7746 matches found
USN-2194-1: OpenStack Neutron vulnerability
Aaron Rosen discovered that OpenStack Neutron did not properly perform authorization checks when creating ports when using plugins relying on the l3-agent. A remote authenticated attacker could exploit this to access the network of other tenants...
USN-2193-1: OpenStack Glance vulnerability
Paul McMillan discovered that the Sheepdog backend in OpenStack Glance did not properly handle untrusted input. A remote authenticated attacker exploit this to execute arbitrary commands as the glance user...
Fedora Update for python-keystoneclient FEDORA-2014-5555
Check for the Version of python-keystoneclient OpenVAS Vulnerability Test Fedora Update for python-keystoneclient FEDORA-2014-5555 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Fedora Update for python-django-horizon FEDORA-2014-5002
Check for the Version of python-django-horizon OpenVAS Vulnerability Test Fedora Update for python-django-horizon FEDORA-2014-5002 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Fedora 20 : qemu-1.6.2-4.fc20 (2014-5825)
Fix arm sd warnings with latest kernel bz 1091548 - Fix regression in CVE backport that affects openstack thanks lbezdick - Fix guest startup crashes from autotest bz 1081610 - Block/image format validation CVE-2014-0142 - 2014-0148 bz 1078201, bz 1086710, bz 1079140, bz 1086724, bz 1079240, bz...
(RHSA-2014:0463) Low: Red Hat Enterprise Linux OpenStack Platform 3.0 - 90 Day Retirement Notice
In accordance with the Red Hat Enterprise Linux OpenStack Platform Support Policy, the one-year life cycle of Production Support for version 3 will end on July 31, 2014. On August 1, 2014, Red Hat Enterprise Linux OpenStack Platform version 3 will enter an inactive state and will no longer receiv...
openstack-glance: remote code execution in Glance Sheepdog backend
The Sheepdog backend in OpenStack Image Registry and Delivery Service Glance 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location...
Important: Red Hat Security Advisory: openstack-glance security update
Updated openstack-glance packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
Moderate: Red Hat Security Advisory: Django security update
Updated Django packages that fix three security issues are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
Moderate: Red Hat Security Advisory: Django security update
Updated Django packages that fix three security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
Important: Red Hat Security Advisory: python-keystoneclient security update
Updated python-keystoneclient packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which give...
CVE-2014-0187
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...
CVE-2014-0187
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...
DEBIAN-CVE-2014-0187
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...
Security feature bypass
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...
CVE-2014-0187
CVE-2014-0187 affects OpenStack Neutron where openvswitch-agent could bypass security group rules by using an invalid CIDR in a security group rule, preventing subsequent rules from applying. The issue affected OpenStack Neutron releases prior to 2013.2.4 (and 2014.1 prior to 2014.1.1); multiple ...
CVE-2014-0187
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...
UBUNTU-CVE-2014-0187
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...
CVE-2014-0187
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...
DEBIAN-CVE-2014-0162
The Sheepdog backend in OpenStack Image Registry and Delivery Service Glance 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location...