Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update

Updated qemu-kvm-rhev packages that fix several security issues are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update

Updated qemu-kvm-rhev packages that fix several security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

[SECURITY] Fedora 20 Update: python-django-horizon-2013.2.3-1.fc20

Horizon is a Django application for providing Openstack UI components. It allows performing site administrator viewing account resource usage, configuring users, accounts, quotas, flavors, etc. and end user operations start/stop/delete instances, create/restore snapshots, view instance VNC consol...

Fedora Update for openstack-keystone FEDORA-2014-4903

Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2014-4903 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Fedora Update for openstack-keystone FEDORA-2014-4903

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 20 : openstack-keystone-2013.2.3-2.fc20 (2014-4903)

updated to stable havana 2013.2.3 release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVE...

CVE-2014-0071

PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...

CVE-2014-0071

PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...

DEBIAN-CVE-2014-0071

PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...

Design/Logic Flaw

PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...

CVE-2014-0071

PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...

UBUNTU-CVE-2014-0071

PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...

CVE-2014-0071

PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...

CVE-2014-0071

CVE-2014-0071 affects PackStack in Red Hat OpenStack 4.0, where PackStack did not correctly enforce default security group rules when deployed to Neutron, allowing remote attackers to bypass access restrictions and reach otherwise restricted systems. The issue is documented in RHSA-2014:0233 and ...

CVE-2014-0071

PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...

[SECURITY] Fedora 20 Update: openstack-keystone-2013.2.3-2.fc20

Keystone is a Python implementation of the OpenStack http://www.openstack.org identity service API. This package contains the Keystone daemon...

Important: Red Hat Security Advisory: python-keystoneclient security update

Updated python-keystoneclient packages that fix one security issue are now available for Red Hat Storage 2.1. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

OpenStack Keystone V3 API验证拒绝服务漏洞

Bugtraq ID:65736 CVE ID:CVE-2014-2828 Keystone是Openstack中用于身份验证的项目，任何服务请求需要经过它的验证获得服务的endpoint。 OpenStack Keystone V3 API验证存在漏洞，攻击者可以利用漏洞发送特制的请求使Keystone服务崩溃，造成拒绝服务攻击。 0 OpenStack Keystone 目前厂商已经发布了升级补丁以修复漏洞，请下载使用：...

OpenStack Nova RBAC安全绕过漏洞

Bugtraq ID:65753 CVE ID:CVE-2014-0167 OpenStack是由Rackspace和NASA共同开发的云计算平台，帮助服务商和企业内部实现类似于Amazon EC2和S3的云基础架构。OpenStack Nova提供虚拟计算服务。 OpenStack Nova EC2 API安全组实现存在安全漏洞，如addrules, removerules 和destroy方法，受限用户可使用EC2 API绕过限制对安全组进行未授权操作。 0 OpenStack Nova 2013.1 - 2013.2.3 用户可参考如下厂商提供的安全补丁以修复该漏洞：...

CVE-2014-0157

Cross-site scripting XSS vulnerability in the Horizon Orchestration dashboard in OpenStack Dashboard aka Horizon 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to inject arbitrary web script or HTML via the description field of a Heat template...