7751 matches found
CVE-2013-2157
OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password...
CVE-2013-2161
XML injection vulnerability in account/utils.py in OpenStack Swift Folsom, Grizzly, and Havana allows attackers to trigger invalid or spoofed Swift responses via an account name...
Keystone: Missing expiration check in Keystone PKI token validation
python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...
Moderate: Red Hat Security Advisory: python-keystoneclient security and bug fix update
Updated python-keystoneclient packages that fix one security issue and multiple bugs are now available for Red Hat OpenStack 3.0 Grizzly Preview. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, whi...
Ubuntu Update for nova USN-1831-2
Check for the Version of nova OpenVAS Vulnerability Test $Id: gbubuntuUSN18312.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for nova USN-1831-2 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...
Ubuntu: Security Advisory (USN-1831-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-1831-2: OpenStack Nova regression
USN-1831-1 fixed a vulnerability in OpenStack Nova. The upstream fix introduced a regression where instances using uncached QCOW2 images would fail to start. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Loganathan Parthipan discovered that Nova did...
CVE-2013-2104
python-keystoneclient before 0.2.4, as used in OpenStack Keystone Folsom, does not properly check expiry for PKI tokens, which allows remote authenticated users to 1 retain use of a token after it has expired, or 2 use a revoked token once it expires...
Fedora 19 : openstack-keystone-2013.1.1-1.fc19 (2013-8023)
First stable Grizzly update 2013.1.1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...
[SECURITY] Fedora 19 Update: openstack-keystone-2013.1.1-1.fc19
Keystone is a Python implementation of the OpenStack http://www.openstack.org identity service API. This package contains the Keystone daemon...
Important: Red Hat Security Advisory: KVM image security update
The Red Hat Enterprise Linux 6.4 KVM Guest Image for cloud instances had an empty root password by default. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Fedora Update for openstack-keystone FEDORA-2013-8048
Check for the Version of openstack-keystone OpenVAS Vulnerability Test Fedora Update for openstack-keystone FEDORA-2013-8048 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora Update for openstack-keystone FEDORA-2013-8048
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 18 Update: openstack-keystone-2012.2.4-3.fc18
Keystone is a Python implementation of the OpenStack http://www.openstack.org identity service API. This package contains the Keystone daemon...
Fedora 18 : openstack-keystone-2012.2.4-3.fc18 (2013-8048)
Revoke tokens on user delete CVE-2013-2059 - authtoken: Securely create signingdir CVE-2013-2030 - avoid potential disclosure in log files and restrict /var/log/keystone/ CVE-2013-2006 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
CVE-2013-2059
OpenStack Identity Keystone Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token...
DEBIAN-CVE-2013-2006
OpenStack Identity Keystone Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the 1 admintoken and 2 LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file...
CVE-2013-2006
OpenStack Identity Keystone Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the 1 admintoken and 2 LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file...
CVE-2013-2059
OpenStack Identity Keystone Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token...
CVE-2013-1977
OpenStack devstack uses world-readable permissions for keystone.conf, which allows local users to obtain sensitive information such as the LDAP password and admintoken secret by reading the file...