Lucene search
Ubuntu.comUB:CVE-2012-3360HistoryJul 03, 2012 - 12:00 a.m.
CVE-2012-3360
2012-07-0300:00:00
ubuntu.com
ubuntu.com
8
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.004 Low
EPSS
Percentile
74.7%
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute
(Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based
hypervisors, allows remote authenticated users to write arbitrary files to
the disk image via a … (dot dot) in the path attribute of a file element.
Bugs
Notes
| Author | Note |
|---|---|
| tyhicks | Per OpenStack Vuln Mgmt Team, only Essex and later are affected |
Related
debiancve
debiancve
CVE-2012-3360
2012-07-22 16:55:00
prion
prion
Directory traversal
2012-07-22 16:55:00
cve
cve
CVE-2012-3360
2012-07-22 16:55:00
openvas
openvas
Ubuntu: Security Advisory (USN-1497-1)
2012-07-06 00:00:00
Ubuntu Update for nova USN-1497-1
2012-07-06 00:00:00
Fedora Update for openstack-nova FEDORA-2012-10420
2012-08-30 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: openstack-nova-2012.1.1-3.fc17
2012-07-19 09:10:22
[SECURITY] Fedora 17 Update: openstack-nova-2012.1.1-4.fc17
2012-07-29 00:53:08
[SECURITY] Fedora 17 Update: openstack-nova-2012.1.1-15.fc17
2012-08-21 09:53:13
ubuntu
ubuntu
Nova vulnerabilities
2012-07-03 00:00:00
nessus
nessus
Ubuntu 11.10 / 12.04 LTS : nova vulnerabilities (USN-1497-1)
2012-07-05 00:00:00
Fedora 17 : openstack-nova-2012.1.1-3.fc17 (2012-10420)
2012-07-20 00:00:00
securityvulns
securityvulns
[USN-1497-1] Nova vulnerabilities
2012-07-09 00:00:00
Nova security vulnerabilities
2012-08-27 00:00:00
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.004 Low
EPSS
Percentile
74.7%
Related for UB:CVE-2012-3360