Lucene search
+L

43 matches found

nessus
nessus
added 2014/11/12 12:0 a.m.33 views

Ubuntu 14.04 LTS : OpenStack Nova vulnerabilities (USN-2407-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2407-1 advisory. Garth Mollett discovered that OpenStack Nova did not properly clean up an instance when using rescue mode with the VMWare driver. A remove authenticated...

2.7CVSS5.7AI score0.0171EPSS
Exploits1References3
osv
osv
added 2014/11/11 7:30 p.m.12 views

USN-2407-1 nova vulnerabilities

Garth Mollett discovered that OpenStack Nova did not properly clean up an instance when using rescue mode with the VMWare driver. A remove authenticated user could exploit this to bypass intended quota limits. By default, Ubuntu does not use the VMWare driver. CVE-2014-3608 Amrith Kumar discovere...

2.7CVSS5.8AI score0.0171EPSS
Exploits1References3
ubuntu
ubuntu
added 2014/11/11 7:30 p.m.60 views

USN-2407-1: OpenStack Nova vulnerabilities

Garth Mollett discovered that OpenStack Nova did not properly clean up an instance when using rescue mode with the VMWare driver. A remove authenticated user could exploit this to bypass intended quota limits. By default, Ubuntu does not use the VMWare driver. CVE-2014-3608 Amrith Kumar discovere...

2.7CVSS5.2AI score0.0171EPSS
Exploits1
redhat
redhat
added 2014/11/03 8:25 a.m.38 views

Important: Red Hat Security Advisory: openstack-nova security, bug fix, and enhancement update

Updated openstack-nova packages that fix two security issues, multiple bugs, and add enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common...

6.5CVSS5.8AI score0.02027EPSS
Exploits3References4
redhat
redhat
added 2014/11/03 8:25 a.m.2 views

openstack-nova: Nova VMware driver may connect VNC to another tenant's console

A race condition flaw was found in the way the nova VMware driver handled VNC port allocation. An authenticated user could use this flaw to gain unauthorized console access to instances belonging to other tenants by repeatedly spawning new instances. Note that only nova setups using the VMware...

6.5CVSS5.7AI score0.02027EPSS
Exploits0References4
redhat
redhat
added 2014/11/03 8:25 a.m.33 views

Important: Red Hat Security Advisory: openstack-nova security, bug fix, and enhancement update

Updated openstack-nova packages that fix two security issues, multiple bugs, and add enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common...

6.5CVSS5.8AI score0.02027EPSS
Exploits3References5
osv
osv
added 2014/10/31 2:55 p.m.7 views

CVE-2014-8333

The VMware driver in OpenStack Compute Nova before 2014.1.4 allows remote authenticated users to cause a denial of service disk consumption by deleting an instance in the resize state...

6AI score
Exploits0References8
cvelist
cvelist
added 2014/10/31 2:0 p.m.38 views

CVE-2014-8333

The VMware driver in OpenStack Compute Nova before 2014.1.4 allows remote authenticated users to cause a denial of service disk consumption by deleting an instance in the resize state...

6AI score0.02006EPSS
Exploits0References5
redhat
redhat
added 2014/10/22 5:21 p.m.33 views

Important: Red Hat Security Advisory: openstack-nova security, bug fix, and enhancement update

Updated openstack-nova packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System...

6.5CVSS5.8AI score0.02027EPSS
Exploits0References6
redhat
redhat
added 2014/10/22 5:21 p.m.5 views

openstack-nova: Nova VMware driver may connect VNC to another tenant's console

A race condition flaw was found in the way the nova VMware driver handled VNC port allocation. An authenticated user could use this flaw to gain unauthorized console access to instances belonging to other tenants by repeatedly spawning new instances. Note that only nova setups using the VMware...

6.5CVSS5.7AI score0.02027EPSS
Exploits0References4
osv
osv
added 2014/10/06 2:55 p.m.8 views

CVE-2014-3608

The VMWare driver in OpenStack Compute Nova before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: thi...

6.1AI score
Exploits0References7
osv
osv
added 2014/10/06 2:55 p.m.6 views

DEBIAN-CVE-2014-3608

The VMWare driver in OpenStack Compute Nova before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: thi...

2.7CVSS6.3AI score0.0171EPSS
Exploits1References1
cvelist
cvelist
added 2014/10/06 2:0 p.m.45 views

CVE-2014-3608

The VMWare driver in OpenStack Compute Nova before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: thi...

6.1AI score0.0171EPSS
Exploits1References5
debiancve
debiancve
added 2014/10/06 2:0 p.m.68 views

CVE-2014-3608

The VMWare driver in OpenStack Compute Nova before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: thi...

2.7CVSS6.1AI score0.0171EPSS
Exploits1
osv
osv
added 2014/10/06 12:0 a.m.3 views

UBUNTU-CVE-2014-3608

The VMWare driver in OpenStack Compute Nova before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: thi...

2.7CVSS5.8AI score0.0171EPSS
Exploits1References4
ubuntucve
ubuntucve
added 2014/10/06 12:0 a.m.32 views

CVE-2014-3608

The VMWare driver in OpenStack Compute Nova before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: thi...

2.7CVSS5.9AI score0.0171EPSS
Exploits1References3
osv
osv
added 2014/03/25 4:55 p.m.8 views

CVE-2014-2573

The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...

6AI score
Exploits0References4
nvd
nvd
added 2014/03/25 4:55 p.m.31 views

CVE-2014-2573

The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...

2.3CVSS6AI score0.00705EPSS
Exploits1References4
ubuntucve
ubuntucve
added 2014/03/25 4:55 p.m.38 views

CVE-2014-2573

The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...

2.3CVSS5.9AI score0.00705EPSS
Exploits1References2
osv
osv
added 2014/03/25 4:55 p.m.4 views

UBUNTU-CVE-2014-2573

The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...

2.3CVSS5.8AI score0.00705EPSS
Exploits1References3
Rows per page
Query Builder