Lucene search
RootSSV:61272HistoryJan 03, 2014 - 12:00 a.m.
Apache Libcloud Digital Ocean API本地信息泄露漏洞
2014-01-0300:00:00
Root
www.seebug.org
10
0.0005 Low
EPSS
Percentile
15.3%
BUGTRAQ ID: 64617
CVE(CAN) ID: CVE-2013-6480
libcloud 是用Python开发的访问云计算服务的统一接口。
Apache Libcloud 0.12.3-0.13.2版本销毁DigitalOcean节点时,没有发送scrub_data query参数,这可使本地攻击者利用此漏洞获取敏感信息。
0
Apache Group Libcloud 0.12.3 - 0.13.3
厂商补丁:
Apache Group
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://libcloud.apache.org/security.html
https://digitalocean.com/blog_posts/transparency-regarding-data-security
dd if=/dev/vda bs=1M | strings -n 100 > out.txt
Related
nessus
nessus
openSUSE Security Update : python-apache-libcloud (openSUSE-SU-2014:0198-1)
2014-06-13 00:00:00
Fedora 20 : python-libcloud-0.13.3-1.fc20 (2014-0129)
2014-01-13 00:00:00
Fedora 18 : python-libcloud-0.13.3-1.fc18 (2014-0159)
2014-01-13 00:00:00
openvas
openvas
Fedora Update for python-libcloud FEDORA-2014-0129
2014-02-03 00:00:00
Fedora Update for python-libcloud FEDORA-2014-0129
2014-02-03 00:00:00
Fedora Update for python-libcloud FEDORA-2014-0159
2014-01-13 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: python-libcloud-0.13.3-1.fc20
2014-01-12 05:04:53
[SECURITY] Fedora 18 Update: python-libcloud-0.13.3-1.fc18
2014-01-12 05:03:50
[SECURITY] Fedora 19 Update: python-libcloud-0.13.3-1.fc19
2014-01-12 05:01:43
securityvulns
securityvulns
[CVE-2013-6480] Libcloud doesn't send scrub_data query parameter when destroying a DigitalOcean node
2014-01-08 00:00:00
Apache libcloud pritection bypass
2014-01-08 00:00:00
prion
prion
Design/Logic Flaw
2014-01-07 18:55:00
osv
osv
Libcloud does not properly scrub data when destroying a DigitalOcean node
2022-05-14 02:54:05
PYSEC-2014-97
2014-01-07 18:55:00
cve
cve
CVE-2013-6480
2014-01-07 18:55:00
github
github
Libcloud does not properly scrub data when destroying a DigitalOcean node
2022-05-14 02:54:05
debiancve
debiancve
CVE-2013-6480
2014-01-07 18:55:00