20 matches found
SUSE CVE-2014-4615
The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry Ceilometer 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain XAUTHTOKEN values by reading the message queue...
[USN-2311-1] pyCADF vulnerability
========================================================================== Ubuntu Security Notice USN-2311-1 August 11, 2014 python-pycadf vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
pyCADF information leakage
Authentication tokens leakage...
[USN-2311-2] OpenStack Ceilometer vulnerability
========================================================================== Ubuntu Security Notice USN-2311-2 August 21, 2014 ceilometer vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Ubuntu: Security Advisory (USN-2311-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : OpenStack Ceilometer vulnerability (USN-2311-2)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2311-2 advisory. USN-2311-1 fixed vulnerabilities in pyCADF. This update provides the corresponding updates for OpenStack Ceilometer. Tenable has extracted the preceding descripti...
USN-2311-2: OpenStack Ceilometer vulnerability
USN-2311-1 fixed vulnerabilities in pyCADF. This update provides the corresponding updates for OpenStack Ceilometer. Original advisory details: Zhi Kun Liu discovered that pyCADF incorrectly filtered certain tokens. An attacker could possibly use this issue to obtain authentication tokens used in...
CVE-2014-4615
The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry Ceilometer 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain XAUTHTOKEN values by reading the message queue...
CVE-2014-4615
The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry Ceilometer 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain XAUTHTOKEN values by reading the message queue...
Xxe
The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry Ceilometer 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain XAUTHTOKEN values by reading the message queue...
CVE-2014-4615
The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry Ceilometer 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain XAUTHTOKEN values by reading the message queue...
CVE-2014-4615
CVE-2014-4615 affects OpenStack components including PyCADF (0.5.0 and earlier), Ceilometer 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo. The issue allows remote authenticated users to read a message queue (v2/meters/http.reque...
CVE-2014-4615
The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry Ceilometer 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain XAUTHTOKEN values by reading the message queue...
Ubuntu 14.04 LTS : pyCADF vulnerability (USN-2311-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2311-1 advisory. Zhi Kun Liu discovered that pyCADF incorrectly filtered certain tokens. An attacker could possibly use this issue to obtain authentication tokens used in REST...
Ubuntu: Security Advisory (USN-2311-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2311-1: pyCADF vulnerability
Zhi Kun Liu discovered that pyCADF incorrectly filtered certain tokens. An attacker could possibly use this issue to obtain authentication tokens used in REST requests...
USN-2311-1 python-pycadf vulnerability
Zhi Kun Liu discovered that pyCADF incorrectly filtered certain tokens. An attacker could possibly use this issue to obtain authentication tokens used in REST requests...
Fedora Update for python-pycadf FEDORA-2014-7780
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : python-pycadf-0.5.1-1.fc20 (2014-7780)
Fix tokens leaked to message queue CVE-2014-4615 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
CVE-2014-4615
The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry Ceilometer 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain XAUTHTOKEN values by reading the message queue...