4602 matches found
PYSEC-2014-97
Libcloud 0.12.3 through 0.13.2 does not set the scrubdata parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM...
PYSEC-2013-45
keystone/middleware/authtoken.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova...
PYSEC-2013-28
Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a report...
PYSEC-2013-12
Salt aka SaltStack 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine...
PYSEC-2013-27
Unspecified vulnerability in salt-ssh in Salt aka SaltStack 0.17.0 has unspecified impact and vectors related to "insecure Usage of /tmp."...
PYSEC-2013-15
The salt master in Salt aka SaltStack 0.11.0 through 0.17.0 does not properly drop group privileges, which makes it easier for remote attackers to gain privileges...
PYSEC-2013-14
Salt aka SaltStack before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key...
PYSEC-2013-26
The default configuration for salt-ssh in Salt aka SaltStack 0.17.0 does not validate the SSH host key of requests, which allows remote attackers to have unspecified impact via a man-in-the-middle MITM attack...
PYSEC-2013-13
Salt aka SaltStack before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to be loaded has already been determined to be safe...
PYSEC-2013-29
The Crypto.Random.atfork function in PyCrypto before 2.6.1 does not properly reseed the pseudo-random number generator PRNG before allowing a child process to access it, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging a race condition in which a...
PYSEC-2013-19
Cross-site scripting XSS vulnerability in the AdminURLFieldWidget widget in contrib/admin/widgets.py in Django 1.5.x before 1.5.2 and 1.6.x before 1.6 beta 2 allows remote attackers to inject arbitrary web script or HTML via a URLField...
PYSEC-2013-21
The issafeurl function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting XSS or other vulnerabilities into Django applications that use this function, a...
PYSEC-2013-24
The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process...
PYSEC-2013-31
The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate...
PYSEC-2013-4
Multiple cross-site scripting XSS vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
PYSEC-2013-3
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...
PYSEC-2013-34
Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to 1 remotestorage.py, 2 storage.py, 3 render/datalib.py, and 4 whitelist/views.py, a different vulnerability than CVE-2013-5093...
PYSEC-2013-33
cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/...
PYSEC-2013-32
cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and possibly have other unspecified impact via a symlink attack on a cache file with a predictable name in /tmp/suds/...
PYSEC-2013-42
The 1 mamcache and 2 KVS token backends in OpenStack Identity Keystone Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token...
PYSEC-2013-18
The authentication framework django.contrib.auth in Django 1.4.x before 1.4.8, 1.5.x before 1.5.4, and 1.6.x before 1.6 beta 4 allows remote attackers to cause a denial of service CPU consumption via a long password which is then hashed...
PYSEC-2013-2
lib/ansible/playbook/init.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/...
PYSEC-2013-1
runner/connectionplugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/...
PYSEC-2013-20
Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWEDINCLUDEROOTS setting followed by a .. dot dot in a ssi template tag...
PYSEC-2013-35
The clearvolume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors...
PYSEC-2013-11
The Python client library for Glance python-glanceclient before 0.10.0 does not properly check the preverifyok value, which prevents the server hostname from being verified with a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate and allows...
PYSEC-2013-25
The Python client in Apache Qpid before 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...
PYSEC-2013-9
pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory...
PYSEC-2013-30
bson/cbsonmodule.c in the mongo-python-driver aka. pymongo before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to decoding of an "invalid DBRef."...
PYSEC-2013-10
pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a download operation...
PYSEC-2013-22
easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...
PYSEC-2013-8
pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation...
PYSEC-2013-41
OpenStack Identity Keystone Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token...
PYSEC-2013-40
OpenStack Identity Keystone Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the 1 admintoken and 2 LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file...
PYSEC-2013-16
The administrative interface for Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 does not check permissions for the history view, which allows remote authenticated administrators to obtain sensitive object history information...
PYSEC-2013-17
The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service memory consumption or trigger server errors via a modified maxnum parameter...
PYSEC-2013-46
The v1 API in OpenStack Glance Essex 2012.1, Folsom 2012.2, and Grizzly, when using the single-tenant Swift or S3 store, reports the location field, which allows remote authenticated users to obtain the operator's backend credentials via a request for a cached image...
PYSEC-2013-44
OpenStack Compute Nova Grizzly, Folsom 2012.2, and Essex 2012.1 does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service resource exhaustion and failure to spawn new instances via a large number of calls to the addFixedIp function...
PYSEC-2013-39
OpenStack Keystone Folsom 2012.2 does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token...
PYSEC-2013-43
OpenStack Compute Nova Grizzly, Folsom 2012.2, and Essex 2012.1 allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM that was bound to the same VNC port...
PYSEC-2013-37
store/swift.py in OpenStack Glance Essex 2012.1, Folsom 2012.2 before 2012.2.3, and Grizzly, when in Swift single tenant mode, logs the Swift endpoint's user name and password in cleartext when the endpoint is misconfigured or unusable, allows remote authenticated users to obtain sensitive...
PYSEC-2013-38
The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority CA certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate...
PYSEC-2013-36
The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority CA certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate...
PYSEC-2013-5
Directory traversal vulnerability in the doattachmentmove function in the AttachFile action action/AttachFile.py in MoinMoin 1.9.3 through 1.9.5 allows remote attackers to overwrite arbitrary files via a .. dot dot in a file name...
PYSEC-2013-7
Multiple directory traversal vulnerabilities in the 1 twikidraw action/twikidraw.py and 2 anywikidraw action/anywikidraw.py actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged wi...
PYSEC-2013-6
Multiple unrestricted file upload vulnerabilities in the 1 twikidraw action/twikidraw.py and 2 anywikidraw action/anywikidraw.py actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to execute arbitrary code by uploading a file with an executable extension, the...
PYSEC-2013-23
Cross-site scripting XSS vulnerability in the rsslink function in theme/init.py in MoinMoin 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the page name in a rss link...
PYSEC-2012-42
OpenStack Compute Nova Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume PV content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume L...
PYSEC-2012-41
OpenStack Compute Nova Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume PV content when reallocating for instances, which allows attackers to obtain sensitive information by reading the memory of the previous logical volume L...
PYSEC-2012-35
OpenStack Keystone Essex 2012.1 and Folsom 2012.2 does not properly handle EC2 tokens when the user role has been removed from a tenant, which allows remote authenticated users to bypass intended authorization restrictions by leveraging a token for the removed user role...