735 matches found
CVE-2013-4428
OpenStack Image Registry and Delivery Service Glance Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the downloadimage policy is configured, does not properly restrict access to cached images, which allows remote authenticated users to read otherwise restricted images via an image...
CVE-2013-4428
CVE-2013-4428 affects the OpenStack Image Registry and Delivery Service (Glance) in the Folsom/Grizzly line before 2013.1.4 and Havana before 2013.2. The issue is a flaw in the download_image policy enforcement for cached system images: after an image is cached by an authorized download, any auth...
CVE-2013-4428
OpenStack Image Registry and Delivery Service Glance Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the downloadimage policy is configured, does not properly restrict access to cached images, which allows remote authenticated users to read otherwise restricted images via an image...
Ubuntu 12.10 / 13.04 : glance vulnerability (USN-2003-1)
Stuart McLaren discovered that Glance did not properly enforce the 'downloadimage' policy for cached images. An authenticated user could exploit this to obtain sensitive information in an image protected by this setting. Note that Tenable Network Security has extracted the preceding description...
USN-2004-1: python-glanceclient vulnerability
Thomas Leaman discovered that the Python client library for Glance did not properly verify SSL certificates. A remote attacker could exploit this to perform a machine-in-the-middle attack...
USN-2003-1: Glance vulnerability
Stuart McLaren discovered that Glance did not properly enforce the 'downloadimage' policy for cached images. An authenticated user could exploit this to obtain sensitive information in an image protected by this setting...
CVE-2013-4428
OpenStack Image Registry and Delivery Service Glance Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the downloadimage policy is configured, does not properly restrict access to cached images, which allows remote authenticated users to read otherwise restricted images via an image...
OpenStack: python-glanceclient failing SSL certificate check
The Python client library for Glance python-glanceclient before 0.10.0 does not properly check the preverifyok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate and allows...
CVE-2013-4111
The Python client library for Glance python-glanceclient before 0.10.0 does not properly check the preverifyok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate and allows...
DEBIAN-CVE-2013-4111
The Python client library for Glance python-glanceclient before 0.10.0 does not properly check the preverifyok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate and allows...
CVE-2013-4111
The Python client library for Glance python-glanceclient before 0.10.0 does not properly check the preverifyok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate and allows...
PYSEC-2013-11
The Python client library for Glance python-glanceclient before 0.10.0 does not properly check the preverifyok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate and allows...
Code injection
The Python client library for Glance python-glanceclient before 0.10.0 does not properly check the preverifyok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate and allows...
PYSEC-2013-11
The Python client library for Glance python-glanceclient before 0.10.0 does not properly check the preverifyok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate and allows...
CVE-2013-4111
The Python client library for Glance python-glanceclient before 0.10.0 does not properly check the preverifyok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate and allows...
CVE-2013-4111
The CVE concerns the Python client library for Glance, python-glanceclient, where versions before 0.10.0 fail to properly validate the server certificate (preverify_ok), allowing MITM spoofing via an arbitrary valid X.509 certificate. Impact: potential SSL-based credential/server spoofing. The is...
CVE-2013-4111
The Python client library for Glance python-glanceclient before 0.10.0 does not properly check the preverifyok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate and allows...
CVE-2013-4111
The Python client library for Glance python-glanceclient before 0.10.0 does not properly check the preverifyok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate and allows...
Fedora Update for heat-jeos FEDORA-2013-9715
Check for the Version of heat-jeos OpenVAS Vulnerability Test Fedora Update for heat-jeos FEDORA-2013-9715 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
[SECURITY] Fedora 19 Update: heat-jeos-9-1.fc19
This is a project for creating Just Enough Operating System images for heat. This project supports the following features: - Creates TDL files for use with oz - Creates compressed qcow2 files for use with libvirt/glance - Registers image files with glance...