Ubuntu Local Security Checks : Ubuntu Update for glance USN-1626-2

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.841214

Categoría: Ubuntu Local Security Checks

Título: Ubuntu Update for glance USN-1626-2

Resumen: Ubuntu Update for Linux kernel vulnerabilities USN-1626-2

Descripción: Summary:
Ubuntu Update for Linux kernel vulnerabilities USN-1626-2

Vulnerability Insight:
USN-1626-1 fixed vulnerabilities in the v1 API of Glance. This update
provides the corresponding updates for the v2 API.

Original advisory details:

Gabe Westmaas discovered that Glance did not always properly enforce access
controls when deleting images. An authenticated user could delete arbitrary
images by using the v1 API under certain circumstances.

Affected Software/OS:
glance on Ubuntu 12.10

Solution:
Please Install the Updated Packages.

CVSS Score:
5.5

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-4573
BugTraq ID: 56437
http://www.securityfocus.com/bid/56437
http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092192.html
http://packetstormsecurity.com/files/118733/Red-Hat-Security-Advisory-2012-1558-01.html
http://www.openwall.com/lists/oss-security/2012/11/07/6
http://www.openwall.com/lists/oss-security/2012/11/09/5
http://osvdb.org/87248
RedHat Security Advisories: RHSA-2012:1558
http://rhn.redhat.com/errata/RHSA-2012-1558.html
http://secunia.com/advisories/51174
http://secunia.com/advisories/51234
SuSE Security Announcement: SUSE-SU-2012:1455 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00002.html
http://www.ubuntu.com/usn/USN-1626-1
http://www.ubuntu.com/usn/USN-1626-2
XForce ISS Database: openstack-glance-sec-bypass(79895)
https://exchange.xforce.ibmcloud.com/vulnerabilities/79895

Copyright Copyright (c) 2012 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.841214
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu Update for glance USN-1626-2
Resumen:	Ubuntu Update for Linux kernel vulnerabilities USN-1626-2
Descripción:	Summary: Ubuntu Update for Linux kernel vulnerabilities USN-1626-2 Vulnerability Insight: USN-1626-1 fixed vulnerabilities in the v1 API of Glance. This update provides the corresponding updates for the v2 API. Original advisory details: Gabe Westmaas discovered that Glance did not always properly enforce access controls when deleting images. An authenticated user could delete arbitrary images by using the v1 API under certain circumstances. Affected Software/OS: glance on Ubuntu 12.10 Solution: Please Install the Updated Packages. CVSS Score: 5.5 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-4573 BugTraq ID: 56437 http://www.securityfocus.com/bid/56437 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092192.html http://packetstormsecurity.com/files/118733/Red-Hat-Security-Advisory-2012-1558-01.html http://www.openwall.com/lists/oss-security/2012/11/07/6 http://www.openwall.com/lists/oss-security/2012/11/09/5 http://osvdb.org/87248 RedHat Security Advisories: RHSA-2012:1558 http://rhn.redhat.com/errata/RHSA-2012-1558.html http://secunia.com/advisories/51174 http://secunia.com/advisories/51234 SuSE Security Announcement: SUSE-SU-2012:1455 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00002.html http://www.ubuntu.com/usn/USN-1626-1 http://www.ubuntu.com/usn/USN-1626-2 XForce ISS Database: openstack-glance-sec-bypass(79895) https://exchange.xforce.ibmcloud.com/vulnerabilities/79895
Copyright	Copyright (c) 2012 Greenbone Networks GmbH