Test ID:	1.3.6.1.4.1.25623.1.0.841942
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-2321-1)
Summary:	The remote host is missing an update for the 'neutron' package(s) announced via the USN-2321-1 advisory.
Description:	Summary: The remote host is missing an update for the 'neutron' package(s) announced via the USN-2321-1 advisory. Vulnerability Insight: Liping Mao discovered that OpenStack Neutron did not properly handle requests for a large number of allowed address pairs. A remote authenticated attacker could exploit this to cause a denial of service. (CVE-2014-3555) Zhi Kun Liu discovered that OpenStack Neutron incorrectly filtered certain tokens. An attacker could possibly use this issue to obtain authentication tokens used in REST requests. (CVE-2014-4615) Affected Software/OS: 'neutron' package(s) on Ubuntu 14.04. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3555 60766 http://secunia.com/advisories/60766 60804 http://secunia.com/advisories/60804 68765 http://www.securityfocus.com/bid/68765 RHSA-2014:1119 http://rhn.redhat.com/errata/RHSA-2014-1119.html RHSA-2014:1120 http://rhn.redhat.com/errata/RHSA-2014-1120.html [openstack-announce] 20140721 [OSSA 2014-025] Denial of Service in Neutron allowed address pair (CVE-2014-3555) http://lists.openstack.org/pipermail/openstack-announce/2014-July/000255.html [oss-security] 20140721 [OSSA 2014-025] Denial of Service in Neutron allowed address pair (CVE-2014-3555) http://seclists.org/oss-sec/2014/q3/200 https://bugs.launchpad.net/neutron/+bug/1336207 Common Vulnerability Exposure (CVE) ID: CVE-2014-4615 BugTraq ID: 68149 http://www.securityfocus.com/bid/68149 http://www.openwall.com/lists/oss-security/2014/06/23/8 http://www.openwall.com/lists/oss-security/2014/06/24/6 http://www.openwall.com/lists/oss-security/2014/06/25/6 RedHat Security Advisories: RHSA-2014:1050 http://rhn.redhat.com/errata/RHSA-2014-1050.html http://secunia.com/advisories/60643 http://secunia.com/advisories/60736 http://www.ubuntu.com/usn/USN-2311-1
Copyright	Copyright (C) 2014 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.