1), and Diablo (2011.3). The issue is in virt/disk/api.py where remote authenticated users can overwrite arbitrary files via a symlink attack on a file located within an image. The root cause is improper hand...
[SECURITY] Fedora 17 Update: openstack-nova-2012.1.1-3.fc17
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...
[SECURITY] Fedora 16 Update: openstack-nova-2011.3.1-11.fc16
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...
CVE-2012-3371
The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...
PYSEC-2012-40
The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...