7754 matches found
[SECURITY] Fedora 21 Update: python-django-horizon-2014.1.3-2.fc21
Horizon is a Django application for providing Openstack UI components. It allows performing site administrator viewing account resource usage, configuring users, accounts, quotas, flavors, etc. and end user operations start/stop/delete instances, create/restore snapshots, view instance VNC consol...
Multiple Security Bypass Vulnerabilities in OpenStack Neutron
OpenStack is a cloud computing software developed by NASA and Rackspace. OpenStack Neutron has multiple security bypass vulnerabilities that can be exploited by attackers to bypass certain security restrictions and perform unauthorized operations...
[SECURITY] Fedora 21 Update: docker-io-1.4.0-1.fc21
Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...
DEBIAN-CVE-2014-8124
OpenStack Dashboard Horizon before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page...
CVE-2014-8124
OpenStack Dashboard Horizon before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page...
CVE-2014-8124
OpenStack Dashboard Horizon before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page...
CVE-2014-8124
OpenStack Dashboard Horizon before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page...
UBUNTU-CVE-2014-8124
OpenStack Dashboard Horizon before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page...
Design/Logic Flaw
OpenStack Dashboard Horizon before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page...
CVE-2014-8124
OpenStack Dashboard Horizon before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page...
CVE-2014-8124
OpenStack Dashboard Horizon before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page...
CVE-2014-8124
CVE-2014-8124 affects OpenStack Horizon (Dashboard) prior to the 2014.1.3 series and the 2014.2.x series before 2014.2.1 when using db or memcached session engines. The issue is a denial of service caused by improper handling of session records, allowing an attacker to generate a large number of ...
PT-2014-8417
Name of the Vulnerable Software and Affected Versions OpenStack Dashboard Horizon versions prior to 2014.1.3 OpenStack Dashboard Horizon versions 2014.2.x prior to 2014.2.1 Description The issue arises from improper handling of session records when using a db or memcached session engine. This...
[SECURITY] Fedora 21 Update: docker-io-1.3.2-2.fc21
Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...
Low: Red Hat Security Advisory: openstack-trove security update
Updated openstack-trove packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System CVSS base scores,...
Trove: potential leak of passwords into log files
The strutils.maskpassword function in the OpenStack Oslo utility library, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 does not properly mask passwords when logging commands, which allows local users to obtain passwords by reading the log...
Trove: potential leak of passwords into log files
The processutils.execute function in OpenStack oslo-incubator, Cinder, Nova, and Trove before 2013.2.4 and 2014.1 before 2014.1.3 allows local users to obtain passwords from commands that cause a ProcessExecutionError by reading the log...
Low: Red Hat Security Advisory: qemu-kvm-rhev security update
Updated qemu-kvm-rhev packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, whi...
openstack-neutron: DoS via maliciously crafted dns_nameservers
A denial of service flaw was found in the way neutron handled the 'dnsnameservers' parameter. By providing specially crafted 'dnsnameservers' values, an authenticated user could use this flaw to crash the neutron service...
Moderate: Red Hat Security Advisory: openstack-neutron security and bug fix update
Updated openstack-neutron packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring...