openstack-nova allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM that was bound to the same VNC port.
rhn.redhat.com/errata/RHSA-2013-0709.html
secunia.com/advisories/52337
secunia.com/advisories/52728
www.openwall.com/lists/oss-security/2013/02/26/7
www.osvdb.org/90657
www.ubuntu.com/usn/USN-1771-1
access.redhat.com/security/updates/classification/#moderate
bugs.launchpad.net/nova/+bug/1125378
bugzilla.redhat.com/show_bug.cgi?id=887968
bugzilla.redhat.com/show_bug.cgi?id=891349
bugzilla.redhat.com/show_bug.cgi?id=910727
bugzilla.redhat.com/show_bug.cgi?id=912284
bugzilla.redhat.com/show_bug.cgi?id=915274
bugzilla.redhat.com/show_bug.cgi?id=916174
bugzilla.redhat.com/show_bug.cgi?id=916176
bugzilla.redhat.com/show_bug.cgi?id=916615
bugzilla.redhat.com/show_bug.cgi?id=917534
review.openstack.org/#/c/22086/
review.openstack.org/#/c/22758
review.openstack.org/#/c/22872/
rhn.redhat.com/errata/RHSA-2013-0709.html