CVE-2015-8914

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address...

CVE-2016-5363

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via 1 a crafted DHCP discovery message or 2 crafted non-IP traffi...

CVE-2015-8914

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address...

OpenStack NeutronMAC Source Address Spoofing Vulnerability

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace, Inc. in the U.S. Neutron is one of the networking components that provides Network-as-a-Service NaaS, which enables the creating networks between...

OpenStack Neutron DHCP Spoofing Vulnerability

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace, Inc. in the U.S. Neutron is one of the networking components that provides Network-as-a-Service NaaS, which enables the creating networks between...

OpenStack Neutron ICMPv6 Source Address Spoofing Vulnerability

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration NASA in collaboration with Rackspace, Inc. in the U.S. Neutron is one of the networking components that provides Network-as-a-Service NaaS, which enables the creating networks between...

SUSE-SU-2015:2220-1 Security update for openstack-nova and openstack-neutron

This update for openstack-nova and openstack-neutron provides various fixes and improvements. openstack-nova: - Fix instance filtering. bsc927625 - Remove error messages from multipath command output before parsing. bsc949529 - Fix live-migration usage of the wrong connector information. - Added...

DEBIAN-CVE-2015-5240

Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group...

CVE-2015-5240

Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group...

CVE-2015-5240

Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group...

SUSE-SU-2015:1890-1 Security update for openstack-neutron and crowbar-barclamp-neutron

This update provides security fixes and improvements for openstack-neutron and crowbar-barclamp-neutron. crowbar-barclamp-neutron: - Add infoblox support. - Add configurations required to support DHCP relay. - Create 'floating' network as 'flat' provider network. bsc946882 - Fix search for Nova...

OpenStack Neutron Firewall Security Bypass Vulnerability

OpenStack is a cloud platform management project. neutron is one of the networking components that provides network-as-a-service, enabling the creation of networks between OpenStack services, access to network devices into the mesh, and more. A security bypass vulnerability exists in Neutron,...

DEBIAN-CVE-2015-3221

OpenStack Neutron before 2014.2.4 juno and 2015.1.x before 2015.1.1 kilo, when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service L2 agent crash by adding an address pair that is rejected by the ipset tool...

CVE-2015-3221

OpenStack Neutron before 2014.2.4 juno and 2015.1.x before 2015.1.1 kilo, when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service L2 agent crash by adding an address pair that is rejected by the ipset tool...

PT-2015-6102 · Openstack · Openstack Neutron

Name of the Vulnerable Software and Affected Versions: OpenStack Neutron versions prior to 2014.2.4 juno OpenStack Neutron versions 2015.1.x prior to 2015.1.1 kilo Description: The issue allows remote authenticated users to cause a denial of service, resulting in an L2 agent crash. This occurs wh...

openstack-neutron: L2 agent DoS through incorrect allowed address pairs

A Denial-of-Service flaw was found in the OpenStack Networking neutron L2 agent when using the iptables firewall driver. By submitting an address pair that is rejected as invalid by the ipset tool with zero prefix size, an authenticated attacker can cause the L2 agent to crash...

OpenStack Neutron Denial of Service Vulnerability (CNVD-2015-04539)

OpenStack Neutron is a networking module for OpenStack that accommodates a large number of plug-ins that handle integration with other networking services. A denial-of-service vulnerability exists in OpenStack Neutron, which allows attackers to exploit this vulnerability to crash applications and...

Fedora Update for openstack-neutron FEDORA-2015-5997

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 20 : openstack-neutron-2013.2.4-8.fc20 (2015-5997)

2013.2.4 rebase; CVE-2014-7821 fixed. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

Oracle Solaris Third-Party Patch Update : neutron (cve_2014_6414_unauthenticated_access)

The remote Solaris system is missing necessary patches to address security updates : - OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors. CVE-2014-6414 %NASLMINLEVEL 70300 C...