CVSS: 9.8EPSS: 0%CPEs: 26EXPL: 0CVE-2014-4615 – pycadf: token leak to message queue
https://notcve.org/view.php?id=CVE-2014-4615
11 Aug 2014 — The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/meters/http.request). El middleware notificador en OpenStack PyCADF 0.5.0 y anteriores, Telemetry (Ceilometer) 2013.2 anterior a 2013.2.4 y 2014.x anterior a 2014.1.2, Neutron 2014.x anterior a 2014.1.2 y Juno ante... • http://rhn.redhat.com/errata/RHSA-2014-1050.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6470 – foreman-installer: insecure defaults
https://notcve.org/view.php?id=CVE-2013-6470
29 May 2014 — The default configuration in the standalone controller quickstack manifest in openstack-foreman-installer, as used in Red Hat Enterprise Linux OpenStack Platform 4.0, disables authentication for Qpid, which allows remote attackers to gain access by connecting to Qpid. La configuración por defecto en el manifest de Standalone Controller Quickstack en openstack-foreman-installer, utilizado en Red Hat Enterprise Linux OpenStack Platform 4.0, deshabilita autenticación para Qpid, lo que permite a atacantes remot... • http://rhn.redhat.com/errata/RHSA-2014-0517.html • CWE-287: Improper Authentication •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2014-0040 – openstack-heat-templates: use of HTTP to download signing keys/code
https://notcve.org/view.php?id=CVE-2014-0040
29 May 2014 — OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, uses an HTTP connection to download (1) packages and (2) signing keys from Yum repositories, which allows man-in-the-middle attackers to prevent updates via unspecified vectors. OpenStack Heat Templates (heat-templates), utilizado Red Hat Enterprise Linux OpenStack Platform 4.0, utiliza una conexión HTTP para descargar (1) paquetes y (2) claves de firmas de repositorios Yum, lo que permite a atacantes man-... • http://rhn.redhat.com/errata/RHSA-2014-0579.html • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0041 – openstack-heat-templates: use of HTTPS url and sslverify=false
https://notcve.org/view.php?id=CVE-2014-0041
29 May 2014 — OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets sslverify to false for certain Yum repositories, which disables SSL protection and allows man-in-the-middle attackers to prevent updates via unspecified vectors. OpenStack Heat Templates (heat-templates), utilizado en Red Hat Enterprise Linux OpenStack Platform 4.0, configura sslverify a falso para ciertos repositorios Yum, lo que deshabilita protección SSL y permite a atacantes man-in-the-middle prev... • http://rhn.redhat.com/errata/RHSA-2014-0579.html • CWE-295: Improper Certificate Validation CWE-310: Cryptographic Issues •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2014-0042 – openstack-heat-templates: setting gpgcheck=0 for signed packages
https://notcve.org/view.php?id=CVE-2014-0042
29 May 2014 — OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets gpgcheck to 0 for certain templates, which disables GPG signature checking on downloaded packages and allows man-in-the-middle attackers to install arbitrary packages via unspecified vectors. OpenStack Heat Templates (heat-templates), utilizado en Red Hat Enterprise Linux OpenStack Platform 4.0, configura gpgcheck a 0 para ciertas plantillas, lo que deshabilita la comprobación de firmas GPG en paquete... • http://rhn.redhat.com/errata/RHSA-2014-0579.html • CWE-310: Cryptographic Issues CWE-494: Download of Code Without Integrity Check •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0071 – PackStack: Neutron Security Groups fail to block network traffic
https://notcve.org/view.php?id=CVE-2014-0071
04 Mar 2014 — PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections. PackStack en Red Hat OpenStack 4.0 no fuerza los grupos de seguridad por defecto cuando desplegados hacia Neutron, lo que permite a atacantes remotos evadir restricciones de acceso y hacer conexiones no autorizadas. PackStack is a command-line utility that uses Puppet modules to support rapid deployme... • http://rhn.redhat.com/errata/RHSA-2014-0233.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.6EPSS: 8%CPEs: 16EXPL: 0CVE-2013-6393 – libyaml: heap-based buffer overflow when parsing YAML tags
https://notcve.org/view.php?id=CVE-2013-6393
01 Feb 2014 — The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow. La función yaml_parser_scan_tag_uri en scanner.c en LibYAML anterior a 0.1.5 lleva a cabo un "cast" incorrecto, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) y prob... • http://advisories.mageia.org/MGASA-2014-0040.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-6491 – nova: qpid SSL configuration
https://notcve.org/view.php?id=CVE-2013-6491
31 Jan 2014 — The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network. El cliente python-qpid (common/rpc/impl_qpid.py) en OpenStack Oslo anterior a 2013.2 no fuerza conexiones SSL cuando qpid_protocol se establece a ssl, lo cual permite a atacantes remotos obtener información sensible escuchando la red. The openstack-nova packages provide OpenSt... • http://rhn.redhat.com/errata/RHSA-2014-0112.html • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2013-6391 – Keystone: trust circumvention through EC2-style tokens
https://notcve.org/view.php?id=CVE-2013-6391
14 Dec 2013 — The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2tokens API request. La API ec2tokens en OpenStack Identity (Keystone) anterior a de Havana 2013.2.1 y Icehouse anterior Icehouse-2 no devuelve una token de confianza de ámbito cuando se recibe uno, lo que permite a lo... • http://rhn.redhat.com/errata/RHSA-2014-0089.html • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-2029 – core: Insecure temporary file usage in nagios.upgrade_to_v3.sh
https://notcve.org/view.php?id=CVE-2013-2029
18 Nov 2013 — nagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others for Nagios Core 3.4.4, 3.5.1, and earlier, allows local users to overwrite arbitrary files via a symlink attack on a temporary nagioscfg file with a predictable name in /tmp/. nagios.upgrade_to_v3.sh, tal y como se distribuye por Red Hat y posiblemente otros Nagios Core 3.4.4, 3.5.1, y anteriores versiones, permite a usuarios locales sobreescribir archivos arbitrarios a través de un ataque symlink en un archivo nagioscfg temporal, con un... • http://rhn.redhat.com/errata/RHSA-2013-1526.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •