CVE-2012-3361

Currently unrated

Key Information:

Vendor: Openstack
Status: Essex; Folsom; Diablo
Vendor: CVE Published:; 22 July 2012

Summary

virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image.

References

http://secunia.com/advisories/49763

third-party-advisoryx_refsource_SECUNIA

https://review.openstack.org/#/c/9268/

x_refsource_CONFIRM

http://www.securityfocus.com/bid/54278

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jul 22, 2012
Vulnerability Reserved
Jun 14, 2012