CVE-2012-3447
https://notcve.org/view.php?id=CVE-2012-3447
virt/disk/api.py in OpenStack Compute (Nova) 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3361. virt/disk/api.py en OpenStack Compute (Nova) v2012.1.x antes de v2012.1.2 y Folsom antes de Folsom-3 permite a usuarios remotos autenticados sobreescribir archivos de su elección mediante un ataque de enlaces simbólicos en una imagen que utiliza un enlace simbólico que es sólo legible por el usuario root. NOTA: esta vulnerabilidad se debe a un arreglo incompleto para CVE-2012-3361. • http://www.openwall.com/lists/oss-security/2012/08/07/1 http://www.securityfocus.com/bid/54869 https://bugs.launchpad.net/nova/+bug/1031311 https://bugzilla.redhat.com/show_bug.cgi?id=845106 https://exchange.xforce.ibmcloud.com/vulnerabilities/77539 https://github.com/openstack/nova/commit/ce4b2e27be45a85b310237615c47eb53f37bb5f3 https://github.com/openstack/nova/commit/d9577ce9f266166a297488445b5b0c93c1ddb368 https://review.openstack.org/#/c/10953 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-2101
https://notcve.org/view.php?id=CVE-2012-2101
Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules. Openstack Compute (Nova) Folsom v2012.1 y v2011.3 no limitan el número de reglas de seguridad del grupo, lo que permite causar una denegación de servicio (excesivo consumo de CPU y de disco duro) a usuarios remotos autenticados con determinados permisos a través de una solicitud de red que provoca una gran número de reglas de iptables. • http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html http://secunia.com/advisories/49034 http://secunia.com/advisories/49048 http://ubuntu.com/usn/usn-1438-1 http://www.osvdb.org/81641 https://bugs.launchpad.net/nova/+bug/969545 https://exchange.xforce.ibmcloud.com/vulnerabilities/75243 https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7 https://github.com/opens • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-1585
https://notcve.org/view.php?id=CVE-2012-1585
OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name. OpenStack Compute (Nova) Essex antes de v2011.3 permite a usuarios remotos autenticados provocar una denegación de servicio (por consumo de disco al actualizar el fichero de log de Nova-API) a través de un nombre de servidor demasiado largo. • http://lwn.net/Alerts/491298 http://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html https://bugs.launchpad.net/nova/+bug/962515 • CWE-399: Resource Management Errors •
CVE-2012-0030
https://notcve.org/view.php?id=CVE-2012-0030
Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified project_id URI parameter. Nova v2011.3 y Essex, cuando usan la API OpenStack, permite a usuarios remotos autenticados eludir las restricciones de acceso mediante una solicitud con un parámetro URI project_id modificado. • http://secunia.com/advisories/47543 http://www.securityfocus.com/bid/51370 http://www.ubuntu.com/usn/USN-1326-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/72296 https://github.com/openstack/nova/commit/3d4ffb64f1e18117240c26809788528979e3bd15#diff-0 https://lists.launchpad.net/openstack/msg06648.html • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-4596
https://notcve.org/view.php?id=CVE-2011-4596
Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest. Múltiples vulnerabilidades de salto de directorio en OpenStack Nova anterior a v2011.3.1, cuando el EC2 API y el método S3/RegisterImage image-registration están habilitados, cuando está habilitado register_globals, permite que usuarios remotos autenticados sobrescriban archivos arbitrarios a través de una (1) tarball o (2) manifest manipulado. • https://bugs.launchpad.net/nova/+bug/885167 https://bugs.launchpad.net/nova/+bug/894755 https://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6 https://github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667e https://lists.launchpad.net/openstack/msg06105.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •