virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openstack essex 2012.1 |
||
openstack folsom 2012.2 |
||
openstack diablo 2011.3 |