Folsom
Monthly
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.
The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service. Rated low severity (CVSS 1.9). Public exploit code available.
OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.
OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.
XML injection vulnerability in account/utils.py in OpenStack Swift Folsom, Grizzly, and Havana allows attackers to trigger invalid or spoofed Swift responses via an account name. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex and Folsom; Cinder Folsom; Django; and possibly other. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service (resource. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.
OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.
The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.
The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.
The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.
virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. Public exploit code available.
virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.
The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service. Rated low severity (CVSS 1.9). Public exploit code available.
OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.
OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.
XML injection vulnerability in account/utils.py in OpenStack Swift Folsom, Grizzly, and Havana allows attackers to trigger invalid or spoofed Swift responses via an account name. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex and Folsom; Cinder Folsom; Django; and possibly other. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service (resource. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.
OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.
The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.
The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.
The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.
virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. Public exploit code available.
virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.