7799 matches found
Design/Logic Flaw
OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service crash via a crafted dnsnameservers value in the DNS configuration...
CVE-2014-7821
OpenStack Neutron vulnerable to a denial-of-service via a crafted dns_nameservers value in DNS configuration. Affected products: OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1. Root cause: improper handling of the dns_nameservers parameter leads to crash when an authenticated user...
CVE-2014-7821
OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service crash via a crafted dnsnameservers value in the DNS configuration...
CVE-2014-7821
OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service crash via a crafted dnsnameservers value in the DNS configuration...
PT-2014-8292 · Openstack · Openstack Neutron
Name of the Vulnerable Software and Affected Versions: OpenStack Neutron versions prior to 2014.1.4 OpenStack Neutron versions 2014.2.x prior to 2014.2.1 Description: The issue allows remote authenticated users to cause a denial of service, resulting in a crash. This can be achieved by providing ...
CentOS 6 : libvirt (CESA-2014:1873)
Updated libvirt packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
RHEL 6 : libvirt (RHSA-2014:1873)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1873 advisory. The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In...
Scientific Linux Security Update : libvirt on SL6.x i386/x86_64 (20141118)
An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune function looked up the disk index in a non- persistent live disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could u...
Ubuntu: Security Advisory (USN-2406-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2408-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2407-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2405-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : OpenStack Cinder vulnerabilities (USN-2405-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2405-1 advisory. Duncan Thomas discovered that OpenStack Cinder did not properly track the file format when using the GlusterFS of Smbfs drivers. A remote authenticated...
Ubuntu 14.04 LTS : OpenStack Neutron vulnerability (USN-2408-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2408-1 advisory. Elena Ezhova discovered that OpenStack Neutron did not properly perform access control checks for attributes. A remote authenticated attacker could exploit this t...
Ubuntu 14.04 LTS : OpenStack Nova vulnerabilities (USN-2407-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2407-1 advisory. Garth Mollett discovered that OpenStack Nova did not properly clean up an instance when using rescue mode with the VMWare driver. A remove authenticated...
USN-2408-1: OpenStack Neutron vulnerability
Elena Ezhova discovered that OpenStack Neutron did not properly perform access control checks for attributes. A remote authenticated attacker could exploit this to bypass intended access controls and reset admin-only attributes to default values...
USN-2408-1 neutron vulnerability
Elena Ezhova discovered that OpenStack Neutron did not properly perform access control checks for attributes. A remote authenticated attacker could exploit this to bypass intended access controls and reset admin-only attributes to default values...
USN-2407-1: OpenStack Nova vulnerabilities
Garth Mollett discovered that OpenStack Nova did not properly clean up an instance when using rescue mode with the VMWare driver. A remove authenticated user could exploit this to bypass intended quota limits. By default, Ubuntu does not use the VMWare driver. CVE-2014-3608 Amrith Kumar discovere...
USN-2407-1 nova vulnerabilities
Garth Mollett discovered that OpenStack Nova did not properly clean up an instance when using rescue mode with the VMWare driver. A remove authenticated user could exploit this to bypass intended quota limits. By default, Ubuntu does not use the VMWare driver. CVE-2014-3608 Amrith Kumar discovere...
USN-2406-1: OpenStack Keystone vulnerability
Brant Knudson discovered that OpenStack Keystone did not properly perform input sanitization when performing endpoint catalog substitution. A remote attacker with privileged access for creating endpoints could exploit this to obtain sensitive information...