269 matches found
PYSEC-2013-46
The v1 API in OpenStack Glance Essex 2012.1, Folsom 2012.2, and Grizzly, when using the single-tenant Swift or S3 store, reports the location field, which allows remote authenticated users to obtain the operator's backend credentials via a request for a cached image...
DEBIAN-CVE-2013-1840
The v1 API in OpenStack Glance Essex 2012.1, Folsom 2012.2, and Grizzly, when using the single-tenant Swift or S3 store, reports the location field, which allows remote authenticated users to obtain the operator's backend credentials via a request for a cached image...
CVE-2013-0212
store/swift.py in OpenStack Glance Essex 2012.1, Folsom 2012.2 before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive...
CVE-2013-0212
store/swift.py in OpenStack Glance Essex 2012.1, Folsom 2012.2 before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive...
PYSEC-2013-37
store/swift.py in OpenStack Glance Essex 2012.1, Folsom 2012.2 before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive...
CVE-2013-0212
store/swift.py in OpenStack Glance Essex 2012.1, Folsom 2012.2 before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive...
PT-2013-2160 · Openstack · Openstack Glance
Name of the Vulnerable Software and Affected Versions: OpenStack Glance versions 2012.1, 2012.2 before 2012.2.3, and 2012.2.3 and earlier of Grizzly Description: The issue allows remote authenticated users to obtain sensitive information by reading error messages. This occurs when the Swift...
Fedora Update for openstack-glance FEDORA-2013-1930
Check for the Version of openstack-glance OpenVAS Vulnerability Test Fedora Update for openstack-glance FEDORA-2013-1930 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modi...
Fedora Update for openstack-glance FEDORA-2013-1930
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected",...
Fedora 18 : openstack-glance-2012.2.3-1.fc18 (2013-1930)
Update to stable release 2012.2.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Important: Red Hat Security Advisory: openstack-glance security update
Updated openstack-glance packages that fix one security issue are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
openstack-glance: Backend password leak in Glance error message
store/swift.py in OpenStack Glance Essex 2012.1, Folsom 2012.2 before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive...
CVE-2013-0212
store/swift.py in OpenStack Glance Essex 2012.1, Folsom 2012.2 before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive...
Low: Red Hat Security Advisory: openstack-glance security update
Updated openstack-glance packages that fix multiple bugs and add various enhancements are now available for Red Hat OpenStack Essex. The openstack-glance packages allows virtual machine images to be discovered, registered and retrieved. It also includes a RESTful API to provide these services to...
OpenStack: Glance Authentication bypass for image deletion
The v1 API in OpenStack Glance Grizzly, Folsom 2012.2, and Essex 2012.1 allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482...
Fedora Update for openstack-glance FEDORA-2012-18085
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 18 : openstack-glance-2012.2-3.fc18 (2012-17901)
Fix Glance Authentication bypass for image deletion CVE-2012-4573 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
CVE-2012-5482
The v2 API in OpenStack Glance Grizzly, Folsom 2012.2, and Essex 2012.1 allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4573...
DEBIAN-CVE-2012-5482
The v2 API in OpenStack Glance Grizzly, Folsom 2012.2, and Essex 2012.1 allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4573...
CVE-2012-5482
The v2 API in OpenStack Glance Grizzly, Folsom 2012.2, and Essex 2012.1 allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4573...