CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0CVE-2016-0737 – openstack-swift: Client to proxy DoS through Large Objects
https://notcve.org/view.php?id=CVE-2016-0737
OpenStack Object Storage (Swift) before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series of interrupted requests to a Large Object URL. OpenStack Object Storage (Swift) en versiones anteriores a 2.4.0 no cierra correctamente las conexionen del cliente, lo que permite a atacantes remotos causar una denegación de servicio (consumo de recursos del servidor proxy) a través de una serie de peticiones interrumpidas a una URL Large Object. A memory-leak issue was found in OpenStack Object Storage (swift), in the client-to-proxy connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption. • http://rhn.redhat.com/errata/RHSA-2016-0128.html http://rhn.redhat.com/errata/RHSA-2016-0155.html http://rhn.redhat.com/errata/RHSA-2016-0329.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/81432 https://bugs.launchpad.net/swift/+bug/1466549 https://launchpad.net/swift/+milestone/2.4.0 https://review.openstack.org/#/c/217750 https://security.openstack.org/ossa/OSSA-2016-004.html https://access • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 0CVE-2016-0738 – openstack-swift: Proxy to server DoS through Large Objects
https://notcve.org/view.php?id=CVE-2016-0738
OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x before 2.5.1 (Liberty) do not properly close server connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series of interrupted requests to a Large Object URL. OpenStack Object Storage (Swift) en versiones anteriores a 2.3.1 (Kilo), 2.4.x y 2.5.x en versiones anteriores a 2.5.1 (Liberty) no cierra correctamente las conexiones de servidor, lo que permite a atacantes remotos causar una denegación de servicio (consumo de recursos del servidor proxy) a través de una serie de peticiones interrumpidas a una URL Large Object. A memory-leak issue was found in OpenStack Object Storage (swift), in the proxy-to-server connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption. • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176713.html http://rhn.redhat.com/errata/RHSA-2016-0128.html http://rhn.redhat.com/errata/RHSA-2016-0155.html http://rhn.redhat.com/errata/RHSA-2016-0329.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/81432 https://bugs.launchpad.net/cloud-archive/+bug/1493303 https://github.com/openstack/swift/blob/master/CHANGELOG https://security.openstack.org • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-5295 – openstack-heat: Vulnerability in Heat template validation leading to DoS
https://notcve.org/view.php?id=CVE-2015-5295
The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the existence of local files via the resource type in a template, as demonstrated by file:///dev/zero. El comando template-validate en OpenStack Orchestration API (Heat) en versiones anteriores a 2015.1.3 (kilo) y 5.0.x en versiones anteriores a 5.0.1 (liberty) permite a usuarios remotos autenticados provocar una denegación de servicio (consumo de memoria) o determinar la existencia de archivos locales a través del tipo de recurso en una plantilla, según lo demostrado por el archivo:///dev/zero. A vulnerability was discovered in the OpenStack Orchestration service (heat), where a specially formatted template could be used to trick the heat-engine service into opening a local file. Although the file contents are never disclosed to the end user, an OpenStack-authenticated attacker could use this flaw to cause a denial of service or determine whether a given file name is present on the server. • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176700.html http://rhn.redhat.com/errata/RHSA-2016-0266.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.securityfocus.com/bid/81438 https://bugs.launchpad.net/heat/+bug/1496277 https://security.openstack.org/ossa/OSSA-2016-003.html https://access.redhat.com/security/cve/CVE-2015-5295 https://bugzilla.redhat.com/show_bug.cgi?id=1298295 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2015-8749
https://notcve.org/view.php?id=CVE-2015-8749
The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message when using the Xen backend, which might allow attackers to obtain sensitive password information by reading log files or other unspecified vectors. La función volume_utils._parse_volume_info en OpenStack Compute (Nova) en versiones anteriores a 2015.1.3 (kilo) y 12.0.x en versiones anteriores a 12.0.1 (liberty) incluye el diccionario connection_info en el mensaje StorageError cuando utiliza el backend Xen, lo que permitiría a atacantes obtener información sensible de contraseña leyendo archivos de registro u otros vectores no especificados. • http://www.openwall.com/lists/oss-security/2016/01/07/8 http://www.openwall.com/lists/oss-security/2016/01/07/9 http://www.securityfocus.com/bid/80189 https://bugs.launchpad.net/nova/+bug/1516765 https://security.openstack.org/ossa/OSSA-2016-002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2015-8466
https://notcve.org/view.php?id=CVE-2015-8466
Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header. Swift3 en versiones anteriores a 1.9 permite a atacantes remotos llevar a cabo ataques de repetición a través de una petición Authorization que carece de una cabecera Date. • http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174374.html http://www.debian.org/security/2016/dsa-3583 https://bugs.launchpad.net/swift3/+bug/1497424 https://github.com/openstack/swift3/blob/master/CHANGELOG https://swiftstack.com/docs/admin/release.html • CWE-20: Improper Input Validation •