<!DOCTYPE html>
<html lang="de" prefix="og: http://ogp.me/ns#">
<head>

<title>Apache CloudStack bis 4.5.1 KVM Virtual Machine Migration Handler erweiterte Rechte</title>
<base href="https://tsecurity.de">

<link rel="canonical" href="https://tsecurity.de/de/24185/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-CloudStack-bis-4.5.1-KVM-Virtual-Machine-Migration-Handler-erweiterte-Rechte/" />
<meta charset="utf-8">
<link rel="manifest" href="/manifest.json">

<meta name="subject" content="IT Sicherheit Nachrichtenportal">
<meta name="distribution" content="Global">
<meta name="coverage" content="Worldwide">

<meta name="category" content="Nachrichtenportal">
<meta name="directory" content="submission">
<meta name="owner" content="Bludau Media">
<meta name="rating" content="general">
<meta name="web_author" content="Jan Bludau" />

<meta name="description" content="🚀✅ TOP aktuelle IT Sicherheit Nachrichten aus über 420 RSS IT Security Quellen. Team IT Security alle 15 Minuten aktuallisiert. ✅ IT Security ist abonierbar per RSS-Feed. ✅ Werde auch du Teil von der IT Sicherheit Community TEAM IT SECURITY.">
<meta name="email" content="kontakt@tsecurity.de" />
<meta property="fb:page_id" content="640127549484944" />
<meta name="format-detection" content="telephone=yes">
<meta name="mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="application-name" content="Team Security">
<meta name="apple-mobile-web-app-title" content="tsecurity">
<meta name="theme-color" content="#2196f3">
<meta name="msapplication-navbutton-color" content="#2196f3">
<meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">
<meta name="msapplication-starturl" content="/?pk_campaign=PWA&pk_kwd=startup">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<link rel="alternate" type="application/rss+xml" title="Team IT Security Nachrichtenportal" href="https://tsecurity.de/it-security-feed/Alle-Kategorien%7C1" />
<link rel="icon" type="image/png" sizes="192x192" href="/templates/tsecurity.de/media/xlogo-social-media.png.pagespeed.ic.O0R81RBjg2.jpg">
<link rel="apple-touch-icon" type="image/png" sizes="192x192" href="/templates/tsecurity.de/media/xlogo-social-media.png.pagespeed.ic.O0R81RBjg2.jpg">
<link rel="icon" type="image/png" sizes="512x512" href="/templates/tsecurity.de/media/xlogo-social-media.png.pagespeed.ic.O0R81RBjg2.jpg">
<link rel="apple-touch-icon" type="image/png" sizes="512x512" href="/templates/tsecurity.de/media/xlogo-social-media.png.pagespeed.ic.O0R81RBjg2.jpg">
<link rel="alternate" id="alternate-androidapp" href="android-app://com.companyname.Xamarin_TSecurity" />
<meta content="INDEX,FOLLOW" name="robots">
<meta name="msvalidate.01" content="AB583A6651F52B82FC00782C07C74C10" />

<meta name="copyright" content="Team Security">
<meta name="page-topic" content="Nachrichtenportal,IT-Sicherheit,IT-Security">
<meta name="revisit-after" content="7 days">
<meta property="og:locale" content="de_DE" />
<meta property="og:type" content="article" />
<meta property="og:site_name" content="Team IT Security" />
<meta property="og:title" content="Apache CloudStack bis 4.5.1 KVM Virtual Machine Migration Handler erweiterte Rechte" />
<meta property="og:description" content="Allgemein

	scipID: 80823
Betroffen: Apache CloudStack bis 4.5.1
Ver&ouml;ffentlicht: 08.02.2016
Risiko: kritisch

	Erstellt: 09.02.2016
Eintrag: 66.8% komplett

	Beschreibung

	Es wurde eine kritische Schwachstelle in Apache CloudStack bis 4.5.1 gefunden. Dabei betrifft es eine unbekannte Funktion der Komponente KVM Virtual Machine Migration Handler. Mittels Manipulieren mit einer unbekannten Eingabe kann eine erweiterte Rechte-Schwachstelle ausgenutzt werden. Auswirken tut sich dies auf Vertraulichkeit, Integrit&auml;t und Verf&uuml;gbarkeit. Die Zusammenfassung von CVE lautet: 

	
		Apache CloudStack before 4.5.2 does not properly preserve VNC passwords when migrating KVM virtual machines, which allows remote attackers to gain access by connecting to the VNC server.
	

	Die Schwachstelle wurde am 08.02.2016 publiziert. Die Identifikation der Schwachstelle wird mit CVE-2015-3252 vorgenommen. Der Angriff kann &uuml;ber das Netzwerk erfolgen. Technische Details sind nicht bekannt und ein Exploit zur Schwachstelle ist ebenfalls nicht vorhanden. 

 Ein Aktualisieren auf die Version 4.5.2 vermag dieses Problem zu l&ouml;sen. Von weiterem Interesse k&ouml;nnen die folgenden Eintr&auml;ge sein: 80822.

	CVSS

	Base Score: 6.0 (CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P) [?]
Temp Score: 5.2 (CVSS2#E:ND/RL:OF/RC:ND) [?]

	CPE

	cpe:/a:apache:cloudstack:4.5.0
		cpe:/a:apache:cloudstack:4.5.1
	Exploiting

	Klasse: Erweiterte Rechte
Lokal: Nein
Remote: Ja

	Verf&uuml;gbarkeit: Nein

	Aktuelle Preissch&auml;tzung: $10k-$25k (0-day) / $5k-$10k (Heute)

	Gegenmassnahmen

	Empfehlung: Upgrade
Status: Offizieller Fix
0-Day Time: 0 Tage seit gefunden

	Upgrade: CloudStack 4.5.2

	Timeline

	08.02.2016 | Advisory ver&ouml;ffentlicht09.02.2016 | VulDB Eintrag erstellt09.02.2016 | VulDB Eintrag aktualisiert

	Quellen

	CVE: CVE-2015-3252 (mitre.org) (nvd.nist.org) (cvedetails.com)

	Siehe auch: 80822" />
<meta name="coverage" content="Worldwide">
<meta property="og:url" content="https://tsecurity.de/de/24185/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-CloudStack-bis-4.5.1-KVM-Virtual-Machine-Migration-Handler-erweiterte-Rechte/" />
<meta property="og:image" content="https://tsecurity.de/templates/tsecurity.de/media/logo-social-media.png" />
<meta property="og:image:width" content="200" />
<meta property="og:image:height" content="200" />

<meta name="twitter:creator" content="@thE_iNviNciblE0">
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:site" content="@security_de" />
<meta name="twitter:title" content="Apache CloudStack bis 4.5.1 KVM Virtual Machine Migration Handler erweiterte Rechte" />
<meta name="twitter:description" content="Allgemein

	scipID: 80823
Betroffen: Apache CloudStack bis 4.5.1
Ver&ouml;ffentlicht: 08.02.2016
Risiko: kritisch

	Erstellt: 09.02.2016
Eintrag: 66.8% komplett

	Beschreibung

	Es wurde eine kritische Schwachstelle in Apache CloudStack bis 4.5.1 gefunden. Dabei betrifft es eine unbekannte Funktion der Komponente KVM Virtual Machine Migration Handler. Mittels Manipulieren mit einer unbekannten Eingabe kann eine erweiterte Rechte-Schwachstelle ausgenutzt werden. Auswirken tut sich dies auf Vertraulichkeit, Integrit&auml;t und Verf&uuml;gbarkeit. Die Zusammenfassung von CVE lautet: 

	
		Apache CloudStack before 4.5.2 does not properly preserve VNC passwords when migrating KVM virtual machines, which allows remote attackers to gain access by connecting to the VNC server.
	

	Die Schwachstelle wurde am 08.02.2016 publiziert. Die Identifikation der Schwachstelle wird mit CVE-2015-3252 vorgenommen. Der Angriff kann &uuml;ber das Netzwerk erfolgen. Technische Details sind nicht bekannt und ein Exploit zur Schwachstelle ist ebenfalls nicht vorhanden. 

 Ein Aktualisieren auf die Version 4.5.2 vermag dieses Problem zu l&ouml;sen. Von weiterem Interesse k&ouml;nnen die folgenden Eintr&auml;ge sein: 80822.

	CVSS

	Base Score: 6.0 (CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P) [?]
Temp Score: 5.2 (CVSS2#E:ND/RL:OF/RC:ND) [?]

	CPE

	cpe:/a:apache:cloudstack:4.5.0
		cpe:/a:apache:cloudstack:4.5.1
	Exploiting

	Klasse: Erweiterte Rechte
Lokal: Nein
Remote: Ja

	Verf&uuml;gbarkeit: Nein

	Aktuelle Preissch&auml;tzung: $10k-$25k (0-day) / $5k-$10k (Heute)

	Gegenmassnahmen

	Empfehlung: Upgrade
Status: Offizieller Fix
0-Day Time: 0 Tage seit gefunden

	Upgrade: CloudStack 4.5.2

	Timeline

	08.02.2016 | Advisory ver&ouml;ffentlicht09.02.2016 | VulDB Eintrag erstellt09.02.2016 | VulDB Eintrag aktualisiert

	Quellen

	CVE: CVE-2015-3252 (mitre.org) (nvd.nist.org) (cvedetails.com)

	Siehe auch: 80822" />
<meta name="twitter:image" content="https://tsecurity.de/templates/tsecurity.de/media/logo-social-media.png" />
<meta name="twitter:image:alt" content="Team IT Security Logo" />
<meta name="audience" content="alle">
<link rel="alternate" hreflang="de" href="https://tsecurity.de/de/24185/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-CloudStack-bis-4.5.1-KVM-Virtual-Machine-Migration-Handler-erweiterte-Rechte/" />
<link rel="alternate" type="application/rss+xml" title="ALLE INHALTE News Feed" href="https://tsecurity.de/it-security-feed/Alle-Kategorien|1" />
<link rel="alternate" type="application/rss+xml" title="IT-SECURITY News Feed" href="https://tsecurity.de/it-security-feed/IT-Security%7C3" />
<link rel="alternate" type="application/rss+xml" title="Sicherheitslücken News Feed" href="https://tsecurity.de/it-security-feed/Sicherheitsl%C3%BCcken-%2F-Exploits|10" />
<link rel="alternate" type="application/rss+xml" title="IT Security Video Feed" href="https://tsecurity.de/it-security-feed/IT-Security-Video|6" />
<link rel="alternate" type="application/rss+xml" title="REVERSE Engineering News Feed" href="https://tsecurity.de/it-security-feed/Reverse-Engineering|9" />
<link rel="alternate" type="application/rss+xml" title="ALLE BETRIEBSTEM News Feed" href="https://tsecurity.de/it-security-feed/Betriebssysteme|14" />
<link rel="alternate" type="application/rss+xml" title="ALLE BETRIEBSTEM News Feed" href="https://tsecurity.de/it-security-feed/Exploit-Source-Codes|11 />	
	 
	    <link rel=" icon" type="image/png" sizes="32x32" href="/templates/tsecurity.de/media/tsecurity.ico">
<meta name="google-site-verification" content="vmdp2sS6_oJvt7FFOVJUcWIDaW1e3pwD1WZFm_jgPfg" />

<link rel="dns-prefetch" href="https://fonts.googleapis.com">
<link rel="dns-prefetch" href="https://cdnjs.cloudflare.com">
<link rel="dns-prefetch" src="http://www.youtube.com/">
<link rel="preconnect" src="http://www.youtube.com/">
<link rel="preconnect" href="https://cdnjs.cloudflare.com">
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://translate.googleapis.com">
<link rel="preconnect" href="https://adservice.google.com">

<script src="https://www.youtube.com/player_api"></script>
<script>function detectmob(){if(navigator.userAgent.match(/Android/i)||navigator.userAgent.match(/webOS/i)||navigator.userAgent.match(/iPhone/i)||navigator.userAgent.match(/iPad/i)||navigator.userAgent.match(/iPod/i)||navigator.userAgent.match(/BlackBerry/i)||navigator.userAgent.match(/Windows Phone/i)){return true;}else{return false;}}</script>

<script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-TPNQ476');</script>

<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-BmbxuPwQa2lc/FVzBcNJ7UAyJxM6wuqIj61tLrc4wSX0szH/Ev+nYRRuWlolflfl" crossorigin="anonymous">
<link rel="stylesheet" href="/templates/tsecurity.de/css/A.template_master.css.pagespeed.cf.qCWxlHun2V.css">


<script defer src="/templates/tsecurity.de/install.js.pagespeed.ce.loZAQ4IK_7.js"></script>
<script src="/framework/jquery/jquery-3.6.0.min.js.pagespeed.jm.vSq_cOaZon.js"></script>

<script>if('serviceWorker'in navigator){navigator.serviceWorker.register('/templates/tsecurity.de/install.js');}var player;window.onYouTubePlayerAPIReadyByID=function(id){player=new YT.Player('ytplayer_'+id,{height:'315',width:'560',videoId:id});}</script>
<script async src='/cdn-cgi/bm/cv/669835187/api.js'></script></head>
<body>

<noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-TPNQ476" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>

<div class="wrapper">
<div class="page">
<header class="header-container">
<div class="header">
<a title="Nachrichtenportal Team Security (tsecurity.de)" href="/?pk_campaign=logo-nav&pk_kwd=logo-nav&pk_source=klick-logo">
<img alt="logo" src="https://tsecurity.de//templates/tsecurity.de/media/xtsecurity-logo8.webp.pagespeed.ic.BsSQzHB5D7.webp" />
</a>
</div>
<div class="header">
<a style="color:yellow" class="button" title="FREIE-WELT.EU Nachrichtenportal" href="https://freie-welt.eu/?pk_campaign=franchise&pk_kwd=franchise-link&pk_source=franchise-link">
ZU FREIE-WELT.EU wechseln - POLITIK NACHRICHTENPORTAL alle 15 Minuten neuste Nachrichten aus über 460 Quellen
</a>
</div>
</header>
<section>
<nav role="navigation" style="background-color: #1E1E23;height: 65px;">
<div id="menuToggle">
<input name="MenuToggle" id="togglemenu" type="checkbox" />
<span></span>
<span></span>
<span></span>
</div>
</nav>
<nav role="navigation" style="background-color: #1E1E23;">
<i class="fas fa-angle-right" style="font-size: 100px;position: fixed;top: 37.5%;left: 0%;z-index: 1000;"></i>
<ul id="menu" style="display:none;">
<li><a class="flex-nav-item" href="/de/2/Startseite/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Team IT Security - Cybersecurity Nachrichten / Nachrichtenportal">Startseite</a>
<ul>
<li><a class="flex-nav-item" href="/de/431830/Startseite/Android-Security/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="TOP Beitäge Android Security - Team IT Security - Cybersecurity Nachrichten / Nachrichtenportal">Android Security</a></li>
<li><a class="flex-nav-item" href="/de/427974/Startseite/Malware/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Malware - Team IT Security - Cybersecurity Nachrichten / Nachrichtenportal">Malware</a></li>
<li><a class="flex-nav-item" href="/de/432639/Startseite/Pentesting/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Pentesting - Team IT Security - Cybersecurity Nachrichten / Nachrichtenportal">Pentesting</a></li>
<li><a class="flex-nav-item" href="/de/434563/Startseite/Programmieren/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Programmieren - Team IT Security - Cybersecurity Nachrichten / Nachrichtenportal">Programmieren</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/10/Reverse-Engineering/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Reverse Engineering Informatik Nachrichten">Reverse Engineering</a>
<ul>
<li><a class="flex-nav-item" href="/de/11/Reverse-Engineering/Sicherheitsl%C3%BCcken/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Sicherheitslücken Nachrichten / Aktuelle Exploits  - Aktuelle Reverse Engineering Informatik Nachrichten">Sicherheitslücken</a>
<ul>
<li><a class="flex-nav-item" href="/de/12/Reverse-Engineering/Sicherheitsl%C3%BCcken/Proof-of-Concept/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Proof of Concept Exploits Informatik (PoC) Nachrichten - Aktuelle Sicherheitslücken Nachrichten / Aktuelle Exploits  - Aktuelle Reverse Engineering Informatik Nachrichten">Proof of Concept</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/13/Reverse-Engineering/Video/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Video Nachrichten - Aktuelle Reverse Engineering Informatik Nachrichten">Video</a></li>
<li><a class="flex-nav-item" href="/de/14/Reverse-Engineering/Tools/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Tools Nachrichten - Aktuelle Reverse Engineering Informatik Nachrichten">Tools</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/15/Betriebssysteme/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Betriebssysteme Windows | Unix | Mac Nachrichten">Betriebssysteme</a>
<ul>
<li><a class="flex-nav-item" href="/de/155879/Betriebssysteme/Mac-OS-Tipps/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Mac OS Tipps - Aktuelle Betriebssysteme Windows | Unix | Mac Nachrichten">Mac OS Tipps</a></li>
<li><a class="flex-nav-item" href="/de/16/Betriebssysteme/Windows-Tipps/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Windows Tipps Nachrichten | Windows 10 uvm. - Aktuelle Betriebssysteme Windows | Unix | Mac Nachrichten">Windows Tipps</a></li>
<li><a class="flex-nav-item" href="/de/155880/Betriebssysteme/Web-Tipps/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Web Tipps - Aktuelle Betriebssysteme Windows | Unix | Mac Nachrichten">Web Tipps</a></li>
<li><a class="flex-nav-item" href="/de/17/Betriebssysteme/Android-Tipps/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Android Tipps Nachrichten - Aktuelle Betriebssysteme Windows | Unix | Mac Nachrichten">Android Tipps</a></li>
<li><a class="flex-nav-item" href="/de/155878/Betriebssysteme/Linux-Tipps/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Linux Tipps - Aktuelle Betriebssysteme Windows | Unix | Mac Nachrichten">Linux Tipps</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/18/Downloads/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Downloads">Downloads</a></li>
<li><a class="flex-nav-item" href="/de/3/Allgemeines/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle IT-Nachrichten / IT-News">Allgemeines</a>
<ul>
<li><a class="flex-nav-item" href="/de/201468/Allgemeines/Videos/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Videos - Aktuelle IT-Nachrichten / IT-News">Videos</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/4/Cybersecurity/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Cybersecurity News / IT-Sicherheit ">Cybersecurity</a>
<ul>
<li><a class="flex-nav-item" href="/de/5/Cybersecurity/Cybersecurity-Nachrichten/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Cybersecurity Nachrichten - Aktuelle Cybersecurity News / IT-Sicherheit ">Cybersecurity Nachrichten</a></li>
<li><a class="flex-nav-item" href="/de/6/Cybersecurity/Cybersecurity-Tools/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Cybersecurity Tools Nachrichten - Aktuelle Cybersecurity News / IT-Sicherheit ">Cybersecurity Tools</a></li>
<li><a class="flex-nav-item" href="/de/7/Cybersecurity/Cybersecurity-Videos/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Cybersecurity Video Nachrichten - Aktuelle Cybersecurity News / IT-Sicherheit ">Cybersecurity Videos</a>
<ul>
<li><a class="flex-nav-item" href="/de/155807/Cybersecurity/Cybersecurity-Videos/AI-Videos/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="AI Videos - Aktuelle Cybersecurity Video Nachrichten - Aktuelle Cybersecurity News / IT-Sicherheit ">AI Videos</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/8/Cybersecurity/Hacker/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Hacker Nachrichten - Aktuelle Cybersecurity News / IT-Sicherheit ">Hacker</a></li>
<li><a class="flex-nav-item" href="/de/9/Cybersecurity/Malware-Trojaner-Viren/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Malware Nachrichten / Trojaner Nachrichten / Viren Nachrichten - Aktuelle Cybersecurity News / IT-Sicherheit ">Malware / Trojaner / Viren</a></li>
<li><a class="flex-nav-item" href="/de/245520/Cybersecurity/Programmierung/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Programmierung - Aktuelle Cybersecurity News / IT-Sicherheit ">Programmierung</a>
<ul>
<li><a class="flex-nav-item" href="/de/424370/Cybersecurity/Programmierung/Video-Youtube/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Video | Youtube - Programmierung - Aktuelle Cybersecurity News / IT-Sicherheit ">Video | Youtube</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/424521/Cybersecurity/Podcasts/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Podcasts - Aktuelle Cybersecurity News / IT-Sicherheit ">Podcasts</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/111965/RSS-Feed-hinzuf%C3%BCgen/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="RSS Feed hinzufügen | IT Security">RSS Feed hinzufügen</a>
<ul>
<li><a class="flex-nav-item" href="/de/446968/RSS-Feed-hinzuf%C3%BCgen/Widerruf/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Widerruf von Blogs - RSS Feed hinzufügen | IT Security">Widerruf</a></li>
<li><a class="flex-nav-item" href="/de/852168/RSS-Feed-hinzuf%C3%BCgen/Datenschutz/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Datenschutz - RSS Feed hinzufügen | IT Security">Datenschutz</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/19/Server/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Server Nachrichten | Windows Server Nachrichten | Unix Server Nachrichten">Server</a>
<ul>
<li><a class="flex-nav-item" href="/de/20/Server/Windows-Server/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Windows Server Nachrichten - Aktuelle Server Nachrichten | Windows Server Nachrichten | Unix Server Nachrichten">Windows Server</a></li>
<li><a class="flex-nav-item" href="/de/21/Server/Unix-Server/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Unix Server Nachrichten - Aktuelle Server Nachrichten | Windows Server Nachrichten | Unix Server Nachrichten">Unix Server</a></li>
</ul>
</li>
</ul>
</nav>
</div>
</section>
<div class="main col2-right-layout">
<div id="main_page_container" class="main-border">
<a href="https://t.me/tsecurity21">"Team Security" Telegram-Gruppe </a>.
<br />
<div class="container-fluid">
<div class="row"><main class="col-sm-8"><article class="block rss_content_view" id="box_rss_content_view_24027"><div class="block-title"> <h1>&#10056; Apache CloudStack bis 4.5.1 KVM Virtual Machine Migration Handler erweiterte Rechte</h1></div><article class="content rss_content_view" id="modul_rss_content_view_24027"><header> <h3><time datetime="2016-02-08 01:00:00">08.02.2016 um 01:00 Uhr</time></h3><p><a title="Sicherheitslücken / Exploits" href="de/11/Reverse-Engineering/Sicherheitsl%C3%BCcken/"><strong><i class="fas fa-circle"></i> Sicherheitslücken / Exploits</strong></a> <a title="Nachrichtenwebseite direkt öffnen" href="/weiterleitung.php?rss_id=24027&page_id=24185"><strong><i class="fas fa-external-link-alt"></i> scip.ch</strong></a>
<strong> <a title="Startseite der RSS-Quelle öffnen" href="http://www.scip.ch" target="_blank"><i class="fas fa-link"></i></a></strong></p></header><p><h3>Allgemein</h3>
<p>scipID: 80823<br>
Betroffen: Apache CloudStack bis 4.5.1<br>
Ver&ouml;ffentlicht: 08.02.2016<br>
Risiko: kritisch</p>
<p>Erstellt: 09.02.2016<br>
Eintrag: 66.8% komplett</p>
<h3>Beschreibung</h3>
<p>Es wurde eine kritische Schwachstelle in Apache CloudStack bis 4.5.1 gefunden. Dabei betrifft es eine unbekannte Funktion der Komponente <em><span>KVM</span> Virtual Machine Migration Handler</em>. Mittels Manipulieren mit einer unbekannten Eingabe kann eine erweiterte Rechte-Schwachstelle ausgenutzt werden. Auswirken tut sich dies auf Vertraulichkeit, Integrit&auml;t und Verf&uuml;gbarkeit. Die Zusammenfassung von <span>CVE</span> lautet: </p>
<blockquote>
<p>Apache CloudStack before 4.5.2 does not properly preserve <span>VNC</span> passwords when migrating <span>KVM</span> virtual machines, which allows remote attackers to gain access by connecting to the <span>VNC</span> server.</p>
</blockquote>
<p>Die Schwachstelle wurde am 08.02.2016 publiziert. Die Identifikation der Schwachstelle wird mit <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3252" title="cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3252">CVE-2015-3252</a> vorgenommen. Der Angriff kann &uuml;ber das Netzwerk erfolgen. Technische Details sind nicht bekannt und ein Exploit zur Schwachstelle ist ebenfalls nicht vorhanden. </p>
Ein Aktualisieren auf die Version 4.5.2 vermag dieses Problem zu l&ouml;sen. Von weiterem Interesse k&ouml;nnen die folgenden Eintr&auml;ge sein: <a href="http://www.scip.ch/?vuldb.80822" title="&gt; Vuldb &gt; 80822">80822</a>.
<h3><span>CVSS</span></h3>
<p>Base Score: 6.0 (CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P) <a href="https://www.first.org/cvss/cvss-guide#i2.1" title="www.first.org/cvss/cvss-guide#i2.1">[?]</a><br>
Temp Score: 5.2 (CVSS2#E:ND/RL:OF/RC:ND) <a href="https://www.first.org/cvss/cvss-guide#i2.2" title="www.first.org/cvss/cvss-guide#i2.2">[?]</a></p>
<h3><span>CPE</span></h3>
<ul><li><a href="https://web.nvd.nist.gov/view/vuln/search-results?cpe=cpe%3A%2Fa%3Aapache%3Acloudstack%3A4.5.0&amp;page_num=0&amp;cid=3" title="web.nvd.nist.gov/view/vuln/search-results?cpe=cpe%3A%2Fa%3Aapache%3Acloudstack%3A4.5.0&amp;page_num=0&amp;cid=3">cpe:/a:apache:cloudstack:4.5.0</a></li>
<li><a href="https://web.nvd.nist.gov/view/vuln/search-results?cpe=cpe%3A%2Fa%3Aapache%3Acloudstack%3A4.5.1&amp;page_num=0&amp;cid=3" title="web.nvd.nist.gov/view/vuln/search-results?cpe=cpe%3A%2Fa%3Aapache%3Acloudstack%3A4.5.1&amp;page_num=0&amp;cid=3">cpe:/a:apache:cloudstack:4.5.1</a></li>
</ul><h3>Exploiting</h3>
<p>Klasse: Erweiterte Rechte<br>
Lokal: Nein<br>
Remote: Ja</p>
<p>Verf&uuml;gbarkeit: Nein</p>
<p>Aktuelle Preissch&auml;tzung: $10k-$25k (0-day) / $5k-$10k (Heute)</p>
<h3>Gegenmassnahmen</h3>
<p>Empfehlung: Upgrade<br>
Status: Offizieller Fix<br>
0-Day Time: 0 Tage seit gefunden</p>
<p>Upgrade: CloudStack 4.5.2</p>
<h3>Timeline</h3>
<p><span title="">08.02.2016</span> | Advisory ver&ouml;ffentlicht<br><span title="1 Tage">09.02.2016</span> | <a href="http://www.scip.ch/?vuldb.80823" title="www.scip.ch/?vuldb.80823">VulDB Eintrag erstellt</a><br><span title="0 Tage">09.02.2016</span> | <a href="http://www.scip.ch/?vuldb.80823" title="www.scip.ch/?vuldb.80823">VulDB Eintrag aktualisiert</a></p>
<h3>Quellen</h3>
<p>CVE: CVE-2015-3252 <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3252" title="cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3252">(mitre.org)</a> <a href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3252" title="web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3252">(nvd.nist.org)</a> <a href="https://www.cvedetails.com/cve/CVE-2015-3252/" title="www.cvedetails.com/cve/CVE-2015-3252">(cvedetails.com)</a></p>
<p>Siehe auch: <a href="http://www.scip.ch/?vuldb.80822" title="&gt; Vuldb &gt; 80822">80822</a></p>...</p> <div class="social-media">
<h3>Sharing is caring</h3>
<div class="row">
<div class="col-sm-4">
<a href="https://www.reddit.com/submit?url=https://tsecurity.de/de/24185/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-CloudStack-bis-4.5.1-KVM-Virtual-Machine-Migration-Handler-erweiterte-Rechte/?mtm_campaign=reddit_21%26mtm_source=reddi%26mtm_medium=social&title=Apache CloudStack bis 4.5.1 KVM Virtual Machine Migration Handler erweiterte Rechte" class="btn-social btn-reddit" title="reddit share" target="_blank" rel="noopener"><i class="fab fa-reddit-square"></i> Auf Reddit teilen</a>
</div>
<div class="col-sm-4">
<a href="https://telegram.me/share/url?url=https://tsecurity.de/de/24185/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-CloudStack-bis-4.5.1-KVM-Virtual-Machine-Migration-Handler-erweiterte-Rechte/?mtm_campaign=telegram_21%26mtm_source=telegram%26mtm_medium=social&bodytext=&text=Apache CloudStack bis 4.5.1 KVM Virtual Machine Migration Handler erweiterte Rechte" class="btn-social btn-whatsapp" title="Telegram share" target="_blank" rel="noopener"><i class="fab fa-telegram-square"></i> Auf Telegram teilen</a>
</div>
<div class="col-sm-4">
<a href="https://share.flipboard.com/bookmarklet/popout?v=2&url=https://tsecurity.de/de/24185/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-CloudStack-bis-4.5.1-KVM-Virtual-Machine-Migration-Handler-erweiterte-Rechte/?mtm_campaign=flipboard_21%26mtm_source=flipboard%26mtm_medium=social" class="btn-social btn-facebook" title="Flupboard" target="_blank" rel="noopener"><i class="fab  fa-flipboard-square"></i> Auf Flipboard teilen</a>
</div>
<div class="col-sm-4">
<a href="https://www.linkedin.com/sharing/share-offsite/?url=https://tsecurity.de/de/24185/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-CloudStack-bis-4.5.1-KVM-Virtual-Machine-Migration-Handler-erweiterte-Rechte/?mtm_campaign=flipboard_21%26mtm_source=flipboard%26mtm_medium=social" class="btn-social btn-facebook" title="LinkedIn" target="_blank" rel="noopener"><i class="fab  fa-linkedin-square"></i> Auf LinkedIn teilen</a>
</div>
<div class="col-sm-4">
<a href="https://www.xing.com/social/share/spi?url=https://tsecurity.de/de/24185/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-CloudStack-bis-4.5.1-KVM-Virtual-Machine-Migration-Handler-erweiterte-Rechte/?mtm_campaign=flipboard_21%26mtm_source=flipboard%26mtm_medium=social" class="btn-social btn-facebook" title="Xing" target="_blank" rel="noopener"><i class="fab  fa-xing-square"></i> Auf Xing teilen</a>
</div>
<div class="col-sm-4">
<a href="https://twitter.com/intent/tweet?text=Apache CloudStack bis 4.5.1 KVM Virtual Machine Migration Handler erweiterte Rechte&url=https://tsecurity.de/de/24185/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-CloudStack-bis-4.5.1-KVM-Virtual-Machine-Migration-Handler-erweiterte-Rechte/?mtm_campaign=twitter_21%26mtm_source=twitter%26mtm_medium=social" class="btn-social btn-twitter" title="Twitter share" target="_blank" rel="noopener"><i class="fab fa-twitter-square"></i> Auf Twitter teilen</a>
</div>
<div class="col-sm-4">
<a href="https://api.whatsapp.com/send?text=Apache CloudStack bis 4.5.1 KVM Virtual Machine Migration Handler erweiterte Rechte https://tsecurity.de/de/24185/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-CloudStack-bis-4.5.1-KVM-Virtual-Machine-Migration-Handler-erweiterte-Rechte/?mtm_campaign=whatsapp_21%26mtm_source=whatsapp%26mtm_medium=social" class="btn-social btn-whatsapp" title="Whatsapp share" target="_blank" rel="noopener"><i class="fab fa-whatsapp-square"></i> Auf Whatsapp teilen</a>
</div>
<div class="col-sm-4">
<a href="https://facebook.com/sharer.php?u=https://tsecurity.de/de/24185/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-CloudStack-bis-4.5.1-KVM-Virtual-Machine-Migration-Handler-erweiterte-Rechte/?mtm_campaign=facebook_21%26mtm_source=facebook%26mtm_medium=social" class="btn-social btn-facebook" title="Facebook" target="_blank" rel="noopener"><i class="fab  fa-facebook-square"></i> Auf Facebook teilen</a>
</div>
</div>
<h3>Join the Community (beta)</h3>
<div class="row">

<div class="col-sm-4">
<a href="https://www.reddit.com/r/Computersicherheit/" class="btn-social btn-reddit" title="Reddit Kanal" target="_blank" rel="noopener"><i class="fab  fa-reddit-square"></i>"Team Security" Reddit-Gruppe</a>
</div>
<div class="col-sm-4">
<a href="https://t.me/tsecurity21" class="btn-social btn-facebook" title="Facebook" target="_blank" rel="noopener"><i class="fab  fa-facebook-square"></i> "Team Security" Telegram-Gruppe .</a>
</div>
<div class="col-sm-4">
<a href="https://www.facebook.com/tsec0/" class="btn-social btn-facebook" title="Facebook" target="_blank" rel="noopener"><i class="fab  fa-facebook-square"></i>"Team Security" Facebookseite</a>
</div>
</div>
</div>
<br />
<a class="button_ext" title="Apache CloudStack bis 4.5.1 KVM Virtual Machine Migration Handler erweiterte Rechte" href="/weiterleitung.php?rss_id=24027&page_id=24185&mtm_campaign=tsec_21&mtm_source=tsec&mtm_medium=social"><i class="fas fa-external-link-alt"></i> Kompletten Artikel lesen</a> <font size="0.8em">(externe Quelle: http://www.scip.ch/?vuldb.80823)</font>
<br /><br />
<a class="button" title="Team IT Security IT Sicherheit Nachrichtenportal Startseite" href="https://tsecurity.de/?pk_campaign=pull_startseite&pk_kwd=startseite&pk_source=link"><i class="fa fa-home" aria-hidden="true"></i> Zur Team IT Security IT Sicherheit Nachrichtenportal Startseite</a><br /><br /></article>
<script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>

<ins class="adsbygoogle" style="display:block;" data-ad-client="ca-pub-9851833893867858" data-ad-slot="7755158364" data-ad-format="link" data-full-width-responsive="true"></ins>
<script>(adsbygoogle=window.adsbygoogle||[]).push({});</script>
<ins class="adsbygoogle" style="display:block" data-ad-format="autorelaxed" data-ad-client="ca-pub-9851833893867858" data-ad-slot="9736316268"></ins>
<script>(adsbygoogle=window.adsbygoogle||[]).push({});</script>
<ins class="adsbygoogle" style="display:block" data-ad-format="autorelaxed" data-ad-client="ca-pub-9851833893867858" data-ad-slot="2779371119"></ins>
<script>(adsbygoogle=window.adsbygoogle||[]).push({});</script></article></article><article class="block kommentar" id="box_kommentar_24026"><div class="block-title"> <h1>Kommentiere zu Apache CloudStack bis 4.5.1 KVM Virtual Machine Migration Handler erweiterte Rechte</h1></div><div class="content" id="modul_kommentar_24026"><form action="#" onsubmit="return setKommentar('setKommentar','kommentar','24026','0');" id="setKommentar" name="frmKommentar"><br /><input type="text" id="txtEmail" name="txtEmail" placeholder="Bitte Email eingeben..."><br /><input type="text" id="txtTitle" name="txtTitle" placeholder="Bitte Titel eingeben..."> <br /><br />
<textarea id="txtKommentar" name="txtKommentar" placeholder="Diskutieren Sie über die Team Security News..." rows="4" cols="50"></textarea><br />
<input type="hidden" id="txtMenue" name="txtMenue" value="24185"><input type="submit" name="btnSenden" value="An Diskussion teilnehmen" class="button"></form></div></article><article class="block similar" id="box_similar_24025"><div class="block-title"> <h1>➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)</h1></div><div class="content similar" id="modul_similar_24025"><div class="row"><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Announcing the preview of Azure Spot Virtual Machines" href="https://tsecurity.de/de/942433/Cybersecurity/Programmierung/Announcing-the-preview-of-Azure-Spot-Virtual-Machines/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Announcing the preview of Azure Spot Virtual Machines</h4></a> <i>vom <time datetime="2019-12-09 09:00:29">09.12.2019 um 09:00 Uhr</time> 367.76 Punkte</i>
<br />We’re announcing the preview of Azure Spot Virtual Machines. Azure Spot Virtual Machines provide access to unused Azure compute capacity at deep discounts. Spot pricing is available on single Virtual Machines in addition to Virtual Machine Scale Se</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Apache Tomcat JK ISAPI Connector bis 1.2.41 jk_uri_worker_map.c Pufferüberlauf" href="https://tsecurity.de/de/80484/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-Tomcat-JK-ISAPI-Connector-bis-1.2.41-jk-uri-worker-map.c-Puffer%C3%BCberlauf/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Apache Tomcat JK ISAPI Connector bis 1.2.41 jk_uri_worker_map.c Pufferüberlauf</h4></a> <i>vom <time datetime="2016-10-06 02:00:00">06.10.2016 um 02:00 Uhr</time> 334.67 Punkte</i>
<br />In Apache Tomcat JK ISAPI Connector bis 1.2.41 wurde eine kritische Schwachstelle ausgemacht. Hierbei betrifft es eine unbekannte Funktion der Datei jk_uri_worker_map.c. Durch Beeinflussen mit einer unbekannten Eingabe kann eine Pufferüberlauf-Schwachstelle ausgenutzt </p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Apache Tomcat JK ISAPI Connector bis 1.2.41 jk_uri_worker_map.c Pufferüberlauf" href="https://tsecurity.de/de/80484/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-Tomcat-JK-ISAPI-Connector-bis-1.2.41-jk-uri-worker-map.c-Puffer%C3%BCberlauf/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Apache Tomcat JK ISAPI Connector bis 1.2.41 jk_uri_worker_map.c Pufferüberlauf</h4></a> <i>vom <time datetime="2016-10-06 02:00:00">06.10.2016 um 02:00 Uhr</time> 334.67 Punkte</i>
<br />In Apache Tomcat JK ISAPI Connector bis 1.2.41 wurde eine kritische Schwachstelle ausgemacht. Hierbei betrifft es eine unbekannte Funktion der Datei jk_uri_worker_map.c. Durch Beeinflussen mit einer unbekannten Eingabe kann eine Pufferüberlauf-Schwachstelle ausgenutzt </p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Azure infrastructure as a service (IaaS) for every workload" href="https://tsecurity.de/de/909343/Cybersecurity/Programmierung/Azure-infrastructure-as-a-service-IaaS-for-every-workload/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Azure infrastructure as a service (IaaS) for every workload</h4></a> <i>vom <time datetime="2019-11-05 13:00:08">05.11.2019 um 13:00 Uhr</time> 327.61 Punkte</i>
<br />This week at Microsoft Ignite, we announced several important additions to our Azure infrastructure as a service (IaaS) portfolio.
Many companies, including GEICO, H&amp;R Block, and CONA Services, rely on Azure to run a very diverse set of business-critical workloads, </p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="A look at Azure&amp;#8217;s automated machine learning capabilities" href="https://tsecurity.de/de/520044/Cybersecurity/Programmierung/A-look-at-Azureamp8217s-automated-machine-learning-capabilities/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>A look at Azure&amp;#8217;s automated machine learning capabilities</h4></a> <i>vom <time datetime="2019-06-04 12:00:37">04.06.2019 um 12:00 Uhr</time> 326.13 Punkte</i>
<br />
The automated machine learning capability in Azure Machine Learning service allows data scientists, analysts, and developers to build machine learning models with high scalability, efficiency, and productivity all while sustaining model quality. Automa</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Accelerating customer success with Azure migration" href="https://tsecurity.de/de/911061/Cybersecurity/Programmierung/Accelerating-customer-success-with-Azure-migration/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Accelerating customer success with Azure migration</h4></a> <i>vom <time datetime="2019-11-07 08:00:09">07.11.2019 um 08:00 Uhr</time> 325.73 Punkte</i>
<br />This blog post was co-authored by Jeremy Winter, Partner Director and Tanuj Bansal, Senior Director for Microsoft Azure.
At last year's Microsoft Ignite 2018, we shared best practices on how to move to the cloud and why Azure is the best destination for all your apps, data, and infrastructure. Since the</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Automated machine learning and MLOps with Azure Machine Learning" href="https://tsecurity.de/de/903506/Cybersecurity/Programmierung/Automated-machine-learning-and-MLOps-with-Azure-Machine-Learning/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Automated machine learning and MLOps with Azure Machine Learning</h4></a> <i>vom <time datetime="2019-10-28 15:00:05">28.10.2019 um 15:00 Uhr</time> 294.12 Punkte</i>
<br />
Azure Machine Learning is the center for all things machine learning on Azure, be it creating new models, deploying models, managing a model repository, or automating the entire CI/CD pipeline for machine learning. We recently made some amazing announcements on</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Azure Marketplace new offers &amp;#8211; Volume 26" href="https://tsecurity.de/de/425533/Cybersecurity/Programmierung/Azure-Marketplace-new-offers-amp8211-Volume-26/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Azure Marketplace new offers &amp;#8211; Volume 26</h4></a> <i>vom <time datetime="2018-12-10 15:00:03">10.12.2018 um 15:00 Uhr</time> 292.84 Punkte</i>
<br />
We continue to expand the Azure Marketplace ecosystem. During September and October, 149 new consulting offers successfully met the onboarding criteria and went live. See details of the new offers below:
Consulting Services
 
1-Day Big D</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Azure Marketplace new offers &amp;#8211; Volume 26" href="https://tsecurity.de/de/425534/Cybersecurity/Programmierung/Azure-Marketplace-new-offers-amp8211-Volume-26/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Azure Marketplace new offers &amp;#8211; Volume 26</h4></a> <i>vom <time datetime="2018-12-10 15:00:03">10.12.2018 um 15:00 Uhr</time> 292.84 Punkte</i>
<br />
We continue to expand the Azure Marketplace ecosystem. During September and October, 149 new consulting offers successfully met the onboarding criteria and went live. See details of the new offers below:
Consulting Services
 
1-Day Big D</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Introducing the new Azure Migrate: A hub for your migration needs" href="https://tsecurity.de/de/550041/Cybersecurity/Programmierung/Introducing-the-new-Azure-Migrate-A-hub-for-your-migration-needs/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Introducing the new Azure Migrate: A hub for your migration needs</h4></a> <i>vom <time datetime="2019-07-11 14:00:47">11.07.2019 um 14:00 Uhr</time> 286.29 Punkte</i>
<br />
Moving on-premises apps and data to the cloud is a key step in our customers’ migration journey, and we’re committed to helping simplify that process. Earlier this year, we invited customers to participate in the preview of multiple new migration capabili</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Apache CloudStack bis 4.5.1 KVM Virtual Machine Migration Handler erweiterte Rechte" href="https://tsecurity.de/de/24185/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-CloudStack-bis-4.5.1-KVM-Virtual-Machine-Migration-Handler-erweiterte-Rechte/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Apache CloudStack bis 4.5.1 KVM Virtual Machine Migration Handler erweiterte Rechte</h4></a> <i>vom <time datetime="2016-02-08 01:00:00">08.02.2016 um 01:00 Uhr</time> 277.85 Punkte</i>
<br />Allgemein
scipID: 80823
Betroffen: Apache CloudStack bis 4.5.1
Ver&ouml;ffentlicht: 08.02.2016
Risiko: kritisch
Erstellt: 09.02.2016
Eintrag: 66.8% komplett
Beschreibung
Es wurde eine kritische Schwachstelle in Apache CloudStack bis 4.5.1 gefun</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Apache CloudStack bis 4.5.1 KVM Virtual Machine Migration Handler erweiterte Rechte" href="https://tsecurity.de/de/24185/Reverse-Engineering/Sicherheitsl%C3%BCcken/Apache-CloudStack-bis-4.5.1-KVM-Virtual-Machine-Migration-Handler-erweiterte-Rechte/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Apache CloudStack bis 4.5.1 KVM Virtual Machine Migration Handler erweiterte Rechte</h4></a> <i>vom <time datetime="2016-02-08 01:00:00">08.02.2016 um 01:00 Uhr</time> 277.85 Punkte</i>
<br />Allgemein
scipID: 80823
Betroffen: Apache CloudStack bis 4.5.1
Ver&ouml;ffentlicht: 08.02.2016
Risiko: kritisch
Erstellt: 09.02.2016
Eintrag: 66.8% komplett
Beschreibung
Es wurde eine kritische Schwachstelle in Apache CloudStack bis 4.5.1 gefun</p></div></div></div>
</div></article></main><aside class="col-sm-4"><article class="block menue" id="box_menue_24079"><div class="block-title"> <h3></h3></div><div class="content menue" id="menue_24079"><nav><ul class="modul_menue_normal" id="modul_menue_24079"><li class="menue_side_item">+ <a href="/de/52712/Reverse-Engineering/Lets-Analyze-Dridex-Part-3/?pk_campaign=nav-menu&pk_kwd=nav-menu&pk_source=nav-menu" title="Let’s Analyze: Dridex (Part 3) - Aktuelle Reverse Engineering Informatik Nachrichten"><strong>Let’s Analyze: Dridex (Part 3)</strong></a></li><li class="menue_side_item">+ <a href="/de/1023719/Reverse-Engineering/Windows10-CustomKernelSigners-Load-self-signed-drivers-without-TestSigning-or-disable-DSE.-Transferred-from-https//github.com/DoubleLabyrinth/Windows10-CustomKernelSigners/?pk_campaign=nav-menu&pk_kwd=nav-menu&pk_source=nav-menu" title="Windows10-CustomKernelSigners: Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSigners - Aktuelle Reverse Engineering Informatik Nachrichten"><strong>Windows10-CustomKernelSigners: Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSigners</strong></a></li><li class="menue_side_item">+ <a href="/de/295990/Reverse-Engineering/Friday-Squid-Blogging-Sake-Decanters-Made-of-Dried-Squid/?pk_campaign=nav-menu&pk_kwd=nav-menu&pk_source=nav-menu" title="Friday Squid Blogging: Sake Decanters Made of Dried Squid - Aktuelle Reverse Engineering Informatik Nachrichten"><strong>Friday Squid Blogging: Sake Decanters Made of Dried Squid</strong></a></li><li class="menue_side_item">+ <a href="/de/1004745/Reverse-Engineering/IDA-Pro-Automated-String-Decryption-For-REvil-Ransomware-OALabs-Tutorial/?pk_campaign=nav-menu&pk_kwd=nav-menu&pk_source=nav-menu" title="IDA Pro Automated String Decryption For REvil Ransomware (OALabs Tutorial) - Aktuelle Reverse Engineering Informatik Nachrichten"><strong>IDA Pro Automated String Decryption For REvil Ransomware (OALabs Tutorial)</strong></a></li><li class="menue_side_item">+ <a href="/de/314253/Reverse-Engineering/Maliciously-Changing-Someones-Address/?pk_campaign=nav-menu&pk_kwd=nav-menu&pk_source=nav-menu" title="Maliciously Changing Someone's Address - Aktuelle Reverse Engineering Informatik Nachrichten"><strong>Maliciously Changing Someone's Address</strong></a></li><li class="menue_side_item">+ <a href="/de/141735/Reverse-Engineering/How-to-Enable-Network-Level-Access-for-Windows-RDP/?pk_campaign=nav-menu&pk_kwd=nav-menu&pk_source=nav-menu" title="How to Enable Network Level Access for Windows RDP - Aktuelle Reverse Engineering Informatik Nachrichten"><strong>How to Enable Network Level Access for Windows RDP</strong></a></li><li class="menue_side_item">+ <a href="/de/9236/Reverse-Engineering/Reverse-Engineering-a-Zero-Day-Exploit-from-the-Hacking-Team-Data-Dump/?pk_campaign=nav-menu&pk_kwd=nav-menu&pk_source=nav-menu" title="Reverse-Engineering a Zero-Day Exploit from the Hacking Team Data Dump - Aktuelle Reverse Engineering Informatik Nachrichten"><strong>Reverse-Engineering a Zero-Day Exploit from the Hacking Team Data Dump</strong></a></li><li class="menue_side_item">+ <a href="/de/41030/Reverse-Engineering/BlackBerrys-Global-Encryption-Key/?pk_campaign=nav-menu&pk_kwd=nav-menu&pk_source=nav-menu" title="BlackBerry's Global Encryption Key - Aktuelle Reverse Engineering Informatik Nachrichten"><strong>BlackBerry's Global Encryption Key</strong></a></li><li class="menue_side_item">+ <a href="/de/24974/Reverse-Engineering/Make-Privacy-a-2016-Election-Issue/?pk_campaign=nav-menu&pk_kwd=nav-menu&pk_source=nav-menu" title="Make Privacy a 2016 Election Issue - Aktuelle Reverse Engineering Informatik Nachrichten"><strong>Make Privacy a 2016 Election Issue</strong></a></li><li class="menue_side_item">+ <a href="/de/843228/Reverse-Engineering/Was-the-Efail-disclosure-horribly-screwed-up/?pk_campaign=nav-menu&pk_kwd=nav-menu&pk_source=nav-menu" title="Was the Efail disclosure horribly screwed up? - Aktuelle Reverse Engineering Informatik Nachrichten"><strong>Was the Efail disclosure horribly screwed up?</strong></a></li></ul></nav></div></article></aside></div>
</div>
</div>
</div>
<div style="clear:both"></div>
<footer>
<div class="footer">
<div style="float:left;width:32%;margin-right:30px">
<h2>Informationsportal Team IT Security - Social Media</h2>
<ul>
<li><a rel="noopener" title="Team IT Security auf Facebook folgen" href="https://www.facebook.com/tsec0/">Team IT Security Nachrichtenportal auf <u>Facebook</u> folgen</a></li>
<li><a rel="noopener" title="Team IT Security auf Github folgen" href="https://github.com/thE-iNviNciblE">Team IT Security Nachrichtenportal auf <u>Github</u> folgen</a></li>
</ul><br />
Email: <a href="/cdn-cgi/l/email-protection#224b4c444d625651474157504b565b0c4647"><span class="__cf_email__" data-cfemail="bed7d0d8d1fecacddbddcbccd7cac790dadb">[email&#160;protected]</span></a> schreiben (24 / 7)<br />
</div>
<div style="float:left;width:32%">
<h2>&Uuml;ber Informationsportal Team IT Security</h2>
<ul>
<li><a title="Ãœber IT Security Team" href="/de/3612/Ueber-TSEC/">Team IT Security Nachrichtenportal <u>Sitemap</u></a></li>
<li><a title="Impressum IT Security Team" href="/de/2657/Impressum/">Team IT Security Nachrichtenportal <u>Impressum</u></a></li>
<li><a title="Datenschutz IT Security Team" href="/de/852168/RSS-Feed-hinzufuegen/Datenschutz/">Team IT Security Nachrichtenportal <u>Datenschutz</u></a></li>
</ul>
</div>
<style media="all">ul{padding:0;list-style-type:none}#menuToggle{display:flex;flex-direction:column;position:relative;top:25px;z-index:1;-webkit-user-select:none;user-select:none}#menuToggle input{display:flex;width:40px;height:32px;position:absolute;cursor:pointer;opacity:0;z-index:2}#menuToggle span{display:flex;width:29px;height:2px;margin-bottom:5px;position:relative;background:#fff;border-radius:3px;z-index:1;transform-origin:5px 0;transition:transform .5s cubic-bezier(.77,.2,.05,1.0) , background .5s cubic-bezier(.77,.2,.05,1.0) , opacity .55s ease}#menuToggle span:first-child{transform-origin:0% 0%}#menuToggle span:nth-last-child(2)
{transform-origin:0% 100%}#menuToggle input:checked ~ span
{opacity:1;transform:rotate(45deg) translate(-3px,-1px);background:#36383f}#menuToggle input:checked ~ span:nth-last-child(3)
{opacity:0;transform:rotate(0deg) scale(.2,.2)}#menuToggle input:checked ~ span:nth-last-child(2)
{transform:rotate(-45deg) translate(0,-1px)}#menu{}ul#menu{right:40px}ul#menu li{list-style:none;margin-top:1px;padding:10px 0;padding-left:15px;transition-delay:2s}ul#menu>ul>li{padding-left:15px 0;transition-delay:2s;font-weight:normal}#menuToggle input:checked ~ ul
{transform:none}.mouseenter{position:relative;left:300px;box-shadow:0 0 10px #85888c;margin:-50px 0 0 -50px;padding:50px;padding-top:125px;background-color:#f5f6fa;-webkit-font-smoothing:antialiased;overflow:auto;height:250px}</style>

<script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script><script defer src="/templates/tsecurity.de/js/jquery_user_main.js.pagespeed.ce.2WKSDIZZg4.js"></script>
<script async src="https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.1/cookieconsent.min.js"></script>
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css" />
<script>$(document).ready(function(){if(detectmob()==true){$("#menu").css({"position":"relative","box-shadow":"0 0 10px #85888C","margin":"-50px 0 0 -50px","-webkit-font-smoothing":"antialiased","transform-origin":"0% 0%","transform":"translate(-100%, 0)","transition":"transform 0.5s cubic-bezier(0.77,0.2,0.05,1.0)","overflow":"auto","height":"50px","left":"-650px","width":"360px","top":"950px","z-index":"9999","transform":"translate(-100%,0%)","transform-origin":"5px 0px","transition":"transform 1.5s cubic-bezier(0.77,0.2,0.05,1.0),background 0.5s cubic-bezier(0.77,0.2,0.05,1.0),opacity 1.55s ease;"});}else{$("#menu").css({"position":"fixed","width":"180px","height":"400px","box-shadow":"0 0 10px #85888C","margin":"-50px 0 0 -50px","padding":"50px","padding-top":"125px","-webkit-font-smoothing":"antialiased","transform-origin":"0% 0%","transform":"translate(-105%, 0%)","transition":"transform 0.5s cubic-bezier(0.77,0.2,0.05,1.0)","overflow":"","display":"none","left":"115px","top":"150px","z-index":"9999"});}window.addEventListener("load",function(){window.cookieconsent.initialise({"palette":{"popup":{"background":"#000"},"button":{"background":"#f1d600"}},"content":{"message":"Diese Webseite verwendet Cookies. Wenn Sie diese Webseite weiterhin besuchen, stimmen Sie der Nutzung von Cookies zu. Weitere Informationen finden Sie unter Datenschutz","dismiss":"Habe verstanden","link":"Weitere Informationen","href":"https://tsecurity.de/de/2658/Datenschutzerklaerung/"}})});});</script>
</div>
<div class="footer">
<h2>IT Sicherheit Nachrichten - RSS Nachrichtenportal</h2>
<ul>
<li><a href="https://tsecurity.de/it-security-feed/" title="Die Cyber IT Security Informationsportal  - RSS Quelle Alle Webseiten Nachrichten"><img alt="RSS-Feed" src="/image/xrss-small.png.pagespeed.ic.ybioT2SH_c.png" /> Team IT Security alle IT Nachrichten | Nachrichtenportal</a></li>
<li><a href="https://tsecurity.de/tsec-nachrichten/" title="Das Cyber IT Security Informationsportal - RSS Quelle Blog Beiträge | News"><img alt="RSS-Feed" src="/image/xrss-small.png.pagespeed.ic.ybioT2SH_c.png" /> Team IT Security Nachrichtenportal IT Nachrichten</a></li>
<li><a href="https://validator.w3.org/feed/check.cgi?url=https%3A//tsecurity.de/it-security-feed/Alle-Kategorien%257C1"><img src="/image/xvalid-rss-rogers.png.pagespeed.ic.6VoqfvSa6w.png" alt="[Valid RSS]" title="Validate my RSS feed" /></a></li>
<ul>
<span style="float:right">&copy; <a title="Informationsportal Team IT Security - Das Cyber IT Security Nachrichtenportal im Web" href="https://tsecurity.de">2015-2020 Team IT Security - Das IT Security Nachrichtenportal im Web</a></span>
</div>

</footer>
<script>$(document).ready(function(){$("#menuToggle").click(function(){if($(".menu_clicked")[0]!='undefined'){$("#togglemenu").prop('checked',true);$("#menu").addClass("menu_clicked");$("#menu").removeAttr("style");if(detectmob()==true){if($('#togglemenu').is(':checked')){$("#menu").css({"position":"relative","box-shadow":"0 0 10px #85888C","margin":"-15px 0px 0px -15px","padding":"50px","padding-top":"125px","-webkit-font-smoothing":"antialiased","overflow":"auto","right":"-","width":"100%","height":"100%","top":"-340px","left":"","z-index":"9999","transform":"","transform-origin":""});}}else{if($('#togglemenu').is(':checked')){}}}else{alert($(".menu_clicked")[0]);$("#menu").removeClass("menu_clicked");$("#togglemenu").prop('checked',false);if(detectmob()==true){$("#menu").css({"position":"relative","box-shadow":"0 0 10px #85888C","margin":"-50px 0 0 -50px","-webkit-font-smoothing":"antialiased","transform-origin":"0% 0%","transform":"translate(-100%, 0)","transition":"transform 0.5s cubic-bezier(0.77,0.2,0.05,1.0)","overflow":"auto","height":"50px","left":"-650px","width":"360px","top":"50px","z-index":"9999","transform":"translate(-100%,0%)","transform-origin":"5px 0px","transition":"transform 1.5s cubic-bezier(0.77,0.2,0.05,1.0),background 0.5s cubic-bezier(0.77,0.2,0.05,1.0),opacity 1.55s ease;"});}}});if(detectmob()==false){$("#menu").mouseenter(function(){if($(".mouseenter")[0]){}else{$("#menu").css({"display":"","position":"fixed","z-index":"9999","box-shadow":"0 0 10px #85888C","margin":"-50px 0 0 -50px","padding":"50px","padding-top":"125px","-webkit-font-smoothing":"antialiased","transform-origin":"0% 0%","transform":"translate(-100%, 0)","transition":"transform 0.5s cubic-bezier(0.77,0.2,0.05,1.0)","overflow":"auto","height":"400px","left":"650px","width":"550px","top":"150px","transform-origin":"0px 0px","transform":"translate(-650px, 0)","transition":"transform 0.5s cubic-bezier(0.77,0.2,0.05,1.0)",});$("#menu").addClass("mouseenter");$(".fa-angle-right").css({"display":"none"});}});$("#menu").mouseleave(function(){if($(".mouseenter")[0]){$("#menu").removeAttr("style");$("#menu").removeClass("mouseenter");$("#menu").css({"display":"","position":"fixed","z-index":"9999","width":"180px","height":"400px","box-shadow":"0 0 10px #85888C","margin":"-50px 0 0 -50px","padding":"50px","padding-top":"125px","-webkit-font-smoothing":"antialiased","transform-origin":"0% 0%","transform":"translate(-650px, 0)","transition":"transform 0.5s cubic-bezier(0.77,0.2,0.05,1.0)","overflow":"","left":"115px","top":"150px"});$(".fa-angle-right").css({"font-size":"100px","position":"fixed","top":"37.5%","left":"0.5%","z-index":"1000","display":""});}else{}});}if(detectmob()==false){$(".fa-angle-right").mouseenter(function(){if($(".mouseenter")[0]){}else{$("#menu").css({"display":"","position":"fixed","box-shadow":"0 0 10px #85888C","margin":"-50px 0 0 -50px","padding":"50px","padding-top":"125px","-webkit-font-smoothing":"antialiased","transform-origin":"0% 0%","transform":"translate(-100%, 0)","transition":"transform 0.5s cubic-bezier(0.77,0.2,0.05,1.0)","overflow":"auto","height":"400px","left":"750px","width":"550px","top":"150px","z-index":"9999","transform":"translate(-100%,0%)","transform-origin":"5px 0px","transition":"transform 1.5s cubic-bezier(0.77,0.2,0.05,1.0),background 0.5s cubic-bezier(0.77,0.2,0.05,1.0),opacity 1.55s ease;"});$(".fa-angle-right").css({"display":"none"});}});}else{$(".fa-angle-right").css({"display":"none"});}});</script>
</div>
<script async src="/templates/tsecurity.de/js/jquery_user_main.js.pagespeed.ce.2WKSDIZZg4.js"></script>

<link rel="stylesheet" href="/framework/fontawesome/css/A.all.css.pagespeed.cf.QWq7o9BlSb.css">
<script type="text/javascript">(function(){window['__CF$cv$params']={r:'63eed102cc4a57d2',m:'d2eafc3769bc786c8366506893ba7f6009461a00-1618255285-1800-AavuWyhwz5OWPDb3Y3LInj4ssty5h/VXwHUSyqM1GgYyHTu/YbeuWfiqvpOUTcXkowOhAUdS6Powz5Pdu0Kb/RTGlvjuQIFIsHIs0diLc2vqvjRdHm0MMjwJr5UvY0o/RIWU9vYmHE7d8wTVkhNXJ+w95pXa/FAKzuQOcU9LtKslTCjKhXmpIqKec9Y4va/cnqROBDhKvai7NjLLIs/G44jAypHk3qbdvOF0WSlURQjaZLbP75bnCksSm5B7KAwxN/naVV6KZ1vZ+sb3zWi1x5OozhwcIL9VAxoZ7AEvHkAn',s:[0x6fd8c07b0d,0x5b2928785a],}})();</script></body>
</html>