Ubuntu Update For Nova USN-1305-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1305-1

Solution

Please Install the Updated Packages.

Insight

David Black discovered that Nova did not properly perform input validation during image registration. An attacker could exploit this by registering a crafted image using the EC2 API or S3/RegisterImage method and overwrite files as the nova user.

Affected

nova on Ubuntu 11.10

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-December/001524.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4596

CVSS	Base Score: 6.0 AV:N/AC:M/Au:S/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for cups USN-2144-1
Ubuntu Update for curl USN-1801-1
Ubuntu Update for apr-util vulnerability USN-1022-1
Ubuntu Update for dbus vulnerabilities USN-653-1
Ubuntu Update for clamav USN-2157-1

Ubuntu Update for nova USN-1305-1

Take action and discover your vulnerabilities