4 matches found
CVE-2012-1585
CVE-2012-1585 affects OpenStack Compute (Nova) Essex before 2011.3. The vulnerability allows remote authenticated users to cause a denial of service by submitting a long server name, which triggers excessive growth of the nova-api log file and disk consumption. The connected documents confirm the...
CVE-2012-3447
OpenStack Compute (Nova) vulnerability affecting the 2012.1.x branch prior to 2012.1.2 and Folsom prior to Folsom-3. A remote authenticated user can overwrite arbitrary files via a symlink attack on a file inside an image that uses a symlink readable only by root. The issue stems from an incomple...
CVE-2012-0030
CVE-2012-0030 affects Nova 2011.3 and Essex when using the OpenStack API, allowing remote authenticated users to bypass tenant access restrictions via a modified project_id in an OSAPI request. Root cause: insufficient validation of project_id in OSAPI calls. A fix is available in OpenStack Nova ...
CVE-2012-2101
OpenStack Compute (Nova) in Folsom, 2012.1, and 2011.3, is vulnerable because it does not cap the number of security group rules. This allows remote authenticated users with certain permissions to trigger a denial of service by issuing a network request that creates a large number of iptables rul...