CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0071 – PackStack: Neutron Security Groups fail to block network traffic
https://notcve.org/view.php?id=CVE-2014-0071
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections. PackStack en Red Hat OpenStack 4.0 no fuerza los grupos de seguridad por defecto cuando desplegados hacia Neutron, lo que permite a atacantes remotos evadir restricciones de acceso y hacer conexiones no autorizadas. • http://rhn.redhat.com/errata/RHSA-2014-0233.html http://www.securityfocus.com/bid/66001 https://bugzilla.redhat.com/show_bug.cgi?id=1064163 https://access.redhat.com/security/cve/CVE-2014-0071 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 2%CPEs: 16EXPL: 0CVE-2013-6393 – libyaml: heap-based buffer overflow when parsing YAML tags
https://notcve.org/view.php?id=CVE-2013-6393
The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow. La función yaml_parser_scan_tag_uri en scanner.c en LibYAML anterior a 0.1.5 lleva a cabo un "cast" incorrecto, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) y probablemente ejecutar código arbitrario a través de etiquetas manipuladas en YAML. • http://advisories.mageia.org/MGASA-2014-0040.html http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00064.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00065.html http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html http://lists.opensuse.org/opensuse-updates/2016-04/msg00050.html http://osvdb.org/102716 http://rhn.redhat.com&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2013-6491 – nova: qpid SSL configuration
https://notcve.org/view.php?id=CVE-2013-6491
The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network. El cliente python-qpid (common/rpc/impl_qpid.py) en OpenStack Oslo anterior a 2013.2 no fuerza conexiones SSL cuando qpid_protocol se establece a ssl, lo cual permite a atacantes remotos obtener información sensible escuchando la red. • http://rhn.redhat.com/errata/RHSA-2014-0112.html http://www.ubuntu.com/usn/USN-2247-1 https://bugs.launchpad.net/oslo/+bug/1158807 https://bugzilla.redhat.com/show_bug.cgi?id=996766 https://access.redhat.com/security/cve/CVE-2013-6491 https://bugzilla.redhat.com/show_bug.cgi?id=1059504 • CWE-310: Cryptographic Issues •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 1CVE-2013-6391 – Keystone: trust circumvention through EC2-style tokens
https://notcve.org/view.php?id=CVE-2013-6391
The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2tokens API request. La API ec2tokens en OpenStack Identity (Keystone) anterior a de Havana 2013.2.1 y Icehouse anterior Icehouse-2 no devuelve una token de confianza de ámbito cuando se recibe uno, lo que permite a los usuarios la confianza remotos obtener privilegios mediante la generación de credenciales EC2 a partir de un token de confianza de ámbito y usándolo una solicitud API ec2tokens • http://rhn.redhat.com/errata/RHSA-2014-0089.html http://secunia.com/advisories/56079 http://secunia.com/advisories/56154 http://www.openwall.com/lists/oss-security/2013/12/11/7 http://www.securityfocus.com/bid/64253 http://www.ubuntu.com/usn/USN-2061-1 https://bugs.launchpad.net/keystone/+bug/1242597 https://exchange.xforce.ibmcloud.com/vulnerabilities/89657 https://access.redhat.com/security/cve/CVE-2013-6391 https://bugzilla.redhat.com/show_bug.cgi?id=1039164 • CWE-269: Improper Privilege Management •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-2029 – core: Insecure temporary file usage in nagios.upgrade_to_v3.sh
https://notcve.org/view.php?id=CVE-2013-2029
nagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others for Nagios Core 3.4.4, 3.5.1, and earlier, allows local users to overwrite arbitrary files via a symlink attack on a temporary nagioscfg file with a predictable name in /tmp/. nagios.upgrade_to_v3.sh, tal y como se distribuye por Red Hat y posiblemente otros Nagios Core 3.4.4, 3.5.1, y anteriores versiones, permite a usuarios locales sobreescribir archivos arbitrarios a través de un ataque symlink en un archivo nagioscfg temporal, con un nombre previsible en /tmp/. • http://rhn.redhat.com/errata/RHSA-2013-1526.html https://bugzilla.redhat.com/show_bug.cgi?id=958015 https://access.redhat.com/security/cve/CVE-2013-2029 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •