62 matches found
Important: Red Hat Security Advisory: openstack-packstack and openstack-puppet-modules update
Updated openstack-packstack and openstack-puppet-modules packages that fix one security issue and adds one enhancement are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security...
Important: Red Hat Security Advisory: openstack-packstack and openstack-puppet-modules security and bug fix update
Updated openstack-packstack and openstack-puppet-modules packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 6.0. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring...
CVE-2014-3703
OpenStack PackStack 2012.2.1, when the Open vSwitch OVS monolithic plug-in is not used, does not properly set the libvirtvifdriver configuration option when generating the nova.conf configuration, which causes the firewall to be disabled and allows remote attackers to bypass intended access...
Design/Logic Flaw
OpenStack PackStack 2012.2.1, when the Open vSwitch OVS monolithic plug-in is not used, does not properly set the libvirtvifdriver configuration option when generating the nova.conf configuration, which causes the firewall to be disabled and allows remote attackers to bypass intended access...
CVE-2014-3703
OpenStack PackStack 2012.2.1, when the Open vSwitch OVS monolithic plug-in is not used, does not properly set the libvirtvifdriver configuration option when generating the nova.conf configuration, which causes the firewall to be disabled and allows remote attackers to bypass intended access...
CVE-2014-3703
OpenStack PackStack 2012.2.1 vulnerable when the OVS monolithic plug-in is not used; PackStack-generated nova.conf may fail to set libvirt_vif_driver, which can disable the firewall and allow remote access bypass. Red Hat's RHSA-2014:1691 documents this issue and provides the fix in an updated Pa...
Neutron: security groups fail to block traffic properly due to packstack configuration
It was discovered that the nova.conf configuration generated by PackStack did not correctly set the libvirtvifdriver configuration option if the Open vSwitch OVS monolithic plug-in was not used. This could result in deployments defaulting to having the firewall disabled unless the nova...
Important: Red Hat Security Advisory: openstack-packstack security, bug fix, and enhancement update
Updated openstack-packstack packages that fix one security issue, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System...
CVE-2014-0071
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...
DEBIAN-CVE-2014-0071
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...
CVE-2014-0071
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...
Design/Logic Flaw
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...
CVE-2014-0071
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...
UBUNTU-CVE-2014-0071
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...
CVE-2014-0071
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...
CVE-2014-0071
CVE-2014-0071 affects PackStack in Red Hat OpenStack 4.0, where PackStack did not correctly enforce default security group rules when deployed to Neutron, allowing remote attackers to bypass access restrictions and reach otherwise restricted systems. The issue is documented in RHSA-2014:0233 and ...
CVE-2014-0071
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...
PackStack: Neutron Security Groups fail to block network traffic
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections...
Important: Red Hat Security Advisory: openstack-packstack security and bug fix update
Updated openstack-packstack packages that fix one security issue and multiple bugs are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base...
Moderate: Red Hat Security Advisory: puppet security update
Updated puppet packages that fix several security issues are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...