10 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-8466
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header. CVE-2015-8466 Note that Nessus relies...
RHEL 6 : openstack-swift-plugin-swift3 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - openstack-swift-plugin3: replay attack - date/date header unvalidated CVE-2015-8466 Note that Nessus has not tested...
Security Bulletin: Vulnerabilities in OpenStack affect IBM Spectrum Scale V4.2 and V4.1.1 (CVE-2015-8466 and CVE-2016-0738)
Summary OpenStack vulnerabilities that could allow: - with OpenStack Swift 3, a remote attacker to launch a replay attack affects IBM Spectrum Scale CVE-2015-8466 - with OpenStack Object storageSwift, a remote authenticated attacker could exploit this vulnerability to consume all available...
Debian DSA-3583-1 : swift-plugin-s3 - security update
It was discovered that the swift3 S3 compatibility middleware plugin for Swift performed insufficient validation of date headers which might result in replay attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
Debian: Security Advisory (DSA-3583-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 23 : openstack-swift-plugin-swift3-1.9-1.fc23 (2015-1ca595f821)
Update to upstream 1.9 includes security fix for CVE-2015-8466 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
CVE-2015-8466
Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header...
UBUNTU-CVE-2015-8466
Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header...
CVE-2015-8466
CVE-2015-8466 affects OpenStack Swift3 (S3 compatibility) middleware, allowing a remote replay attack when an Authorization request lacks a Date header. The issue is in Swift3 by default up to version 1.9. Public fixes are available in upstream Swift3 release 1.9. Debian lists fixed packages 1.7-...
CVE-2015-8466
Removed by vendor...