CVSS: 7.8EPSS: 8%CPEs: 52EXPL: 7CVE-2017-1000366 – Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic Stack Clash' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-1000366
19 Jun 2017 — glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier. Glibc contiene una vulnerabilidad que permite que los valores LD_LIBRARY_PATH esp... • https://packetstorm.news/files/id/154361 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7514
https://notcve.org/view.php?id=CVE-2015-7514
07 Jun 2017 — OpenStack Ironic 4.2.0 through 4.2.1 does not "clean" the disk after use, which allows remote authenticated users to obtain sensitive information. OpenStack Ironic versión 4.2.0 hasta la 4.2.1 no "limpia" el disco después del uso, lo que permite a los usuarios autenticados remotos obtener información confidencial. • http://www.openwall.com/lists/oss-security/2015/12/03/4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2621 – openstack-heat: /var/log/heat/ is world readable
https://notcve.org/view.php?id=CVE-2017-2621
18 May 2017 — An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information. Se ha encontrado un fallo de control de acceso en OpenStack Orchestration (heat) en versiones anteriores a la 8.0.0, 6.1.0 y 7.0.2, en el que un directorio de registro de servicio se hacía legible para todos los usuarios de manera incorrecta. Un usuario ma... • http://www.securityfocus.com/bid/96280 • CWE-532: Insertion of Sensitive Information into Log File CWE-552: Files or Directories Accessible to External Parties •
CVSS: 4.8EPSS: 0%CPEs: 19EXPL: 0CVE-2017-7400 – python-django-horizon: XSS in federation mappings UI
https://notcve.org/view.php?id=CVE-2017-7400
03 Apr 2017 — OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and 11.0.0 allows remote authenticated administrators to conduct XSS attacks via a crafted federation mapping. OpenStack Horizon 9.x a través de 9.1.1, 10.x en versiones hasta 10.0.2 y 11.0.0 permite a los administradores autenticados remotos realizar ataques XSS a través de una asignación de federación manipulada. A cross-site scripting flaw was discovered in the OpenStack dashboard (horizon) which allowed remote authenticated administrators to cond... • http://www.securityfocus.com/bid/97324 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8234
https://notcve.org/view.php?id=CVE-2015-8234
29 Mar 2017 — The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process via a crafted image, which triggers an MD5 collision. El algoritmo de firma de imagen en OpenStack Glance 11.0.0 permite a atacantes remotos evitar el proceso de verificación de firma a través de una imagen manipulada, lo que desencadena en una colisión MD5. • http://seclists.org/oss-sec/2015/q4/303 • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 1%CPEs: 12EXPL: 0CVE-2017-7214 – openstack-nova: Sensitive information included in legacy notification exception contexts
https://notcve.org/view.php?id=CVE-2017-7214
21 Mar 2017 — An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level logs may include sensitive information such as account passwords and authorization tokens. Un problema ha sido descubierto en exception_wrapper.py en OpenStack Nova 13.x en versiones hasta 13.1.3, 14.x en versiones hasta 14.0.4 y 15.x en versiones hasta 15.0.1. Los contextos de legado excepción de notificación que... • http://www.securityfocus.com/bid/96998 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7200
https://notcve.org/view.php?id=CVE-2017-7200
21 Mar 2017 — An SSRF issue was discovered in OpenStack Glance before Newton. The 'copy_from' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to enumerate internal network details while appearing masked, since the scan would appear to originate from the Glance Image service. Un problema SSRF ha sido descubierto en OpenStack Glance en versiones anteriores a Newt... • http://www.securityfocus.com/bid/96988 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2592 – python-oslo-middleware: CatchErrors leaks sensitive values into error logs
https://notcve.org/view.php?id=CVE-2017-2592
23 Feb 2017 — python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is vulnerable to an information disclosure. Software using the CatchError class could include sensitive values in a traceback's error message. System users could exploit this flaw to obtain sensitive information from OpenStack component error logs (for example, keystone tokens). python-oslo-middleware en versiones anteriores a la 3.8.1, 3.19.1 y 3.23.1 es vulnerable a una divulgación de información. El software que emplea la clase CatchError inclu... • http://lists.openstack.org/pipermail/openstack-announce/2017-January/002002.html • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2017-5936 – Ubuntu Security Notice USN-3195-1
https://notcve.org/view.php?id=CVE-2017-5936
10 Feb 2017 — OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions. OpenStack Nova-LXD en versiones anteriores a 13.1.1 usa el nombre incorrecto en los pares veth cuando se aplican las reglas del grupo de seguridad Neutron por instancias, lo que permite a atacantes remotos eludir las restricciones de seguridad previstas. James Page discovered that Nova-LXD incorrectly set up ... • http://www.openwall.com/lists/oss-security/2017/02/09/3 •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2016-9590 – puppet-swift: installs config file with world readable permissions
https://notcve.org/view.php?id=CVE-2016-9590
27 Jan 2017 — puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director's installation of Object Storage (swift). During installation, the Puppet script responsible for deploying the service incorrectly removes and recreates the proxy-server.conf file with world-readable permissions. puppet-swift en versiones anteriores a la 8.2.1 y 9.4.4 es vulnerable a la divulgación de información en la instalación de Object Storage (swift) de Red Hat OpenStack Platform... • http://rhn.redhat.com/errata/RHSA-2017-0200.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •