Showing 1 - 1 of 1

CVE-2015-3252

Status Candidate

Overview

Apache CloudStack before 4.5.2 does not properly preserve VNC passwords when migrating KVM virtual machines, which allows remote attackers to gain access by connecting to the VNC server.

Related Files

Apache CloudStack 4.4.4 / 4.5.1 VNC Authentication Issue: Posted Feb 6, 2016; Authored by John Kinsella; Apache CloudStack sets a VNC password unique to each KVM virtual machine under management. Upon migrating a VM from one host to another, the VNC password is no longer set in KVM on the new host. To leverage this issue, an attacker would need to have network access to a CloudStack host to be able to connect via VNC directly. Versions 4.4.4 and 4.5.1 are affected.; tags | advisory; advisories | CVE-2015-3252; SHA-256 | 444ee4e43b5662436349058a9ae9bf309899af372366f8897acde09d71e4fb06; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 254 files
Ubuntu 59 files
LiquidWorm 28 files
indoushka 20 files
Debian 19 files
Apple 10 files
Google Security Research 7 files
Chokri Hammedi 3 files
Jann Horn 3 files
Emiliano Febbi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,154)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,754)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,190)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,958)
UNIX (9,473)
UnixWare (188)
Windows (6,784)
Other

CVE-2015-3252

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems