CVE-2014-2573
https://notcve.org/view.php?id=CVE-2014-2573
The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by requesting the VM be put into rescue and then deleting the image. El controlador VMWare en OpenStack Compute (Nova) 2013.2 hasta 2013.2.2 no coloca debidamente las VMs en estado de rescate, lo que permite a usuarios remotos autenticados evadir el límite de cuota y causar una denegación de servicio (consumo de recursos) solicitando que la VM sea colocada en rescate y posteriormente eliminando la imagen. • http://secunia.com/advisories/57498 http://www.openwall.com/lists/oss-security/2014/03/21/1 http://www.openwall.com/lists/oss-security/2014/03/21/2 https://bugs.launchpad.net/nova/+bug/1269418 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2013-7130 – nova: Live migration can leak root disk into ephemeral storage
https://notcve.org/view.php?id=CVE-2013-7130
The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attackers to obtain snapshot root disk contents of other users via ephemeral storage. El método i_create_images_and_backing (también conocido como create_images_and_backing) en el driver libvirt en OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, cuando hace uso de un bloque de migración KVM en vivo, no crea debidamente todos los archivos esperados, lo que permite a atacantes obtener contenido de una instantánea del disco raíz de otros usuarios a través del almacenamiento efímero. • http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127732.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127735.html http://osvdb.org/102416 http://rhn.redhat.com/errata/RHSA-2014-0231.html http://secunia.com/advisories/56450 http://www.openwall.com/lists/oss-security/2014/01/23/5 http://www.securityfocus.com/bid/65106 http://www.ubuntu.com/usn/USN-2247-1 https://bugs.launchpad.net/nova/+bug/1251590 https://exchange.xfo • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2013-2030
https://notcve.org/view.php?id=CVE-2013-2030
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova, as demonstrated using /tmp/keystone-signing-nova on Fedora. keystone/middleware/auth_token.py en OpenStack Nova Folsom, Grizzly, y Havana, utiliza un directorio temporal inseguro para almacenar certificados de firma, lo cual permite a usuarios locales impersonar servidores mediante la creación previa de este directorio, que es reutilizado por Nova, como se muestra utilizando /tmp/keystone-signing-nova en Fedora. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105916.html http://lists.openstack.org/pipermail/openstack-announce/2013-May/000098.html http://www.openwall.com/lists/oss-security/2013/05/09/2 https://bugs.launchpad.net/nova/+bug/1174608 https://bugzilla.redhat.com/show_bug.cgi?id=958285 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2013-4278
https://notcve.org/view.php?id=CVE-2013-4278
The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot arbitrary flavors by guessing the flavor id. NOTE: this issue is due to an incomplete fix for CVE-2013-2256. El API "create instance" en OpenStack Compute (Nova) Folsom, Grizzly, y Havana no fuerza apropiadamente la propiedad os-flavor-access:is_public, lo que permite a usuarios remotos autenticados arrancar una versión arbitraria advinando el id de versión. NOTA: este problema es debido a una correción incompleta de CVE-2013-2256. • http://lists.openstack.org/pipermail/openstack-announce/2013-August/000138.html http://rhn.redhat.com/errata/RHSA-2013-1199.html https://bugs.launchpad.net/ossa/+bug/1212179 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2013-4185 – OpenStack: Nova network source security groups denial of service
https://notcve.org/view.php?id=CVE-2013-4185
Algorithmic complexity vulnerability in OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service (nova-network consumption) via a large number of server-creation operations, which triggers a large number of update requests. Vulnerabilidad de la complejidad algorítmica en OpenStack Compute (Nova) anteriores 03/01/2013 y Havana anterior a habana-3 no controla correctamente las actualizaciones de directiva de grupo de seguridad de código de red, lo que permite a usuarios remotos autenticados causar una denegación de servicio (consumo nova de la red) a través de una gran número de operaciones del servidor de creación, que desencadena un gran número de solicitudes de actualización. • http://rhn.redhat.com/errata/RHSA-2013-1199.html http://seclists.org/oss-sec/2013/q3/282 https://bugs.launchpad.net/nova/+bug/1184041 https://access.redhat.com/security/cve/CVE-2013-4185 https://bugzilla.redhat.com/show_bug.cgi?id=993331 • CWE-310: Cryptographic Issues •