Ubuntu Update For Nova USN-1709-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Phil Day discovered that nova-volume did not validate access to volumes. An authenticated attacker could exploit this to bypass intended access controls and boot from arbitrary volumes.

Affected

nova on Ubuntu 12.10 , Ubuntu 12.04 LTS , Ubuntu 11.10

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2013-January/001977.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-0208

CVSS	Base Score: 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for apache2 vulnerabilities USN-499-1
Ubuntu Update for acpi-support USN-2297-1
Ubuntu Update for apt USN-1762-1
Ubuntu Update for dbus USN-1576-2
Ubuntu Update for bind9 vulnerability USN-491-1

Ubuntu Update for nova USN-1709-1

Take action and discover your vulnerabilities