Page 5 of 23 results (0.010 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL. El código RGW en Ceph en versiones anteriores a 10.0.1, cuando la lectura autenticada ACL es aplicada a un compartimento, permite a atacantes remotos listar el contenido del compartimento a través de una URL. A flaw was found in Ceph RGW code which allows an anonymous user to list contents of RGW bucket by bypassing ACL which should only allow authenticated users to list contents of bucket. • http://docs.ceph.com/docs/master/release-notes/#v10-0-1 http://rhn.redhat.com/errata/RHSA-2016-1972.html http://rhn.redhat.com/errata/RHSA-2016-1973.html http://tracker.ceph.com/issues/13207 http://www.securityfocus.com/bid/93240 https://github.com/ceph/ceph/pull/6057 https://access.redhat.com/security/cve/CVE-2016-7031 https://bugzilla.redhat.com/show_bug.cgi?id=1372446 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-254: 7PK - Security Features •

CVSS: 6.5EPSS: 1%CPEs: 7EXPL: 0

The handle_command function in mon/Monitor.cc in Ceph allows remote authenticated users to cause a denial of service (segmentation fault and ceph monitor crash) via an (1) empty or (2) crafted prefix. La función handle_command en mon/Monitor.cc en Ceph permite a usuarios remotos autenticados provocar un denegación de servicio (fallo de segmentación y caída del monitor ceph) a través de un prefijo (1) vacío o (2) manipulado. A flaw was found in the way handle_command() function would validate prefix value from user. An authenticated attacker could send a specially crafted prefix value resulting in ceph monitor crash. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00126.html http://tracker.ceph.com/issues/16297 https://access.redhat.com/errata/RHSA-2016:1384 https://access.redhat.com/errata/RHSA-2016:1385 https://github.com/ceph/ceph/commit/957ece7e95d8f8746191fd9629622d4457d690d6 https://github.com/ceph/ceph/pull/9700 https://access.redhat.com/security/cve/CVE-2016-5009 https://bugzilla.redhat.com/show_bug.cgi?id=1351453 • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or RGW) in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name. Vulnerabilidad de inyección CRLF en la Ceph Object Gateway (también conocida como radosgw o RGW) en Ceph en versiones anteriores a 0.94.4 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques de separación de respuesta HTTP a través de un nombre de contenedor manipulado. A feature in Ceph Object Gateway (RGW) allows to return a specific HTTP header that contains the name of a bucket that was accessed. It was found that the returned HTTP headers were not sanitized. An unauthenticated attacker could use this flaw to craft HTTP headers in responses that would confuse the load balancer residing in front of RGW, potentially resulting in a denial of service. • http://lists.ceph.com/pipermail/ceph-announce-ceph.com/2015-October/000034.html http://tracker.ceph.com/issues/12537 https://access.redhat.com/errata/RHSA-2015:2512 https://access.redhat.com/security/cve/CVE-2015-5245 https://bugzilla.redhat.com/show_bug.cgi?id=1261606 • CWE-20: Improper Input Validation •