Fedora Update for python-django-horizon FEDORA-2012-16148

Check for the Version of python-django-horizon OpenVAS Vulnerability Test Fedora Update for python-django-horizon FEDORA-2012-16148 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

[SECURITY] Fedora 17 Update: python-django-horizon-2012.1.3-1.fc17

Horizon is a Django application for providing Openstack UI components. It allows performing site administrator viewing account resource usage, configuring users, accounts, quotas, flavors, etc. and end user operations start/stop/delete instances, create/restore snapshots, view instance VNC consol...

DEBIAN-CVE-2012-4406

OpenStack Object Storage swift before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object...

CVE-2012-4406

OpenStack Object Storage swift before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object...

CVE-2012-4406

OpenStack Object Storage swift before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object...

Design/Logic Flaw

OpenStack Object Storage swift before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object...

CVE-2012-4406

OpenStack Swift prior to 1.7.0 is vulnerable: it uses the pickle loads function to serialize/deserialize metadata in memcached, enabling remote code execution via a crafted pickle object. Public advisories (RHSA-2012:1379) note that a fix exists but is not enabled by default; remediation involves...

CVE-2012-4406

OpenStack Object Storage swift before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object...

CVE-2012-4406

OpenStack Object Storage swift before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object...

PT-2012-5379 · Memcached +2 · Memcached +2

Name of the Vulnerable Software and Affected Versions: OpenStack Object Storage swift versions prior to 1.7.0 Description: The issue allows remote attackers to execute arbitrary code via a crafted pickle object. This is due to the unsafe use of the loads function in the pickle Python module when...

CVE-2012-4406

OpenStack Object Storage swift before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object...

Fedora Update for openstack-swift FEDORA-2012-15642

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for openstack-swift FEDORA-2012-15642

Check for the Version of openstack-swift OpenVAS Vulnerability Test Fedora Update for openstack-swift FEDORA-2012-15642 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

[SECURITY] Fedora 17 Update: openstack-swift-1.4.8-3.fc17

OpenStack Object Storage swift aggregates commodity servers to work toget her in clusters for reliable, redundant, and large-scale storage of static obje cts. Objects are written to multiple hardware devices in the data center, with t he OpenStack software responsible for ensuring data replicatio...

Fedora 17 : openstack-swift-1.4.8-3.fc17 (2012-15642)

Do not use pickle for serialization in memcache CVE-2012-4406 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Low: Red Hat Security Advisory: python-django-horizon security update

Updated python-django-horizon packages that fix one security issue are now available for Red Hat OpenStack Essex. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

OpenStack-Horizon: Open redirect through 'next' parameter

Open redirect vulnerability in views/authforms.py in OpenStack Dashboard Horizon Essex 2012.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter to auth/login/. NOTE: this issue was originally assigned CVE-2012-3542 by...

Openstack-Swift: insecure use of python pickle()

OpenStack Object Storage swift before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object...

Important: Red Hat Security Advisory: openstack-swift security update

Updated openstack-swift packages that fix one security issue are now available for Red Hat OpenStack Essex. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

2012.1.1: fails to raise Unauthorized user error for disabled tenant

OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-3 does not properly handle authorization tokens for disabled tenants, which allows remote authenticated users to access the tenant's resources by requesting a token for the tenant...