OpenHarness 安全漏洞

OpenHarness is a lightweight development and runtime framework for Data Intelligence Lab@HKU. Previous versions of OpenHarness had security vulnerabilities, which stemmed from insufficient differentiation between local commands and remote secure commands processed by the gateway. This vulnerabili...

EUVD-2012-5985

Malware in sbrugna...

openstack-nova: network security group changes are not applied to running instances

A vulnerability was discovered in the way OpenStack Compute nova networking handled security group updates; changes were not applied to already running VM instances. A remote attacker could use this flaw to access running VM instances...

openstack-nova: network security group changes are not applied to running instances

A vulnerability was discovered in the way OpenStack Compute nova networking handled security group updates; changes were not applied to already running VM instances. A remote attacker could use this flaw to access running VM instances...

openstack-nova: network security group changes are not applied to running instances

A vulnerability was discovered in the way OpenStack Compute nova networking handled security group updates; changes were not applied to already running VM instances. A remote attacker could use this flaw to access running VM instances...

CVE-2012-6118

The Administer tab in Aeolus Conductor allows remote authenticated users to bypass intended quota restrictions by updating the Maximum Running Instances quota user setting...

Conductor: Unprivileged user can change their own Maximum Running Instances quota

The Administer tab in Aeolus Conductor allows remote authenticated users to bypass intended quota restrictions by updating the Maximum Running Instances quota user setting...