Contact Us
SECURITY BLOG SECURITY DASHBOARD PARTNERS PRODUCTS JOBS SERVICES COMPANY HOME
 
Security Dashboard | US-CERTs | SecurityFocus | Advisories | Exploits | Threats | Vulnerabilities | Risks
Network Security Consulting Advisories Article

OpenStack Compute (Nova) Security Bypass Vulnerability

http://www.securityfocus.com/bid/53875

Security Info

Bugtraq ID: 53875
Class: Input Validation Error
CVE: CVE-2012-2654
Remote: Yes
Local: No
Published: Jun 08 2012 12:00AM
Updated: Jun 23 2012 12:20AM
Credit: HP Cloud Services
Vulnerable: Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Ubuntu Ubuntu Linux 11.10 i386
Ubuntu Ubuntu Linux 11.10 amd64
Red Hat Fedora 16
Not Vulnerable:

Security Discussion

OpenStack Compute (Nova) is prone to a security-bypass vulnerability.

Successfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions.

OpenStack Compute (Nova) 2011.3, 2012.1 and 2012.2 are vulnerable.

Proof of Concept and Security Exploits

Currently, we are not aware of any exploits. If you feel we are in error or if you are aware of any more recent information, please mail us at:vuldb@securityfocus.com.

Security Solution(s)

Solution:
Updates are available. Please see the references for more information.

Security References(s)

References:

Contact Us

Security Penetration Testing

Security Questions

Security Dashboard

Emagined Security Blog featuring Dr. Eugene Schultz
Site Updated May 25, 2013
©2000-2013 Emagined Security
All Rights Reserved

Secure Web Programming
by Vizual Services