6 matches found
Security Bulletin: IBM SmartCloud Orchestrator - OpenStack Compute SSL information disclosure (CVE-2013-6491)
Summary An attacker might exploit this vulnerability using man-in-the-middle techniques to obtain sensitive information. The python-qpid client common/rpc/implqpid.py in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpidprotocol is set to ssl. It allows remote attackers to...
Ubuntu: Security Advisory (USN-2247-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[USN-2247-1] OpenStack Nova vulnerabilities
========================================================================== Ubuntu Security Notice USN-2247-1 June 17, 2014 nova vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
Ubuntu 14.04 LTS : OpenStack Nova vulnerabilities (USN-2247-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2247-1 advisory. Darragh O'Reilly discovered that the Ubuntu packaging for OpenStack Nova did not properly set up its sudo configuration. If a different flaw was found in...
[USN-2208-1] OpenStack Cinder vulnerability
========================================================================== Ubuntu Security Notice USN-2208-1 May 06, 2014 cinder vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...
CVE-2013-6491
CVE-2013-6491 affects the OpenStack Oslo stack (OpenStack Nova) using the python-qpid client; specifically, the common/rpc/impl_qpid.py path does not enforce SSL when qpid_protocol is set to ssl, allowing remote attackers to sniff network traffic and obtain sensitive information. The root cause i...