16 matches found
EUVD-2017-0078
Malware in sbrugna...
OpenStack Nova-LXD bypass security restrictions
OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions...
GHSA-6XC7-4CX8-J3XC OpenStack Nova-LXD bypass security restrictions
OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions...
Security feature bypass
OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions...
PYSEC-2017-21
OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions...
CVE-2017-5936
OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions...
CVE-2017-5936
OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions...
CVE-2017-5936
OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions...
CVE-2017-5936
OpenStack Nova-LXD before 13.1.1 suffers a security-bypass due to incorrect veth-pair naming when applying Neutron security group rules to instances. The flaw allows remote attackers to bypass intended security restrictions. No explicit patch/version remediation is provided in the sources; e.g., ...
OpenStack Nova-LXD Security Bypass Vulnerability
Nova is the compute organization controller in the OpenStack cloud. All activities that support the lifecycle of instances in an OpenStack cloud are handled by Nova. A security bypass vulnerability exists in OpenStack Nova-LXD, which can be exploited by an attacker to bypass security restrictions...
USN-3195-1: Nova-LXD vulnerability
James Page discovered that Nova-LXD incorrectly set up virtual network devices when creating LXD instances. This could result in an unintended firewall configuration...
USN-3195-1 nova-lxd vulnerability
James Page discovered that Nova-LXD incorrectly set up virtual network devices when creating LXD instances. This could result in an unintended firewall configuration...
Ubuntu 16.04 LTS : Nova-LXD vulnerability (USN-3195-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3195-1 advisory. James Page discovered that Nova-LXD incorrectly set up virtual network devices when creating LXD instances. This could result in an unintended firewall...
Bypassing Neutron Security Group Rules
nova-lxd has a flaw which leads to bypass of Neutron Security Group Rules applied to Nova-LXD instance. The vulnerability is possible because it does not properly name the veth pairs, causing the network traffic to/from external hosts to be incorrectly allowed...
CVE-2017-5936
OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions...
UBUNTU-CVE-2017-5936
OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions...