8 matches found
FreeBSD : py-cinder -- data leak (f4a94232-7864-4afb-bbf9-ff2dc8e288d1)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f4a94232-7864-4afb-bbf9-ff2dc8e288d1 advisory. - The 1 GlusterFS and 2 Linux Smbfs drivers in OpenStack Cinder before 2014.1.3 allows remote...
cinderlib (>=2.1.0 <=4.1.0) potentially affected by CVE-2014-3641 via cinder (>=16.4.2 <=19.3.0)
cinder PYPI version =16.4.2, =2.1.0, =4.1.0 Source cves: CVE-2014-3641 Source advisory: OSV:GHSA-QHCH-G8QR-P497...
Ubuntu: Security Advisory (USN-2405-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : OpenStack Cinder vulnerabilities (USN-2405-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2405-1 advisory. Duncan Thomas discovered that OpenStack Cinder did not properly track the file format when using the GlusterFS of Smbfs drivers. A remote authenticated...
USN-2405-1: OpenStack Cinder vulnerabilities
Duncan Thomas discovered that OpenStack Cinder did not properly track the file format when using the GlusterFS of Smbfs drivers. A remote authenticated user could exploit this to potentially obtain file contents from the compute host. CVE-2014-3641 Amrith Kumar discovered that OpenStack Cinder di...
Fedora 21 : openstack-cinder-2014.1.3-1.fc21 (2014-12417)
Fix CVE-2014-3641 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Networ...
CVE-2014-3641
The CVE-2014-3641 issue affects OpenStack Cinder’s GlusterFS and Linux SMBFS drivers prior to 2014.1.3, enabling remote authenticated users to disclose file data from the Cinder-volume host by cloning and attaching a volume with a malicious qcow2 header. Public references note the remediation: up...
UBUNTU-CVE-2014-3641
The 1 GlusterFS and 2 Linux Smbfs drivers in OpenStack Cinder before 2014.1.3 allows remote authenticated users to obtain file data from the Cinder-volume host by cloning and attaching a volume with a crafted qcow2 header...