 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.12.2023.6067.1 |
| Category: | Ubuntu Local Security Checks |
| Title: | Ubuntu: Security Advisory (USN-6067-1) |
| Summary: | The remote host is missing an update for the 'neutron' package(s) announced via the USN-6067-1 advisory. |
| Description: | Summary: The remote host is missing an update for the 'neutron' package(s) announced via the USN-6067-1 advisory. Vulnerability Insight: David Sinquin discovered that OpenStack Neutron incorrectly handled the default Open vSwitch firewall rules. An attacker could possibly use this issue to impersonate the IPv6 addresses of other systems on the network. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-20267) Jake Yip and Justin Mammarella discovered that OpenStack Neutron incorrectly handled the linuxbridge driver when ebtables-nft is being used. An attacker could possibly use this issue to impersonate the hardware addresss of other systems on the network. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-38598) Pavel Toporkov discovered that OpenStack Neutron incorrectly handled extra_dhcp_opts values. An attacker could possibly use this issue to reconfigure dnsmasq. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40085) Slawek Kaplonski discovered that OpenStack Neutron incorrectly handled the routes middleware. An attacker could possibly use this issue to cause the API worker to consume memory, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-40797) It was discovered that OpenStack Neutron incorrectly handled certain queries. A remote authenticated user could possibly use this issue to cause resource consumption, leading to a denial of service. (CVE-2022-3277) Affected Software/OS: 'neutron' package(s) on Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04. Solution: Please install the updated package(s). CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2021-20267 https://bugzilla.redhat.com/show_bug.cgi?id=1934330 http://www.openwall.com/lists/oss-security/2021/07/12/2 Common Vulnerability Exposure (CVE) ID: CVE-2021-38598 https://launchpad.net/bugs/1938670 Common Vulnerability Exposure (CVE) ID: CVE-2021-40085 Debian Security Information: DSA-4983 (Google Search) https://www.debian.org/security/2021/dsa-4983 https://launchpad.net/bugs/1939733 https://security.openstack.org/ossa/OSSA-2021-005.html https://lists.debian.org/debian-lts-announce/2021/10/msg00005.html https://lists.debian.org/debian-lts-announce/2022/05/msg00038.html http://www.openwall.com/lists/oss-security/2021/08/31/2 Common Vulnerability Exposure (CVE) ID: CVE-2021-40797 https://launchpad.net/bugs/1942179 http://www.openwall.com/lists/oss-security/2021/09/09/2 Common Vulnerability Exposure (CVE) ID: CVE-2022-3277 https://bugs.launchpad.net/neutron/+bug/1988026 https://bugzilla.redhat.com/show_bug.cgi?id=2129193 |
| Copyright | Copyright (C) 2023 Greenbone AG |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |