Ubuntu Update For Glance USN-2003-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Stuart McLaren discovered that Glance did not properly enforce the 'download_image' policy for cached images. An authenticated user could exploit this to obtain sensitive information in an image protected by this setting.

Affected

glance on Ubuntu 13.04 , Ubuntu 12.10

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2013-October/002290.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-4428

CVSS	Base Score: 3.5 AV:N/AC:M/Au:S/C:P/I:N/A:N

Related Vulnerabilities

Ubuntu Update for linux-lts-trusty USN-2313-1
Ubuntu Update for puppet USN-2077-1
Ubuntu Update for cups USN-2293-1
Ubuntu Update for apache2 USN-1627-1
Ubuntu Update for remote-login-service USN-1624-1

Ubuntu Update for glance USN-2003-1

Take action and discover your vulnerabilities