CVE-2011-0730

Eucalyptus before 2.0.3 and Eucalyptus EE before 2.0.2, as used in Ubuntu Enterprise Cloud (UEC) and other products, do not properly interpret signed elements in SOAP requests, which allows man-in-the-middle attackers to execute arbitrary commands by modifying a request, related to an "XML Signature Element Wrapping" or a "SOAP signature replay" issue.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:eucalyptus:eucalyptus:*:*:*:*:*:*:*:*
cpe:2.3:a:eucalyptus:eucalyptus:*:*:*:*:enterprise:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*

Information

Published : 2011-06-02 12:55

Updated : 2018-11-29 07:49


NVD link : CVE-2011-0730

Mitre link : CVE-2011-0730


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

canonical

  • ubuntu_linux

eucalyptus

  • eucalyptus