7754 matches found
Oracle Solaris Third-Party Patch Update : keystone (cve_2014_7144_cryptographic_issues)
The remote Solaris system is missing necessary patches to address security updates : - OpenStack keystonemiddleware formerly python-keystoneclient 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the 'insecure' option is set in a paste configuration paste.ini file...
CVE-2014-8153
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service blocked router update processing by creating eight routers and assigning an ipv6 non-provider subnet to each...
CVE-2014-8153
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service blocked router update processing by creating eight routers and assigning an ipv6 non-provider subnet to each...
Code injection
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service blocked router update processing by creating eight routers and assigning an ipv6 non-provider subnet to each...
UBUNTU-CVE-2014-8153
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service blocked router update processing by creating eight routers and assigning an ipv6 non-provider subnet to each...
CVE-2014-8153
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service blocked router update processing by creating eight routers and assigning an ipv6 non-provider subnet to each...
CVE-2014-8153
The CVE-2014-8153 entry affects the L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2 when using radvd 2.0+. A remote authenticated user can cause a denial of service (blocked router update processing) by creating eight routers and assigning an IPv6 non-provider subnet to each. Connected adv...
CVE-2014-8153
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service blocked router update processing by creating eight routers and assigning an ipv6 non-provider subnet to each...
Moderate: Red Hat Security Advisory: openstack-neutron security update
Updated openstack-neutron packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 4.0 Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
openstack-neutron: DoS via maliciously crafted dns_nameservers
A denial of service flaw was found in the way neutron handled the 'dnsnameservers' parameter. By providing specially crafted 'dnsnameservers' values, an authenticated user could use this flaw to crash the neutron service...
OpenStack Neutron Local Denial of Service Vulnerability
OpenStack is a cloud computing software developed by NASA and Rackspace. A local denial of service vulnerability exists in OpenStack Neutron, which can be exploited by an attacker to cause a denial of service...
Moderate: Red Hat Security Advisory: python-keystoneclient security update
Updated python-keystoneclient packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detaile...
CVE-2014-9493
The V2 API in OpenStack Image Registry and Delivery Service Glance before 2014.2.2 and 2014.1.4 allows remote authenticated users to read or delete arbitrary files via a full pathname in a file: URL in the image location property...
DEBIAN-CVE-2014-9493
The V2 API in OpenStack Image Registry and Delivery Service Glance before 2014.2.2 and 2014.1.4 allows remote authenticated users to read or delete arbitrary files via a full pathname in a file: URL in the image location property...
CVE-2014-9493
The V2 API in OpenStack Image Registry and Delivery Service Glance before 2014.2.2 and 2014.1.4 allows remote authenticated users to read or delete arbitrary files via a full pathname in a file: URL in the image location property...
Design/Logic Flaw
The V2 API in OpenStack Image Registry and Delivery Service Glance before 2014.2.2 and 2014.1.4 allows remote authenticated users to read or delete arbitrary files via a full pathname in a file: URL in the image location property...
CVE-2014-9493
The V2 API in OpenStack Image Registry and Delivery Service Glance before 2014.2.2 and 2014.1.4 allows remote authenticated users to read or delete arbitrary files via a full pathname in a file: URL in the image location property...
CVE-2014-9493
The V2 API in OpenStack Image Registry and Delivery Service Glance before 2014.2.2 and 2014.1.4 allows remote authenticated users to read or delete arbitrary files via a full pathname in a file: URL in the image location property...
CVE-2014-9493
The V2 API in OpenStack Image Registry and Delivery Service Glance before 2014.2.2 and 2014.1.4 allows remote authenticated users to read or delete arbitrary files via a full pathname in a file: URL in the image location property...
CVE-2014-9493
OpenStack Glance V2 API (before 2014.2.2 and 2014.1.4) allows remote authenticated users to read or delete arbitrary files via a full pathname in a file: URL in the image location property. Root cause is a path traversal flaw in the V2 image location handling; impact includes potential exposure o...