Directory traversal

keystone/middleware/authtoken.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova...

PYSEC-2013-45

keystone/middleware/authtoken.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova...

CVE-2013-2030

keystone/middleware/authtoken.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova...

CVE-2013-2030

CVE-2013-2030 affects OpenStack Nova (keystone/middleware/auth_token.py) in Folsom, Grizzly, and Havana. It uses an insecure temporary directory to store signing certificates, enabling local users to spoof servers by pre-creating the directory (e.g., /tmp/keystone-signing-nova on Fedora). Several...

CVE-2013-2030

keystone/middleware/authtoken.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova...

CVE-2013-6795

The Updater in Rackspace Openstack Windows Guest Agent for XenServer before 1.2.6.0 allows remote attackers to execute arbitrary code via a crafted serialized .NET object to TCP port 1984, which triggers the download and extraction of a ZIP file that overwrites the Agent service binary...

Design/Logic Flaw

The Updater in Rackspace Openstack Windows Guest Agent for XenServer before 1.2.6.0 allows remote attackers to execute arbitrary code via a crafted serialized .NET object to TCP port 1984, which triggers the download and extraction of a ZIP file that overwrites the Agent service binary...

CVE-2013-6795

CVE-2013-6795 affects Rackspace OpenStack Windows Guest Agent for XenServer prior to 1.2.6.0. The Updater accepts a serialized .NET object over TCP port 1984, triggering download and extraction of a ZIP that overwrites the Agent binary, enabling remote code execution. Impact: remote arbitrary cod...

CVE-2013-6795

The Updater in Rackspace Openstack Windows Guest Agent for XenServer before 1.2.6.0 allows remote attackers to execute arbitrary code via a crafted serialized .NET object to TCP port 1984, which triggers the download and extraction of a ZIP file that overwrites the Agent service binary...

PT-2013-6113 · Rackspace · Rackspace Openstack Windows Guest Agent

Name of the Vulnerable Software and Affected Versions: Rackspace Openstack Windows Guest Agent for XenServer versions prior to 1.2.6.0 Description: The issue allows remote attackers to execute arbitrary code via a crafted serialized .NET object to TCP port 1984. This triggers the download and...

[USN-2062-1] OpenStack Horizon vulnerability

========================================================================== Ubuntu Security Notice USN-2062-1 December 20, 2013 horizon vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

OpenStack multiple security vulnerabilities

DoS, information leakage...

USN-2062-1: OpenStack Horizon vulnerability

Chris Chapman discovered cross-site scripting XSS vulnerabilities in Horizon via the Volumes and Network Topology pages. An authenticated attacker could exploit these to conduct stored cross-site scripting XSS attacks against users viewing these pages in order to modify the contents or steal...

USN-2061-1: OpenStack Keystone vulnerability

Steven Hardy discovered that Keystone did not properly enforce trusts when using the ec2tokens API. An authenticated attacker could exploit this to retrieve a token not scoped to the trust and elevate privileges to the trustor's roles...

Fedora Update for openstack-nova FEDORA-2013-22693

Check for the Version of openstack-nova OpenVAS Vulnerability Test Fedora Update for openstack-nova FEDORA-2013-22693 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

Fedora Update for openstack-nova FEDORA-2013-22693

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenStack Neutron/Nova信息泄漏漏洞

Bugtraq ID:64250 CVE ID:CVE-2013-6419 OpenStack Neutron提供一套标准化流程以创建网络、向其中接入网络设备并添加可通过API加以管理的其它网络组件。OpenStack Nova提供虚拟计算服务。 OpenStack Neutron/Nova对端口绑定缺少授权，通过猜测instanceid，租户可获取到其他租户的元数据数据，导致敏感信息泄漏。 0 OpenStack Neutron/Nova 厂商补丁： OpenStack ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： Icehouse developme...

OpenStack Heat CFN策略安全绕过漏洞

Bugtraq ID:64243 CVE ID:CVE-2013-6426 OpenStack Heat类似于亚马逊的CloudFormation,它可以基于政策对可能发生的情况定义一个模板。 OpenStack Heat默认API策略实施存在安全漏洞，通过调用CreateStack或UpdateStack方法，in-instance用户可创建或者更新与默认策略相冲突的栈。使用Heat's cloudformation-compatible API的设置受此漏洞影响。 0 OpenStack Heat 2013.x 厂商补丁： OpenStack -----...

OpenStack Keystone EC2-style令牌校验特权提升漏洞

Bugtraq ID:64253 CVE ID:CVE-2013-6391 Keystone是Openstack中用于身份验证的项目，任何服务请求需要经过它的验证获得服务的endpoint。 OpenStack Keystone在使用trust-scoped令牌生成EC2验证凭据时ec2tokens API存在一个安全漏洞，允许远程利用漏洞访问其他受限委托人角色trustor's roles，提升权限。 要成功利用漏洞需要应用启用了EC2-style验证。 0 OpenStack Keystone 2013.x...

OpenStack Heat ReST API校验特权提升漏洞

Bugtraq ID:64257 CVE ID:CVE-2013-6428 OpenStack Heat类似于亚马逊的CloudFormation,它可以基于政策对可能发生的情况定义一个模板。 OpenStack Heat应用没有正确校验通过"tenantid" ReST API参数传递的租户ID，允许远程攻击者可以利用该漏洞伪造其他租户，提升权限。需要知道目标租户ID来利用该漏洞。 0 OpenStack Heat 2013.x 目前厂商暂无提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.openstack.org/...