Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в OpenStack
Опубликовано:19 июня 2014 г.
Источник:
SecurityVulns ID:13850
Тип:удаленная
Уровень опасности:
5/10
Описание:Утечка информации в Heart, повышение привилегий в Cinteder, многочисленные уязвимости в Nova, обход защиты в Neutron.
Затронутые продукты:OPENSTACK : Heart 2014.1
 OPENSTACK : Nova 2013.2
 OPENSTACK : Cinder 2014.1
 OPENSTACK : Nova 2014.1
 OPENSTACK : Neutron 2014.1
CVE:CVE-2014-4167 (The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.)
 CVE-2014-3801 (OpenStack Orchestration API (Heat) 2013.2 through 2013.2.3 and 2014.1, when creating the stack for a template using a provider template, allows remote authenticated users to obtain the provider template URL via the resource-type-list.)
 CVE-2014-2573 (The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by requesting the VM be put into rescue and then deleting the image.)
 CVE-2014-0167 (The Nova EC2 API security group implementation in OpenStack Compute (Nova) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 does not enforce RBAC policies for (1) add_rules, (2) remove_rules, (3) destroy, and other unspecified methods in compute/api.py when using non-default policies, which allows remote authenticated users to gain privileges via these API requests.)
 CVE-2014-0134 (The instance rescue mode in OpenStack Compute (Nova) 2013.2 before 2013.2.3 and Icehouse before 2014.1, when using libvirt to spawn images and use_cow_images is set to false, allows remote authenticated users to read certain compute host files by overwriting an instance disk with a crafted image.)
 CVE-2013-7130 (The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage.)
 CVE-2013-6491 (The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network.)
 CVE-2013-4469 (OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by transferring an image with a large virtual size that does not contain a large amount of data from Glance. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.)
 CVE-2013-4463 (OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix for CVE-2013-2096.)
 CVE-2013-1068 (The OpenStack Nova (python-nova) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder (python-cinder) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properly set the sudo configuration, which makes it easier for attackers to gain privileges by leveraging another vulnerability.)
 CVE-2013-1068 (The OpenStack Nova (python-nova) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder (python-cinder) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not properly set the sudo configuration, which makes it easier for attackers to gain privileges by leveraging another vulnerability.)
Оригинальный текстdocumentUBUNTU, [USN-2248-1] OpenStack Cinder vulnerability (19.06.2014)
 documentUBUNTU, [USN-2247-1] OpenStack Nova vulnerabilities (19.06.2014)
 documentJeremy Stanley, [oss-security] [OSSA 2014-017] Nova VMWare driver leaks rescued images (CVE-2014-2573) (19.06.2014)
 documentTristan Cacqueray, [oss-security] CVE request for vulnerability in OpenStack Neutron (19.06.2014)
 documentTristan Cacqueray, [oss-security] CVE request for vulnerability in OpenStack Heat (19.06.2014)

Уязвимости безопасности в HP Software Executive Scorecard
Опубликовано:19 июня 2014 г.
Источник:
SecurityVulns ID:13851
Тип:удаленная
Уровень опасности:
5/10
Описание:Выполнение кода, обратный путь в каталогах.
Затронутые продукты:HP : HP Executive Scorecard 9.41
CVE:CVE-2014-2611 (Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120.)
 CVE-2014-2610 (Directory traversal vulnerability in the Content Acceleration Pack (CAP) web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code by uploading an executable file, aka ZDI-CAN-2117.)
 CVE-2014-2609 (The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116.)
Оригинальный текстdocumentHP, [security bulletin] HPSBMU03048 rev.1 - HP Software Executive Scorecard, Remote Execution of Code, Directory Traversal (19.06.2014)

Многочисленные уязвимости безопасности в Xen
Опубликовано:19 июня 2014 г.
Источник:
SecurityVulns ID:13852
Тип:локальная
Уровень опасности:
6/10
Описание:DoS, утечки информации, повышения привилегий.
Затронутые продукты:XEN : Xen 4.4
CVE:CVE-2014-4021 (Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors.)
 CVE-2014-3969 (Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors.)
 CVE-2014-3968 (The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged.)
 CVE-2014-3967 (The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.)
 CVE-2013-2078 (Xen 4.0.2 through 4.0.4, 4.1.x, and 4.2.x allows local PV guest users to cause a denial of service (hypervisor crash) via certain bit combinations to the XSETBV instruction.)
Оригинальный текстdocumentXEN, [oss-security] Xen Security Advisory 100 (CVE-2014-4021) - Hypervisor heap contents leaked to guests (19.06.2014)
 documentXEN, [oss-security] Xen Security Advisory 99 - unexpected pitfall in xenaccess API (19.06.2014)
 documentXEN, [oss-security] Xen Security Advisory 98 (CVE-2014-3969) - insufficient permissions checks accessing guest memory on ARM (19.06.2014)
 documentXEN, [oss-security] Xen Security Advisory 96 (CVE-2014-3967,CVE-2014-3968) - Vulnerabilities in HVM MSI injection (19.06.2014)
 documentXEN, [oss-security] Xen Security Advisory 54 (CVE-2013-2078) - Hypervisor crash due to missing exception recovery on XSETBV (19.06.2014)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород