Code injection

OpenStack Nova before 2012.1 allows someone with access to an EC2ACCESSKEY equivalent to a username to obtain the EC2SECRETKEY equivalent to a password. Exposing the EC2ACCESSKEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2SECRETKEY. A...

CVE-2011-4076

OpenStack Nova before 2012.1 is affected: if a user possesses an EC2_ACCESS_KEY (like a username), they may derive the EC2_SECRET_KEY (password). Exposing the EC2_ACCESS_KEY over HTTP or via tools that enable MITM over HTTPS could allow an attacker to obtain the secret key; brute-forcing EC2_ACCE...

CVE-2011-4076

OpenStack Nova before 2012.1 allows someone with access to an EC2ACCESSKEY equivalent to a username to obtain the EC2SECRETKEY equivalent to a password. Exposing the EC2ACCESSKEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2SECRETKEY. A...

CVE-2011-4076

OpenStack Nova before 2012.1 allows someone with access to an EC2ACCESSKEY equivalent to a username to obtain the EC2SECRETKEY equivalent to a password. Exposing the EC2ACCESSKEY via http or tools that allow man-in-the-middle over https could allow an attacker to easily obtain the EC2SECRETKEY. A...

UBUNTU-CVE-2015-5694

Designate does not enforce the DNS protocol limit concerning record set sizes...

CVE-2012-1572

OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space...

CVE-2012-1572

OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space...

DEBIAN-CVE-2012-1572

OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space...

Stack overflow

OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space...

CVE-2012-1572

OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space...

CVE-2012-1572

OpenStack Keystone is affected by CVE-2012-1572: extremely long passwords can exhaust Keystone’s stack space and crash the service. The connected sources confirm this behavior but do not provide a specific remediation or patched version in the supplied documents.

CVE-2012-1572

OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space...

openstack-mistral information disclosure vulnerability

openstack-mistral is a workflow service for the OpenStack cloud. The product focuses on providing mechanisms for managing and executing tasks/workflows without the need to code, manage and execute them in a cloud environment. An information disclosure vulnerability exists in openstack-mistral,...

CVE-2019-3866

An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access sensitive user information...

CVE-2019-3866

An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access sensitive user information...

DEBIAN-CVE-2019-3866

An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access sensitive user information...

Information disclosure

An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access sensitive user information...

CVE-2019-3866

An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access sensitive user information...

UBUNTU-CVE-2019-3866

An information-exposure vulnerability was discovered where openstack-mistral's undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access sensitive user information...

CVE-2019-3866

The CVE-2019-3866 entry describes an information-disclosure vulnerability in openstack-mistral where undercloud log files contain clear-text information and were world-readable. This could allow a local attacker to access sensitive user data from logs. The connected documents corroborate that the...