365 matches found
CVE-2015-7713
OpenStack Compute Nova before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made...
DEBIAN-CVE-2015-3280
OpenStack Compute nova before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service disk consumption by deleting instances while in the resize state...
CVE-2015-3280
OpenStack Compute nova before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service disk consumption by deleting instances while in the resize state...
CVE-2015-3280
OpenStack Compute nova before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service disk consumption by deleting instances while in the resize state...
PT-2015-6130 · Openstack +1 · Openstack Compute +1
Name of the Vulnerable Software and Affected Versions: OpenStack Compute nova versions before 2014.2.4 juno OpenStack Compute nova versions 2015.1.x before 2015.1.2 kilo Description: The issue allows remote authenticated users to cause a denial of service, specifically disk consumption, by deleti...
CVE-2015-3280
OpenStack Compute nova before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service disk consumption by deleting instances while in the resize state...
CVE-2015-3241
OpenStack Compute nova 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service disk, network, and other resource consumption by resizing and then deleting an instance...
CVE-2015-3241
OpenStack Compute nova 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service disk, network, and other resource consumption by resizing and then deleting an instance...
Design/Logic Flaw
OpenStack Compute nova 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service disk, network, and other resource consumption by resizing and then deleting an instance...
CVE-2015-3241
OpenStack Compute nova 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service disk, network, and other resource consumption by resizing and then deleting an instance...
Moderate: Red Hat Security Advisory: openstack-nova security update
Updated openstack-nova packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 7.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Important: Red Hat Security Advisory: openstack-nova security, bug fix, and enhancement update
Updated OpenStack Compute nova packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security...
OpenStack Compute websocket request source incorrect checksum validation hijacking vulnerability
OpenStack is a cloud computing platform developed by Rackspace and NASA to help service providers and on-premises organizations implement cloud infrastructures similar to Amazon EC2 and S3. OpenStack Compute and kilo fails to properly calibrate the source of Websocket requests vulnerability allow...
CVE-2015-0259
OpenStack Compute Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage...
CVE-2015-0259
OpenStack Compute Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage...
CVE-2015-0259
OpenStack Compute Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage...
Oracle Solaris Third-Party Patch Update : nova (cve_2014_3517_information_disclosure)
The remote Solaris system is missing necessary patches to address security updates : - api/metadata/handler.py in OpenStack Compute Nova before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess...
Oracle Solaris Third-Party Patch Update : nova (multiple_vulnerabilities_in_nova)
The remote Solaris system is missing necessary patches to address security updates : - The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service...
[USN-2407-1] OpenStack Nova vulnerabilities
========================================================================== Ubuntu Security Notice USN-2407-1 November 11, 2014 nova vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Important: Red Hat Security Advisory: openstack-nova security, bug fix, and enhancement update
Updated openstack-nova packages that fix two security issues, multiple bugs, and add enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common...