CVE-2014-0162

描述

The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or modify an image to execute arbitrary commands via a crafted location.

受影響套件(2)

• Debian/glancefrom 0, < 2014.1-1
• PyPI/glance>= 2013.2, < 2013.2.4

參考連結(10)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2014-0162
• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-0162
• PATCHhttps://opendev.org/openstack/glance
• WEBhttp://rhn.redhat.com/errata/RHSA-2014-0455.html
• WEBhttps://access.redhat.com/errata/RHSA-2014:0455
• WEBhttps://access.redhat.com/security/cve/CVE-2014-0162
• WEBhttps://bugzilla.redhat.com/show_bug.cgi?id=1085163
• WEBhttps://launchpad.net/bugs/1298698
• WEBhttp://www.openwall.com/lists/oss-security/2014/04/10/13
• WEBhttp://www.ubuntu.com/usn/USN-2193-1