CVE-2011-4596 - OpenCVE

Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:S/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Openstack	Nova

Configuration 1 [-]

cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://bugs.launchpad.net/nova/+bug/885167
https://bugs.launchpad.net/nova/+bug/894755
https://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6
https://github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667e
https://lists.launchpad.net/openstack/msg06105.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-12-23T22:00:00Z

Updated: 2024-08-07T00:09:19.335Z

Reserved: 2011-11-29T00:00:00Z

Link: CVE-2011-4596

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2011-12-23T22:55:00.990

Modified: 2018-11-16T13:55:31.797

Link: CVE-2011-4596

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2011-12-23T22:00:00Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667e"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.launchpad.net/nova/+bug/894755"}, {"name": "[openstack] 20111213 [OSSA 2011-001] Path traversal issues registering malicious images using EC2 API (CVE-2011-4596)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.launchpad.net/openstack/msg06105.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.launchpad.net/nova/+bug/885167"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:09:19.335Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667e"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.launchpad.net/nova/+bug/894755"}, {"name": "[openstack] 20111213 [OSSA 2011-001] Path traversal issues registering malicious images using EC2 API (CVE-2011-4596)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.launchpad.net/openstack/msg06105.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.launchpad.net/nova/+bug/885167"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-4596", "state": "PUBLISHED", "dateReserved": "2011-11-29T00:00:00Z", "datePublished": "2011-12-23T22:00:00Z", "dateUpdated": "2024-08-07T00:09:19.335Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", "matchCriteriaId": "ADBD6357-A118-4AE8-9510-E81A7700EEEC", "versionEndExcluding": "2011.3.1", "versionStartIncluding": "2011.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in OpenStack Nova before 2011.3.1, when the EC2 API and the S3/RegisterImage image-registration method are enabled, allow remote authenticated users to overwrite arbitrary files via a crafted (1) tarball or (2) manifest."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de salto de directorio en OpenStack Nova anterior a v2011.3.1, cuando el EC2 API y el m\u00e9todo S3/RegisterImage image-registration est\u00e1n habilitados, cuando est\u00e1 habilitado register_globals, permite que usuarios remotos autenticados sobrescriban archivos arbitrarios a trav\u00e9s de una (1) tarball o (2) manifest manipulado."}], "id": "CVE-2011-4596", "lastModified": "2018-11-16T13:55:31.797", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2011-12-23T22:55:00.990", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://bugs.launchpad.net/nova/+bug/885167"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://bugs.launchpad.net/nova/+bug/894755"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://github.com/openstack/nova/commit/76363226bd8533256f7795bba358d7f4b8a6c9e6"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://github.com/openstack/nova/commit/ad3241929ea00569c74505ed002208ce360c667e"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://lists.launchpad.net/openstack/msg06105.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}