7750 matches found
CVE-2012-3360
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
CVE-2012-3360
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
Design/Logic Flaw
virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...
PYSEC-2012-39
virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...
Directory traversal
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
PYSEC-2012-38
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
PYSEC-2012-38
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
PYSEC-2012-39
virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...
CVE-2012-3360
CVE-2012-3360 affects OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1) when used with libvirt-based hypervisors. The vulnerability arises in virt/disk/api.py where a directory traversal via a .. in the path attribute of a file element allows remote authenticated users to write arbitrar...
CVE-2012-3360
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
CVE-2012-3361
virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...
CVE-2012-3361
CVE-2012-3361 affects OpenStack OpenStack Compute (Nova) in Folsom (2012.2), Essex (2012.1), and Diablo (2011.3). The issue is in virt/disk/api.py where remote authenticated users can overwrite arbitrary files via a symlink attack on a file located within an image. The root cause is improper hand...
CVE-2012-3360
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...
CVE-2012-3361
virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...
Fedora 17 : openstack-nova-2012.1.1-3.fc17 (2012-10420)
Update to latest essex stable branch - Distinguish volume overlimit exceptions - Prohibit host file corruption through file injection CVE-2012-3360, CVE-2012-3361 - Support injecting new .ssh/authorizedkeys files to SELinux enabled guests Note that Tenable Network Security has extracted the...
Fedora 16 : openstack-nova-2011.3.1-11.fc16 (2012-10418)
Prohibit host file corruption through file injection CVE-2012-3361 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
[SECURITY] Fedora 17 Update: openstack-nova-2012.1.1-3.fc17
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...
[SECURITY] Fedora 16 Update: openstack-nova-2011.3.1-11.fc16
OpenStack Compute codename Nova is open source software designed to provision and manage large networks of virtual machines, creating a redundant and scalable cloud computing platform. It gives you the software, control panels, and APIs required to orchestrate a cloud, including running instances...
CVE-2012-3371
The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...
DEBIAN-CVE-2012-3371
The Nova scheduler in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service excessive database lookup calls and server hang via a request with many repeated IDs in the...