EUVD-2014-0905

Malware in sbrugna...

Vulnerabilities fixed in Oracle Communications

Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Remote code execution User rights Access to system data...

Restore to Google Cloud Engine Fails With "n1-standard-2 not found"

The Restore to Google Compute Engine utilizes the import-image API call, which in turn requires an N1 instance type, which is an instance type that is not available in certain regions...

GSD-2022-1002525 IP address filtering in Google Cloud Platform (GCP) version All versions as of 2022-06-07 and later (unfixed as of yet)

In Google Cloud Platform GCP, all versions as of 2022-06-07 and later unfixed as of yet an IP address filtering vulnerability exists in the Kubernetes control plane that can be attacked via other systems within Google Cloud Engine's network filtering is only applied to external IP addresses...

Security Bulletin: Incorrect access control list (ACL) might occur in case of a network retransmission, when Active Cloud Engine (ACE) is being used on IBM Storwize V7000 Unified system (CVE-2014-0875)

Summary Incorrect access control list ACL might occur in case of a network retransmission, when Active Cloud Engine ACE is being used. Vulnerability Details CVEID: CVE-2014-0875 DESCRIPTION: Active Cloud Engine ACE component of IBM V7000 Unified uses NFS client operations for data transmission. A...

CVE-2012-5509

aeolus-configserver-setup in the Aeolas Configuration Server, as used in Red Hat CloudForms Cloud Engine before 1.1.2, uses world-readable permissions for a temporary file in /tmp, which allows local users to read credentials by reading this file...

CVE-2012-6117

Aeolus Configuration Server, as used in Red Hat CloudForms Cloud Engine before 1.1.2, uses world-readable permissions for /var/log/aeolus-configserver/configserver.log, which allows local users to read plaintext passwords by reading the log file...

Design/Logic Flaw

Aeolus Configuration Server, as used in Red Hat CloudForms Cloud Engine before 1.1.2, uses world-readable permissions for /var/log/aeolus-configserver/configserver.log, which allows local users to read plaintext passwords by reading the log file...

Design/Logic Flaw

aeolus-configserver-setup in the Aeolas Configuration Server, as used in Red Hat CloudForms Cloud Engine before 1.1.2, uses world-readable permissions for a temporary file in /tmp, which allows local users to read credentials by reading this file...

CVE-2012-6117

CVE-2012-6117 affects Aeolus Configuration Server as used in Red Hat CloudForms Cloud Engine prior to 1.1.2. The issue is that /var/log/aeolus-configserver/configserver.log is world-readable, allowing local attackers to read plaintext passwords stored in the log file. Red Hat addressed this with ...

CVE-2012-5509

aeolus-configserver-setup in the Aeolas Configuration Server, as used in Red Hat CloudForms Cloud Engine before 1.1.2, uses world-readable permissions for a temporary file in /tmp, which allows local users to read credentials by reading this file...

CVE-2012-5509

CVE-2012-5509 affects Aeolus Configuration Server used with Red Hat CloudForms Cloud Engine prior to 1.1.2. The aeolus-configserver-setup script creates a world-readable temporary file in /tmp that contains credentials, enabling a local attacker to read them. Red Hat’s advisory for CloudForms Clo...

aeolus-configserver: aeolus-configserver-setup /tmp file conductor credentials leak

aeolus-configserver-setup in the Aeolas Configuration Server, as used in Red Hat CloudForms Cloud Engine before 1.1.2, uses world-readable permissions for a temporary file in /tmp, which allows local users to read credentials by reading this file...