CVSS: 6.8EPSS: 3%CPEs: 4EXPL: 0CVE-2016-8626 – Ceph: RGW Denial of Service by sending null or specially crafted POST object requests
https://notcve.org/view.php?id=CVE-2016-8626
23 Nov 2016 — A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests. Se ha descubierto un problema en versiones anteriores a la 0.94.9-8 de Red Hat Ceph. La forma en la que Ceph Object Gateway gestiona las peticiones de objeto POST permite que un atacante autenticado lance un ataque de denegación de servicio (DoS) enviando peticiones de objet... • http://rhn.redhat.com/errata/RHSA-2016-2815.html • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2016-7031 – ceph: RGW permits bucket listing when authenticated_users=read
https://notcve.org/view.php?id=CVE-2016-7031
29 Sep 2016 — The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL. El código RGW en Ceph en versiones anteriores a 10.0.1, cuando la lectura autenticada ACL es aplicada a un compartimento, permite a atacantes remotos listar el contenido del compartimento a través de una URL. A flaw was found in Ceph RGW code which allows an anonymous user to list contents of RGW bucket by bypassing ACL which should only allow authenticated u... • http://docs.ceph.com/docs/master/release-notes/#v10-0-1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-254: 7PK - Security Features •
CVSS: 6.5EPSS: 1%CPEs: 7EXPL: 0CVE-2016-5009 – crash: mon_command crashes ceph monitors on receiving empty prefix
https://notcve.org/view.php?id=CVE-2016-5009
05 Jul 2016 — The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix. La función handle_command en mon/Monitor.cc en Ceph permite a usuarios remotos autenticados provocar un denegación de servicio (fallo de segmentación y caída del monitor ceph) a través de un prefijo (1) vacío o (2) manipulado. A flaw was found in the way handle_command() function would validate prefix value fr... • http://lists.opensuse.org/opensuse-updates/2016-12/msg00126.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5245 – Ceph: RGW returns requested bucket name raw in Bucket response header
https://notcve.org/view.php?id=CVE-2015-5245
23 Nov 2015 — CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or RGW) in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name. Vulnerabilidad de inyección CRLF en la Ceph Object Gateway (también conocida como radosgw o RGW) en Ceph en versiones anteriores a 0.94.4 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques de separación de respuesta HTTP a través de un nombre de co... • http://lists.ceph.com/pipermail/ceph-announce-ceph.com/2015-October/000034.html • CWE-20: Improper Input Validation •