Ubuntu Update For Glance USN-2193-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Paul McMillan discovered that the Sheepdog backend in OpenStack Glance did not properly handle untrusted input. A remote authenticated attacker exploit this to execute arbitrary commands as the glance user.

Affected

glance on Ubuntu 13.10

Severity

Classification

CVE CVE-2014-0162
CVSS Base Score: 6.0
AV:N/AC:M/Au:S/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for apache2 vulnerabilities USN-499-1
Ubuntu Update for apache2 vulnerabilities USN-908-1
Ubuntu Update for apache2 USN-2299-1
Ubuntu Update for boost1.49 USN-1727-1
Ubuntu Update for compiz vulnerability USN-537-2

Ubuntu Update for glance USN-2193-1

Take action and discover your vulnerabilities