7713 matches found
CVE-2013-0212
store/swift.py in OpenStack Glance Essex 2012.1, Folsom 2012.2 before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive...
CVE-2013-0247
OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service disk consumption via many invalid token requests that trigger excessive generation of log entries...
CVE-2013-0247
OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service disk consumption via many invalid token requests that trigger excessive generation of log entries...
DEBIAN-CVE-2013-0247
OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service disk consumption via many invalid token requests that trigger excessive generation of log entries...
Code injection
OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service disk consumption via many invalid token requests that trigger excessive generation of log entries...
CVE-2013-0247
OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service disk consumption via many invalid token requests that trigger excessive generation of log entries...
CVE-2013-0247
OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service disk consumption via many invalid token requests that trigger excessive generation of log entries...
CVE-2013-0247
CVE-2013-0247 affects OpenStack Keystone: Essex 2012.1.3 and earlier; Folsom 2012.2.3 and earlier; Grizzly grizzly-2 and earlier. Root cause is excessive token-validation attempts generating many log entries, leading to disk usage and partial availability impact. Patches exist via OpenStack keyst...
[USN-1731-1] OpenStack Cinder vulnerability
========================================================================== Ubuntu Security Notice USN-1731-1 February 21, 2013 cinder vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[USN-1734-1] OpenStack Nova vulnerability
========================================================================== Ubuntu Security Notice USN-1734-1 February 21, 2013 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[USN-1730-1] OpenStack Keystone vulnerabilities
========================================================================== Ubuntu Security Notice USN-1730-1 February 20, 2013 keystone vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...
PT-2013-2160 · Openstack · Openstack Glance
Name of the Vulnerable Software and Affected Versions: OpenStack Glance versions 2012.1, 2012.2 before 2012.2.3, and 2012.2.3 and earlier of Grizzly Description: The issue allows remote authenticated users to obtain sensitive information by reading error messages. This occurs when the Swift...
Fedora Update for openstack-keystone FEDORA-2013-2168
Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2013-2168 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora Update for openstack-keystone FEDORA-2013-2168
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
USN-1734-1: OpenStack Nova vulnerability
Joshua Harlow discovered that Nova would allow XML entity processing. A remote unauthenticated attacker could exploit this using the Nova API to cause a denial of service via resource exhaustion. CVE-2013-1664...
USN-1731-1: OpenStack Cinder vulnerability
Stuart Stent discovered that Cinder would allow XML entity processing. A remote unauthenticated attacker could exploit this using the Cinder API to cause a denial of service via resource exhaustion. CVE-2013-1664...
USN-1730-1: OpenStack Keystone vulnerabilities
Nathanael Burton discovered that Keystone did not properly verify disabled users. An authenticated but disabled user would continue to have access rights that were removed. CVE-2013-0282 Jonathan Murray discovered that Keystone would allow XML entity processing. A remote unauthenticated attacker...
CVE-2013-0282
OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the 1 user, 2 tenant, or 3 domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions...
Fedora 18 : openstack-keystone-2012.2.3-2.fc18 (2013-2168)
update to stable folsom release 2012.2.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
CVE-2013-1665
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External...