[USN-1413-1] Nova vulnerability

========================================================================== Ubuntu Security Notice USN-1413-1 March 29, 2012 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

CVE-2012-2094

Cross-site scripting XSS vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard Horizon folsom-1 and 2012.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the guest console...

[SECURITY] Fedora 17 Update: openstack-keystone-2012.1-1.fc17

Keystone is a Python implementation of the OpenStack http://www.openstack.org identity service API. This package contains the Keystone daemon...

Fedora 17 : openstack-nova-2012.1-0.10.rc1.fc17 (2012-4889)

CVE-2012-1585: Long server names grow nova-api log files significantly Avoid killing dnsmasq on network service shutdown. update to Essex RC1 which fixes 159 bugs detailed here: https://launchpad.net/nova/essex/essex-rc1 Features : - Support non blocking libvirt operations Bugs : - Suppress error...

Fedora Update for openstack-keystone FEDORA-2012-4960

Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2012-4960 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

[SECURITY] Fedora 16 Update: openstack-keystone-2011.3.1-3.fc16

Keystone is a Python implementation of the OpenStack http://www.openstack.org identity service API. Services included are: Keystone - identity store and authentication service AuthToken - WSGI middleware that can be used to handle token auth proto col WSGI or remote proxy AuthBasic - Stub for WSG...

CVE-2012-1585

OpenStack Compute Nova Essex before 2011.3 allows remote authenticated users to cause a denial of service Nova-API log file and disk consumption via a long server name...

Ubuntu Update for nova USN-1326-1

Ubuntu Update for Linux kernel vulnerabilities USN-1326-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13261.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for nova USN-1326-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu: Security Advisory (USN-1326-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1339-1: QEMU vulnerability

Nicolae Mogoreanu discovered that QEMU did not properly verify legacy mode packets in the e1000 network driver. A remote attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. When using QEMU with libvirt or...

Fedora 16 : openstack-nova-2011.3.1-0.4.10818.fc16 (2012-0682)

Update to 2011.3.1 release candidate. See https://launchpad.net/nova/+milestone/2011.3.1 This also includes a minor bug fix for libguestfs file injection This update includes 50 patches from the upstream stable branch and a fix for an issue with attaching volumes. Sync up with Fedora spec, to onl...

CVE-2012-0030

Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified projectid URI parameter...

CVE-2012-0030

Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified projectid URI parameter...

USN-1326-1: Nova vulnerability

Nachi Ueno, Rohit Karajgi, and Venkatesan Ravikumar discovered that when Nova is configured to use the OpenStack API, it would not correctly enforce access controls on certain incoming requests. A remote authenticated attacker could exploit this to change resources of arbitrary tenants...

CVE-2012-0030

Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified projectid URI parameter...

CVE-2011-4596

OpenStack Nova vulnerability CVE-2011-4596 affects OpenStack Nova before 2011.3.1 when EC2 API and the S3/RegisterImage image-registration method are enabled. It allows remote authenticated users to overwrite arbitrary files via a crafted tarball or manifest. Impact details in the reference CVSS ...

CVE-2011-4596

Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted 1 tarball or 2 manifest...

Ubuntu 10.04 LTS / 10.10 / 11.04 : qemu-kvm vulnerabilities (USN-1165-1)

Nelson Elhage discoverd that QEMU did not properly validate certain virtqueue requests from the guest. An attacker could exploit this to cause a denial of service of the guest or possibly execute code with the privileges of the user invoking the program. CVE-2011-2212 Stefan Hajnoczi discovered...

USN-1165-1: QEMU vulnerabilities

Nelson Elhage discoverd that QEMU did not properly validate certain virtqueue requests from the guest. An attacker could exploit this to cause a denial of service of the guest or possibly execute code with the privileges of the user invoking the program. CVE-2011-2212 Stefan Hajnoczi discovered...

Ubuntu Update for qemu-kvm USN-1145-1

Ubuntu Update for Linux kernel vulnerabilities USN-1145-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11451.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for qemu-kvm USN-1145-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net Thi...