7744 matches found
CVE-2014-0056
The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command...
OpenStack python-keystoneclient Cache安全绕过漏洞
OpenStack是由Rackspace和NASA共同开发的云计算平台,帮助服务商和企业内部实现类似于Amazon EC2和S3的云基础架构。 缓存处理多个,多次请求时存在错误,可被利用以另一个用户身份进行认证操作。 0 OpenStack python-keystoneclient 0.x OpenStack python-keystoneclient 0.7.0及之后版本以修复此漏洞,建议用户下载使用: https://launchpad.net/python-keystoneclient...
OpenStack Compute (Nova) VMWare驱动配额限制绕过拒绝服务漏洞
CVE ID:CVE-2014-2573 OpenStack是由Rackspace和NASA共同开发的云计算平台,帮助服务商和企业内部实现类似于Amazon EC2和S3的云基础架构。OpenStack Nova提供虚拟计算服务。 OpenStack Compute Nova中的VMWare驱动不正确把VM放入RESCURE状态,允许远程通过验证的用户请求VM放入RESCURE状态然后删除映像,可绕过额度限制,消耗资源进行拒绝服务攻击。 0 OpenStack Compute Nova 2013.2 - 2013.2.2 目前没有详细解决方案提供:...
CVE-2014-2573
The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...
CVE-2014-2573
The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...
DEBIAN-CVE-2014-2573
The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...
CVE-2014-2573
The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...
PYSEC-2014-113
The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...
PYSEC-2014-113
The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...
Design/Logic Flaw
The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...
UBUNTU-CVE-2014-2573
The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...
CVE-2014-2573
The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...
CVE-2014-2573
The VMWare driver in OpenStack Compute Nova 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service resource consumption by requesting the VM be put into rescue and then deleting the imag...
CVE-2014-2573
The VMware driver in OpenStack Compute (Nova) 2013.2–2013.2.2 does not correctly place VMs into RESCUE, allowing remote authenticated users to bypass quota and trigger a denial of service by rescuing the VM and then deleting the image. Related advisories (GHSA/OSV) reiterate the vulnerability and...
Fedora Update for python-swiftclient FEDORA-2014-3054
Check for the Version of python-swiftclient OpenVAS Vulnerability Test Fedora Update for python-swiftclient FEDORA-2014-3054 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
[SECURITY] Fedora 20 Update: python-swiftclient-2.0.2-1.fc20
Client library and command line utility for interacting with Openstack Object Storage API...
OpenStack Keystone Trustee令牌吊销失败安全绕过漏洞
Bugtraq ID:65895 CVE ID:CVE-2014-2237 Keystone是Openstack中用于身份验证的项目,任何服务请求需要经过它的验证获得服务的endpoint。 OpenStack Keystone Keystone内存令牌后端存在漏洞,当委托人提交启用模拟的可信令牌时,令牌仅添加到委托人令牌列表,但没添加到受托人令牌列表。这会导致受托人吊销令牌时不能使信任令牌正确失效。 使用memcache后端的Keystone受此漏洞影响。 0 Openstack Keystone 2013.1 - 2013.1.4 Openstack Keystone 2013.2 ...
DEBIAN-CVE-2013-6437
The libvirt driver in OpenStack Compute Nova before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service disk consumption by creating and deleting instances with unique ostype settings, which triggers the creation of a new ephemeral disk backing...
CVE-2013-6437
The libvirt driver in OpenStack Compute Nova before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service disk consumption by creating and deleting instances with unique ostype settings, which triggers the creation of a new ephemeral disk backing...
CVE-2013-6437
The libvirt driver in OpenStack Compute Nova before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service disk consumption by creating and deleting instances with unique ostype settings, which triggers the creation of a new ephemeral disk backing...