7701 matches found
CVE-2012-3360
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
CVE-2012-3361
virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...
CVE-2012-3361
CVE-2012-3361 affects OpenStack OpenStack Compute (Nova) in Folsom (2012.2), Essex (2012.1), and Diablo (2011.3). The issue is in virt/disk/api.py where remote authenticated users can overwrite arbitrary files via a symlink attack on a file located within an image. The root cause is improper hand...
CVE-2012-3360
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
CVE-2012-3361
virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...
Fedora 17 : openstack-nova-2012.1.1-3.fc17 (2012-10420)
Update to latest essex stable branch - Distinguish volume overlimit exceptions - Prohibit host file corruption through file injection CVE-2012-3360, CVE-2012-3361 - Support injecting new .ssh/authorizedkeys files to SELinux enabled guests Note that Tenable Network Security has extracted the...
Fedora 16 : openstack-nova-2011.3.1-11.fc16 (2012-10418)
Prohibit host file corruption through file injection CVE-2012-3361 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
[SECURITY] Fedora 17 Update: openstack-nova-2012.1.1-3.fc17
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...
[SECURITY] Fedora 16 Update: openstack-nova-2011.3.1-11.fc16
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...
CVE-2012-3371
The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...
DEBIAN-CVE-2012-3371
The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...
CVE-2012-3371
The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...
PYSEC-2012-40
The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...
Design/Logic Flaw
The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...
PYSEC-2012-40
The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...
CVE-2012-3371
The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...
CVE-2012-3371
The CVE refers to OpenStack Nova (Compute) scheduler vulnerability in Folsom (2012.2) and Essex (2012.1). When scheduler filters DifferentHostFilter or SameHostFilter are enabled, remote authenticated users can trigger a denial of service by sending requests with many repeated IDs in the os:sched...
CVE-2012-3371
The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...
USN-1501-1: Nova vulnerability
Dan Prince discovered that the Nova scheduler, when using DifferentHostFilter or SameHostFilter, would make repeated database instance lookup calls based on passed scheduler hints. An authenticated attacker could use this to cause a denial of service...
CVE-2012-3371
The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...