30 matches found
RHEL 5 : python (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python: Heap overflow in zipimporter module CVE-2016-5636 - python: Integer overflow in...
SUSE CVE-2013-0278
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1664, CVE-2013-1665. Reason: This candidate is a duplicate of CVE-2013-1664 and/or CVE-2013-1665. Notes: All CVE users should reference CVE-2013-1664 and/or CVE-2013-1665 instead of this candidate. All references and descriptions in this...
XML External Entity (XXE)
The openstack-nova packages provide OpenStack Compute code name Nova, which provides services for provisioning, managing, and using virtual machine instances. A denial of service flaw was found in the Extensible Markup Language XML parser used by Nova. A remote attacker could use this flaw to sen...
Security feature bypass
The security group extension in OpenStack Compute Nova Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service resource consumption and crash via an XML Entity Expansion XEE attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664...
Moderate: Red Hat Security Advisory: openstack-nova security and bug fix update
Updated openstack-nova packages that fix multiple security issues and various bugs are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
Fedora Update for openstack-keystone FEDORA-2013-10713
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for openstack-keystone FEDORA-2013-4590
Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2013-4590 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
CVE-2013-1664
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute Nova Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to cause a denial of service resource consumption and crash via an XML...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1664, CVE-2013-1665. Reason: This candidate is a duplicate of CVE-2013-1664 and/or CVE-2013-1665. Notes: All CVE users should reference CVE-2013-1664 and/or CVE-2013-1665 instead of this candidate. All references and...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1664, CVE-2013-1665. Reason: This candidate is a duplicate of CVE-2013-1664 and/or CVE-2013-1665. Notes: All CVE users should reference CVE-2013-1664 and/or CVE-2013-1665 instead of this candidate. All references and...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1664, CVE-2013-1665. Reason: This candidate is a duplicate of CVE-2013-1664 and/or CVE-2013-1665. Notes: All CVE users should reference CVE-2013-1664 and/or CVE-2013-1665 instead of this candidate. All references and...
CVE-2013-1664
The CVE-2013-1664 issue concerns the Python XML libraries (used by OpenStack components: Keystone Essex/Folsom/Grizzly, Nova Essex/Folsom, Cinder Folsom, Django, and possibly other products) that allow remote attackers to trigger a denial-of-service via XML Entity Expansion (XEE). The root cause ...
Moderate: Red Hat Security Advisory: Django security update
Updated Django packages that fix multiple security issues are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Moderate: Red Hat Security Advisory: openstack-cinder security and enhancement update
Updated openstack-cinder packages that fix two security issues and add one enhancement are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Ubuntu Update for python-django USN-1757-1
Check for the Version of python-django OpenVAS Vulnerability Test $Id: gbubuntuUSN17571.nasl 8650 2018-02-03 12:16:59Z teissa $ Ubuntu Update for python-django USN-1757-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is...
Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : python-django vulnerabilities (USN-1757-1)
James Kettle discovered that Django did not properly filter the Host HTTP header when processing certain requests. An attacker could exploit this to generate and display arbitrary URLs to users. Although this issue had been previously addressed in USN-1632-1, this update adds additional hardening...
Moderate: Red Hat Security Advisory: openstack-keystone security, bug fix, and enhancement update
Updated openstack-keystone packages that fix multiple security issues, various bugs, and add enhancements are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...
Fedora Update for openstack-keystone FEDORA-2013-2916
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for openstack-keystone FEDORA-2013-2916
Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2013-2916 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora 18 : openstack-keystone-2012.2.3-3.fc18 (2013-2916)
security updates: - ensure user and tenant are enabled CVE-2013-0282 - disable XML entity parsing CVE-2013-1664, CVE-2013-1665 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean...