7701 matches found
CVE-2012-0030
Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified projectid URI parameter...
CVE-2011-4596
Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted 1 tarball or 2 manifest...
CVE-2011-4596
Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted 1 tarball or 2 manifest...
Directory traversal
Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted 1 tarball or 2 manifest...
DEBIAN-CVE-2011-4596
Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted 1 tarball or 2 manifest...
CVE-2011-4596
Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted 1 tarball or 2 manifest...
CVE-2011-4596
Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted 1 tarball or 2 manifest...
CVE-2011-4596
OpenStack Nova vulnerability CVE-2011-4596 affects OpenStack Nova before 2011.3.1 when EC2 API and the S3/RegisterImage image-registration method are enabled. It allows remote authenticated users to overwrite arbitrary files via a crafted tarball or manifest. Impact details in the reference CVSS ...
[SECURITY] Fedora 16 Update: openstack-nova-2011.3-13.fc16
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...
Fedora 16 : openstack-nova-2011.3-13.fc16 (2011-17111)
Also updates the libguestfs suppose Add --yes, --rootpw, and --novapw options to openstack-db-setup. Change the default database from sqlite to mysql. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted...
USN-1305-1: Nova vulnerability
David Black discovered that Nova did not properly perform input validation during image registration. An attacker could exploit this by registering a crafted image using the EC2 API or S3/RegisterImage method and overwrite files as the nova user...
CVE-2011-4596
Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted 1 tarball or 2 manifest...
Fedora 16 : openstack-nova-2011.3-6.fc16 (2011-15449)
This update fixes a password leak in the EC2 API. This update includes a block migration fix from upstream. ---------------------------------------------------------------------- -----= Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
[SECURITY] Fedora 16 Update: openstack-nova-2011.3-6.fc16
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...
[USN-1247-1] Nova vulnerability
========================================================================== Ubuntu Security Notice USN-1247-1 October 25, 2011 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
CVE-2011-4076
OpenStack Nova before 2012.1 allows someone with access to an EC2ACCESSKEY equivalent to a username to obtain the EC2SECRETKEY equivalent to a password. Exposing the EC2ACCESSKEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2SECRETKEY. A...
Ubuntu 10.04 LTS / 10.10 / 11.04 : qemu-kvm vulnerabilities (USN-1165-1)
Nelson Elhage discoverd that QEMU did not properly validate certain virtqueue requests from the guest. An attacker could exploit this to cause a denial of service of the guest or possibly execute code with the privileges of the user invoking the program. CVE-2011-2212 Stefan Hajnoczi discovered...
USN-1165-1: QEMU vulnerabilities
Nelson Elhage discoverd that QEMU did not properly validate certain virtqueue requests from the guest. An attacker could exploit this to cause a denial of service of the guest or possibly execute code with the privileges of the user invoking the program. CVE-2011-2212 Stefan Hajnoczi discovered...
Ubuntu Update for qemu-kvm USN-1145-1
Ubuntu Update for Linux kernel vulnerabilities USN-1145-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11451.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for qemu-kvm USN-1145-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net Thi...
USN-1145-1: QEMU vulnerabilities
It was discovered that QEMU did not properly perform validation of I/O operations from the guest which could lead to heap corruption. An attacker could exploit this to cause a denial of service of the guest or possibly execute code with the privileges of the user invoking the program. CVE-2011-17...