Ubuntu Update For Nova USN-1326-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1326-1

Solution

Please Install the Updated Packages.

Insight

Nachi Ueno, Rohit Karajgi, and Venkatesan Ravikumar discovered that when Nova is configured to use the OpenStack API, it would not correctly enforce access controls on certain incoming requests. A remote authenticated attacker could exploit this to change resources of arbitrary tenants.

Affected

nova on Ubuntu 11.10

Severity

Classification

CVE CVE-2012-0030

CVSS	Base Score: 4.9 AV:N/AC:M/Au:S/C:N/I:P/A:P

Related Vulnerabilities

Ubuntu Update for awstats vulnerability USN-686-1
Ubuntu Update for apt USN-2246-1
Ubuntu Update for compiz vulnerability USN-537-2
Ubuntu Update for curl USN-2058-1
Ubuntu Update for clamav USN-1816-1

Ubuntu Update for nova USN-1326-1

Take action and discover your vulnerabilities