365 matches found
OpenStack Compute (Nova) 不安全目录权限漏洞
BUGTRAQ ID: 64266 CVECAN ID: CVE-2013-7048 OpenStack Compute Nova是用Python编写的云计算构造控制器,属于laaS系统的一部分。 OpenStack Compute Nova Havana、Grizzly在实现上存在不安全目录权限导致的安全漏洞,攻击者可利用此漏洞在受影响目录内执行未授权操作。 0 openstack Nova 厂商补丁: openstack --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
[SECURITY] Fedora 19 Update: openstack-nova-2013.1.4-3.fc19
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...
CVE-2013-4497
The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...
DEBIAN-CVE-2013-4497
The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...
CVE-2013-4497
The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...
CVE-2013-4497
Summary: CVE-2013-4497 affects the XenAPI backend of OpenStack Compute (Nova) in Folsom/Grizzly/Havana before 2013.2. The issue is that security groups were not properly reapplied after certain operations (resize or live migration), potentially exposing affected VM instances to unintended network...
CVE-2013-4497
The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...
CVE-2013-4469
OpenStack Compute Nova Folsom, Grizzly, and Havana, when usecowimages is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption by transferring an image with a large virtual size that does not contai...
Design/Logic Flaw
OpenStack Compute Nova Folsom, Grizzly, and Havana, when usecowimages is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption by transferring an image with a large virtual size that does not contai...
CVE-2013-4469
CVE-2013-4469 affects OpenStack Nova (Folsom, Grizzly, Havana) where use_cow_images=False allows a local attacker to cause a DoS by transferring a QCOW2 image with a large virtual size but little data, because the code does not verify the image’s virtual size. Root cause noted as an incomplete fi...
CVE-2013-4469
OpenStack Compute Nova Folsom, Grizzly, and Havana, when usecowimages is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption by transferring an image with a large virtual size that does not contai...
PT-2013-5030 · Openstack +1 · Openstack Compute +2
Name of the Vulnerable Software and Affected Versions: OpenStack Compute Nova versions Folsom through Havana Description: The issue allows local users to cause a denial of service host file system disk consumption by transferring an image with a large virtual size that does not contain a large...
CVE-2013-4469
OpenStack Compute Nova Folsom, Grizzly, and Havana, when usecowimages is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption by transferring an image with a large virtual size that does not contai...
CVE-2013-4185
Algorithmic complexity vulnerability in OpenStack Compute Nova before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service nova-network consumption via a large number of...
CVE-2013-4261
OpenStack Compute Nova Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause a denial of service connection pool consumption, as demonstrated using multiple requests that send...
CVE-2013-4185
Algorithmic complexity vulnerability in OpenStack Compute Nova before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service nova-network consumption via a large number of...
Design/Logic Flaw
Algorithmic complexity vulnerability in OpenStack Compute Nova before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service nova-network consumption via a large number of...
CVE-2013-4261
OpenStack Compute (Nova) Folsom, Grizzly, and earlier versions are affected when using the Apache Qpid RPC backend. The issue arises from improper error handling in messaging, allowing remote attackers to cause a denial of service via connection pool exhaustion by sending long strings to an insta...
CVE-2013-4261
OpenStack Compute Nova Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause a denial of service connection pool consumption, as demonstrated using multiple requests that send...
CVE-2013-4185
Algorithmic complexity vulnerability in OpenStack Compute Nova before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service nova-network consumption via a large number of...