EUVD-2012-3218

Malware in sbrugna...

CVE-2012-4065

Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to bypass unspecified authorization checks and obtain direct access to a 1 Cloud Controller or 2 Walrus service via a crafted message, as demonstrated by...

Authorization

Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to bypass unspecified authorization checks and obtain direct access to a 1 Cloud Controller or 2 Walrus service via a crafted message, as demonstrated by...

CVE-2012-3240

The Walrus service in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 allows remote attackers to gain administrator privileges via a crafted REST request...

CVE-2012-3240

The Walrus service in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 allows remote attackers to gain administrator privileges via a crafted REST request...

Design/Logic Flaw

The Walrus service in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 allows remote attackers to gain administrator privileges via a crafted REST request...

CVE-2012-3240

The Walrus service in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 allows remote attackers to gain administrator privileges via a crafted REST request...

CVE-2012-3240

The CVE affects Eucalyptus Walrus: versions 2.0.3 and 3.0.x prior to 3.0.2. Root cause is a flaw in WalrusComponentLoginModule.authenticate where the REST request is processed with admin context without proper trust verification, enabling a remote, unauthenticated attacker to gain administrator p...