CVE-2012-3240
Published: 17 July 2012
The Walrus service in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 allows remote attackers to gain administrator privileges via a crafted REST request.
Notes
| Author | Note |
|---|---|
| jdstrand | Ubuntu 10.04 LTS is not affected requires backporting of Partitonn and Partitions which is very intrusive upstream did not release patches for the 2.0 series, so I contacted them for help (2012-08-17) no response from upstream as of 2012-09-24 |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
eucalyptus Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Not vulnerable
(code not present)
|
|
| natty |
Ignored
(end of life, was deferred)
|
|
| oneiric |
Ignored
(end of life)
|
|
| precise |
Not vulnerable
(3.1.0+deps-0precise1)
|
|
| quantal |
Does not exist
|
|
| raring |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
Patches: upstream: https://github.com/eucalyptus/eucalyptus/commit/eb36703c0ba7225de03e15885d5ca12a3f917734 upstream: https://github.com/eucalyptus/eucalyptus/commit/854ac92f6e15a00524729bef9af89f95cf34528d |
||