2322 matches found
CVE-2013-2157
OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password...
CVE-2013-4155
OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service "superfluous" tombstone consumption and Swift cluster slowdown via a DELETE request with a timestamp that is older than expected...
Authentication flaw
OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password...
Design/Logic Flaw
OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service "superfluous" tombstone consumption and Swift cluster slowdown via a DELETE request with a timestamp that is older than expected...
CVE-2013-2157
CVE-2013-2157 affects OpenStack Keystone (Folsom/Grizzly before 2013.1.3 and Havana) where LDAP authentication with anonymous binds allows a remote attacker to bypass authentication using an empty password. Connected sources confirm remediation via OpenStack/Keystone upgrades or patches (e.g., up...
CVE-2013-2157
OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password...
CVE-2013-4155
OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service "superfluous" tombstone consumption and Swift cluster slowdown via a DELETE request with a timestamp that is older than expected...
CVE-2013-4155
OpenStack Swift vulnerability CVE-2013-4155 affects Swift before 1.9.1 in Folsom, Grizzly, and Havana. An authenticated user can trigger a denial of service by issuing a DELETE request with an outdated timestamp, causing superfluous tombstone consumption and Swift cluster slowdown. The primary im...
CVE-2013-4155
OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service "superfluous" tombstone consumption and Swift cluster slowdown via a DELETE request with a timestamp that is older than expected...
CVE-2013-2157
OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password...
[SECURITY] Fedora 19 Update: python-keystoneclient-0.2.3-7.fc19
Client library and command line utility for interacting with Openstack Identity API...
DSA-2737-1 swift - several
Bulletin has no description...
[SECURITY] Fedora 18 Update: openstack-keystone-2012.2.4-5.fc18
Keystone is a Python implementation of the OpenStack http://www.openstack.org identity service API. This package contains the Keystone daemon...
Moderate: Red Hat Security Advisory: ruby193-ruby security update
Updated ruby193-ruby packages that fix one security issue are now available for Red Hat OpenStack 3.0 Grizzly. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
[SECURITY] Fedora 19 Update: openstack-keystone-2013.1.2-3.fc19
Keystone is a Python implementation of the OpenStack http://www.openstack.org identity service API. This package contains the Keystone daemon...
OpenStack多个产品SSL证书校验漏洞(CVE-2013-2255)
CVE ID:CVE-2013-2255 OpenStack Computer提供给一个组织云的工具,其中的功能包括运行虚拟机实例, 管理网络以及通过用户和项目来控制对云的访问OpenStack keystone是openstack中用于身份验证的项目,任何服务请求需要经过它的验证获得服务的endpoint OpenStack Computer/keystone在连接服务器时没有校验所提供的SSL证书的合法性,允许远程攻击者利用漏洞伪造合法服务器,进行中间人等攻击 0 OpenStack Compute Nova 2013.x OpenStack Keystone 2013.x 厂商解决...
CVE-2013-2096
OpenStack Compute Nova Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption by creating an image with a large virtual size that does not contain a large amount of data...
Design/Logic Flaw
OpenStack Compute Nova Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption by creating an image with a large virtual size that does not contain a large amount of data...
CVE-2013-2096
OpenStack Compute Nova Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption by creating an image with a large virtual size that does not contain a large amount of data...
OpenStack multiple security vulnerabilities
Keystone protection bypass and authentication bypass, Nova DoS...