EUVD-2015-5235

Malware in sbrugna...

Swift-on-File Remote Denial of Service Vulnerability

OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration in collaboration with Rackspace in the U.S. Swift-on-File a.k.a. Swiftonfile is one of the services used to scale a Swift clusters and migrate data from different storage backends. A...

OpenStack Swift-on-File Arbitrary Code Execution Vulnerability

OpenStack is an open source project developed by NASA and Rackspace in collaboration to provide software for building and managing public and private clouds. An arbitrary code execution vulnerability exists in OpenStack Swift-on-File, which allows an authenticated remote user to execute arbitrary...

CVE-2015-5242

OpenStack Swift-on-File aka Swiftonfile does not properly restrict use of the pickle Python module when loading metadata, which allows remote authenticated users to execute arbitrary code via a crafted extended attribute xattrs...

Code injection

OpenStack Swift-on-File aka Swiftonfile does not properly restrict use of the pickle Python module when loading metadata, which allows remote authenticated users to execute arbitrary code via a crafted extended attribute xattrs...

CVE-2015-5242

CVE-2015-5242 affects OpenStack Swift-on-File (swiftonfile). The issue arises from loading metadata with Python’s pickle without proper restrictions, enabling a remote authenticated user to execute arbitrary code via crafted xattrs. Documented impact is remote code execution on the storage node; ...