Solution
Please Install the Updated Packages.
Insight
Paul McMillan discovered that the Sheepdog backend in OpenStack Glance did not properly handle untrusted input. A remote authenticated attacker exploit this to execute arbitrary commands as the glance user.
Affected
glance on Ubuntu 13.10
Severity
Classification
-
CVE CVE-2014-0162 -
CVSS Base Score: 6.0
AV:N/AC:M/Au:S/C:P/I:P/A:P
Related Vulnerabilities