CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2014-0042 – openstack-heat-templates: setting gpgcheck=0 for signed packages
https://notcve.org/view.php?id=CVE-2014-0042
29 May 2014 — OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets gpgcheck to 0 for certain templates, which disables GPG signature checking on downloaded packages and allows man-in-the-middle attackers to install arbitrary packages via unspecified vectors. OpenStack Heat Templates (heat-templates), utilizado en Red Hat Enterprise Linux OpenStack Platform 4.0, configura gpgcheck a 0 para ciertas plantillas, lo que deshabilita la comprobación de firmas GPG en paquete... • http://rhn.redhat.com/errata/RHSA-2014-0579.html • CWE-310: Cryptographic Issues CWE-494: Download of Code Without Integrity Check •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0071 – PackStack: Neutron Security Groups fail to block network traffic
https://notcve.org/view.php?id=CVE-2014-0071
04 Mar 2014 — PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections. PackStack en Red Hat OpenStack 4.0 no fuerza los grupos de seguridad por defecto cuando desplegados hacia Neutron, lo que permite a atacantes remotos evadir restricciones de acceso y hacer conexiones no autorizadas. PackStack is a command-line utility that uses Puppet modules to support rapid deployme... • http://rhn.redhat.com/errata/RHSA-2014-0233.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.6EPSS: 8%CPEs: 16EXPL: 0CVE-2013-6393 – libyaml: heap-based buffer overflow when parsing YAML tags
https://notcve.org/view.php?id=CVE-2013-6393
01 Feb 2014 — The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow. La función yaml_parser_scan_tag_uri en scanner.c en LibYAML anterior a 0.1.5 lleva a cabo un "cast" incorrecto, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) y prob... • http://advisories.mageia.org/MGASA-2014-0040.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2013-6391 – Keystone: trust circumvention through EC2-style tokens
https://notcve.org/view.php?id=CVE-2013-6391
14 Dec 2013 — The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to gain privileges by generating EC2 credentials from a trust-scoped token and using them in an ec2tokens API request. La API ec2tokens en OpenStack Identity (Keystone) anterior a de Havana 2013.2.1 y Icehouse anterior Icehouse-2 no devuelve una token de confianza de ámbito cuando se recibe uno, lo que permite a lo... • http://rhn.redhat.com/errata/RHSA-2014-0089.html • CWE-269: Improper Privilege Management •