7759 matches found
[SECURITY] [DSA 3292-1] cinder security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3292-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 19, 2015 https://www.debian.org/security/faq -...
DSA-3292-1 cinder - security update
Bulletin has no description...
Debian Security Advisory DSA 3292-1 (cinder - security update)
Bastian Blank from credativ discovered that cinder, a storage-as-a-service system for the OpenStack cloud computing suite, contained a bug that would allow an authenticated user to read any file from the cinder server. OpenVAS Vulnerability Test $Id: deb3292.nasl 6609 2017-07-07 12:05:59Z cfische...
The vulnerability of the OpenStack cloud service platform allows a hacker to execute arbitrary commands.
The vulnerability of the OpenStack cloud platform lies in the use of the default password “CHANGEME” for the pcsd daemon. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
Fedora 22 : openstack-glance-2014.2.3-1.fc22 (2015-6169)
Update to upstream 2014.2.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
[SECURITY] Fedora 22 Update: openstack-glance-2014.2.3-1.fc22
OpenStack Image Service code-named Glance provides discovery, registratio n, and delivery services for virtual disk images. The Image Service API server provides a standard REST interface for querying information about virtual d isk images stored in a variety of back-end stores, including OpenSta...
CVE-2015-3988
Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...
CVE-2015-3988
Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...
DEBIAN-CVE-2015-3988
Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...
CVE-2015-3988
Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...
CVE-2015-3988
Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...
CVE-2015-3988
Multiple cross-site scripting XSS vulnerabilities in OpenStack Dashboard Horizon 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a 1 Glance image, 2 Nova flavor or 3 Host Aggregate...
CVE-2015-3988
OpenStack Horizon vulnerability CVE-2015-3988 involves multiple XSS flaws in the Horizon dashboard (OpenStack Dashboard), exploitable when metadata is supplied to Glance images, Nova flavors, or Host Aggregates. Affected software is OpenStack Horizon (version 2015.1.0) with remote authentication ...
OpenStack Horizon Metadata Panel HTML Injection Vulnerability
Horizon is a web control panel for managing and controlling OpenStack services. An HTML injection vulnerability exists in the OpenStack Horizon metadata panel. Allowing an attacker to steal cookie-based authentication credentials and execute HTML or JavaScript code on an affected website...
CVE-2015-3646
OpenStack Identity Keystone before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backendargument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs...
CVE-2015-3646
OpenStack Identity Keystone before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backendargument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs...
DEBIAN-CVE-2015-3646
OpenStack Identity Keystone before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backendargument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs...
CVE-2015-3646
OpenStack Identity Keystone before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backendargument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs...
UBUNTU-CVE-2015-3646
OpenStack Identity Keystone before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backendargument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs...