CVE-2014-3632

The default configuration in a sudoers file in the Red Hat openstack-neutron package before 2014.1.2-4, as used in Red Hat Enterprise Linux Open Stack Platform 5.0 for Red Hat Enterprise Linux 6, allows remote attackers to gain privileges via a crafted configuration file. NOTE: this vulnerability...

PT-2014-5430 · Openstack · Openstack Neutron

Name of the Vulnerable Software and Affected Versions: openstack-neutron versions prior to 2014.1.2-4 Description: The default configuration in the sudoers file allows remote attackers to gain privileges via a crafted configuration file. This issue exists due to a regression. Recommendations: For...

DEBIAN-CVE-2014-6414

OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors...

CVE-2014-6414

OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors...

CVE-2014-6414

OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors...

openstack-neutron: regression of fix for CVE-2013-6433

It was discovered that the openstack-neutron package in Red Hat Enterprise Linux Open Stack Platform 5.0 for Red Hat Enterprise Linux 6 was released with a sudoers file containing a configuration error. This error caused OpenStack Networking to be vulnerable to the CVE-2013-6433 issue...

[USN-2321-1] OpenStack Neutron vulnerabilities

========================================================================== Ubuntu Security Notice USN-2321-1 August 21, 2014 neutron vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Ubuntu: Security Advisory (USN-2321-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : OpenStack Neutron vulnerabilities (USN-2321-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2321-1 advisory. Liping Mao discovered that OpenStack Neutron did not properly handle requests for a large number of allowed address pairs. A remote authenticated attacke...

USN-2321-1: OpenStack Neutron vulnerabilities

Liping Mao discovered that OpenStack Neutron did not properly handle requests for a large number of allowed address pairs. A remote authenticated attacker could exploit this to cause a denial of service. CVE-2014-3555 Zhi Kun Liu discovered that OpenStack Neutron incorrectly filtered certain...

USN-2321-1 neutron vulnerabilities

Liping Mao discovered that OpenStack Neutron did not properly handle requests for a large number of allowed address pairs. A remote authenticated attacker could exploit this to cause a denial of service. CVE-2014-3555 Zhi Kun Liu discovered that OpenStack Neutron incorrectly filtered certain...

openstack-neutron: Denial of Service in Neutron allowed address pair

A denial of service flaw was found in neutron's handling of allowed address pairs. As there was no enforced quota on the amount of allowed address pairs, a sufficiently authorized user could possibly create a large number of firewall rules, impacting performance or potentially rendering a compute...

Fedora Update for openstack-neutron FEDORA-2014-8743

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 20 : openstack-neutron-2013.2.3-13.fc20 (2014-8743)

Security fix for CVE-2014-3555 Moved python files back to python-neutron to avoid breaking hidden dependencies, rhbz1120146. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean an...

DEBIAN-CVE-2014-3555

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service crash or long firewall rule updates by creating a large number of allowed address pairs...

CVE-2014-3555

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service crash or long firewall rule updates by creating a large number of allowed address pairs...

CVE-2014-3555

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service crash or long firewall rule updates by creating a large number of allowed address pairs...

Code injection

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service crash or long firewall rule updates by creating a large number of allowed address pairs...

CVE-2014-3555

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service crash or long firewall rule updates by creating a large number of allowed address pairs...

PT-2014-5393 · Openstack +1 · Openstack Neutron +1

Name of the Vulnerable Software and Affected Versions: OpenStack Neutron versions before 2013.2.4 OpenStack Neutron versions 2014.x before 2014.1.2 OpenStack Neutron Juno before Juno-2 Description: The issue allows remote authenticated users to cause a denial of service by creating a large number...