CVE-2011-4596

Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted 1 tarball or 2 manifest...

CVE-2011-4596

Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted 1 tarball or 2 manifest...

CVE-2011-4596

OpenStack Nova vulnerability CVE-2011-4596 affects OpenStack Nova before 2011.3.1 when EC2 API and the S3/RegisterImage image-registration method are enabled. It allows remote authenticated users to overwrite arbitrary files via a crafted tarball or manifest. Impact details in the reference CVSS ...

[SECURITY] Fedora 16 Update: openstack-nova-2011.3-13.fc16

OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...

Fedora 16 : openstack-nova-2011.3-13.fc16 (2011-17111)

Also updates the libguestfs suppose Add --yes, --rootpw, and --novapw options to openstack-db-setup. Change the default database from sqlite to mysql. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted...

USN-1305-1: Nova vulnerability

David Black discovered that Nova did not properly perform input validation during image registration. An attacker could exploit this by registering a crafted image using the EC2 API or S3/RegisterImage method and overwrite files as the nova user...

CVE-2011-4596

Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted 1 tarball or 2 manifest...

Fedora 16 : openstack-nova-2011.3-6.fc16 (2011-15449)

This update fixes a password leak in the EC2 API. This update includes a block migration fix from upstream. ---------------------------------------------------------------------- -----= Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

[SECURITY] Fedora 16 Update: openstack-nova-2011.3-6.fc16

OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...

[USN-1247-1] Nova vulnerability

========================================================================== Ubuntu Security Notice USN-1247-1 October 25, 2011 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...

CVE-2011-4076

OpenStack Nova before 2012.1 allows someone with access to an EC2ACCESSKEY equivalent to a username to obtain the EC2SECRETKEY equivalent to a password. Exposing the EC2ACCESSKEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2SECRETKEY. A...

Ubuntu 10.04 LTS / 10.10 / 11.04 : qemu-kvm vulnerabilities (USN-1165-1)

Nelson Elhage discoverd that QEMU did not properly validate certain virtqueue requests from the guest. An attacker could exploit this to cause a denial of service of the guest or possibly execute code with the privileges of the user invoking the program. CVE-2011-2212 Stefan Hajnoczi discovered...

USN-1165-1: QEMU vulnerabilities

Nelson Elhage discoverd that QEMU did not properly validate certain virtqueue requests from the guest. An attacker could exploit this to cause a denial of service of the guest or possibly execute code with the privileges of the user invoking the program. CVE-2011-2212 Stefan Hajnoczi discovered...

Ubuntu Update for qemu-kvm USN-1145-1

Ubuntu Update for Linux kernel vulnerabilities USN-1145-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11451.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for qemu-kvm USN-1145-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net Thi...

USN-1145-1: QEMU vulnerabilities

It was discovered that QEMU did not properly perform validation of I/O operations from the guest which could lead to heap corruption. An attacker could exploit this to cause a denial of service of the guest or possibly execute code with the privileges of the user invoking the program. CVE-2011-17...

OpenStack 'floating Linux kernel' rides VMware hypervisor !

OpenStack 'floating Linux kernel' rides VMware hypervisor ! OpenStack – the open source "infrastructure cloud" project founded by Rackspace and NASA – has released a third version of its platform, offering support for all major hypervisors. With the new release, codenamed "Cactus", developers hav...