7717 matches found
Fedora Update for openstack-swift FEDORA-2012-15098
Check for the Version of openstack-swift OpenVAS Vulnerability Test Fedora Update for openstack-swift FEDORA-2012-15098 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...
PT-2012-5412 · Openstack · Openstack Keystone
Name of the Vulnerable Software and Affected Versions: OpenStack Keystone versions prior to 2012.1.2 OpenStack Keystone Folsom versions prior to folsom-2 Description: The issue concerns improper validation of the X-Auth-Token in the OS-KSADM/services and tenant APIs. This allows remote attackers ...
Fedora Update for openstack-swift FEDORA-2012-15098
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
[SECURITY] Fedora 16 Update: openstack-swift-1.4.8-3.fc16
OpenStack Object Storage swift aggregates commodity servers to work toget her in clusters for reliable, redundant, and large-scale storage of static obje cts. Objects are written to multiple hardware devices in the data center, with t he OpenStack software responsible for ensuring data replicatio...
Fedora 16 : openstack-swift-1.4.8-3.fc16 (2012-15098)
Do not use pickle for serialization in memcache CVE-2012-4406 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora Update for openstack-keystone FEDORA-2012-13075
Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2012-13075 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora Update for openstack-keystone FEDORA-2012-13075
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 17 : openstack-keystone-2012.1.2-4.fc17 (2012-13075)
Require authz to update user's tenant CVE-2012-3542 - Delete user tokens after role grant/revoke CVE-2012-4413 - Fails to validate tokens in Admin API CVE-2012-4456 - Fails to raise Unauthorized user error for disabled tenant CVE-2012-4457 Note that Tenable Network Security has extracted the...
[SECURITY] Fedora 17 Update: openstack-keystone-2012.1.2-4.fc17
Keystone is a Python implementation of the OpenStack http://www.openstack.org identity service API. This package contains the Keystone daemon...
OpenStack Keystone Default Credentials
It is possible to log into the remote OpenStack Keystone instance by providing default credentials. Knowing these, an attacker can gain administrative control of the affected application and would then be able to read and write to Keystone, which is used as an identity provider by other services...
OpenStack Glance Detection
OpenStack Glance, a Python application that provides services for managing virtual machine images, was found on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62352; scriptversion"1.4"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"OpenStack...
OpenStack Keystone Detection
OpenStack Keystone, a Python application that provides identity, token, catalog and policy services to other OpenStack components was found on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62353; scriptversion"1.3"; scriptcvsdate"Date: 2019/11/22";...
CVE-2012-4413
OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...
DEBIAN-CVE-2012-4413
OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...
CVE-2012-4413
OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...
Design/Logic Flaw
OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...
CVE-2012-4413
OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...
CVE-2012-4413
OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles...
CVE-2012-4413
CVE-2012-4413 affects OpenStack Keystone before 2012.1.3. The vulnerability occurs because Keystone does not invalidate existing tokens when roles are granted or revoked, allowing remote authenticated users to retain privileges associated with revoked roles. The issue has been acknowledged in mul...
PT-2012-5384 · Openstack · Openstack Keystone
Name of the Vulnerable Software and Affected Versions: OpenStack Keystone versions prior to 2012.1.3 Description: The issue allows remote authenticated users to retain the privileges of revoked roles because existing tokens are not invalidated when roles are granted or revoked. Recommendations: F...