ShapeBlue Advisory on Libvirt 8+ Compatibility Issues with CloudStack
Overview As of the 4.15 release, CloudStack has supported various EL8 operating systems / hypervisors, namely RHEL 8, CentOS 8, Rocky Linux 8 (and in theory – as of CloudStack 4.16 – all other EL8 variants including e.g. Alma Linux 8) – for both management servers and hypervisors. Similarly, support for Ubuntu 20.04 was added […]
ShapeBlue Security Advisory – Spectre and Meltdown patches in CloudStack 4.9 and 4.11
Overview At the beginning of 2018 a number of vulnerabilities were discovered which allow malicious user space processes to read kernel memory and malicious code in VM guests to read hypervisor memory. These vulnerabilities affect most CPU manufacturers – Intel, AMD, ARM, MIPS, etc. The vulnerabilities were nicknamed “Spectre” and “Meltdown” and are outlined in […]
ShapeBlue Security Advisory – DNSMasq Vulnerabilities
A number of security flaws were recently found in the DNSMasq tool. This tool is used by many systems to provide DNS and DHCP services, including by the CloudStack System VMs.
This advisory explains their affect on CloudStack and how to patch CloudStack against these flaws.
Shapeblue Security Advisory For CVE-2016-6813: Apache CloudStack registerUserKeys authorization vulnerability
Overview Apache CloudStack provides a registerUserKeys API that allows a user to create or recreate a secret key and an API key to use for authentication when using the CloudStack API. A malicious user can request this API action in conjunction with the ID of another CloudStack user/account. The newly Overview Apache CloudStack provides a registerUserKeys API […]
Shapeblue Security Advisory For CVE-2016-3085: Apache CloudStack Authentication Bypass Vulnerability
Overview Apache CloudStack contains an authentication module providing “single sign-on” functionality via the SAML data format. Under certain conditions, a user could manage to access the user interface without providing proper credentials. As the SAML plugin is disabled by default, this issue only affects installations that have enabled and use SAML-based authentication. Mitigation: Users of […]
Shapeblue Security Advisory for CVE-2015-0235, aka the Ghost vulnerability
Overview A vulnerability has been recently disclosed by Qualys that could result in a remote attacker being able to execute malicious instructions on vulnerable systems. The vulnerability affects Linux based operating systems. This is better known as GHOST ‘glibc’ vulnerability (CVE-2015-0235): https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235 What is ShapeBlue Doing ShapeBlue has analysed the impact of this issue on Apache CloudStack (ACS). The […]
Shellshock and CloudStack
Shellshock is the family of bugs in the Unix Bash shell which allows an attacker to execute arbitrary commands on a vulnerable system potentially allowing an attacker to gain full access to that system. The bug (CVE-2014-6271) was first disclosed on 24 September 2014, upon closer inspection of the code, related vulnerabilities (CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, and CVE-2014-7187) were […]
Retirement of the realhostip.com Service
The realhostip.com service will be switched off on the 1st October 2014. Paul Angus looks at what it did, what effect the retirement will have and what you need to do to carry on working if you’re affected. What is realhostip.com? When you connect to the Console Proxy system VM or download a disk or […]
How to Mitigate OpenSSL HeartBleed Vulnerability in Apache CloudStack
UPDATE: 09-Apr-2014 – The proper upgrade command is “apt-get install openssl libssl1.0.0”. If you’ve just updated openssl, please go back and update libssl as well. UPDATE: 10-Apr-2014 – Added detailed verification steps / Apache CloudStack 4.0 – 4.1 are not vulnerable, they use older Debian/openssl. Thanks to all involved for helping to put together and update […]
