CVE-2011-0730
N/A
N/A
Summary
Eucalyptus before 2.0.3 and Eucalyptus EE before 2.0.2, as used in Ubuntu Enterprise Cloud (UEC) and other products, do not properly interpret signed elements in SOAP requests, which allows man-in-the-middle attackers to execute arbitrary commands by modifying a request, related to an "XML Signature Element Wrapping" or a "SOAP signature replay" issue.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://open.eucalyptus.com/wiki/esa-02
- http://secunia.com/advisories/44705
- http://launchpadlibrarian.net/72472626/eucalyptus_2.0.1%2Bbzr1256-0ubuntu5_2.0.1%2Bbzr1256-0ubuntu6.diff.gz
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67670
- http://www.ubuntu.com/usn/USN-1137-1
- https://bugs.launchpad.net/bugs/746101
- http://www.securityfocus.com/bid/48000
- https://launchpad.net/ubuntu/+source/eucalyptus/+changelog
References
- http://open.eucalyptus.com/wiki/esa-02
- http://secunia.com/advisories/44705
- http://launchpadlibrarian.net/72472626/eucalyptus_2.0.1%2Bbzr1256-0ubuntu5_2.0.1%2Bbzr1256-0ubuntu6.diff.gz
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67670
- http://www.ubuntu.com/usn/USN-1137-1
- https://bugs.launchpad.net/bugs/746101
- http://www.securityfocus.com/bid/48000
- https://launchpad.net/ubuntu/+source/eucalyptus/+changelog
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.