81 matches found
Authorization Bypass
gluster-swift is vulnerable to authorization bypass. A flaw was found in the metadata constraints in Red Hat Gluster Storage's OpenStack Object Storage swiftonfile. By adding metadata in several separate calls, a malicious user could bypass the maxmetacount constraint, and store more metadata tha...
PYSEC-2016-34
The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...
CVE-2015-5271
The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...
CVE-2015-5271
The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...
Information disclosure
The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...
CVE-2015-5271
The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...
RHEL 6 : Storage Server (RHSA-2016:0329)
Updated openstack-swift packages that fix two security issues are now available for Red Hat Gluster Storage 3.1 update 2 in Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
RHEL 7 : Storage Server (RHSA-2016:0328)
Updated openstack-swift packages that fix two security issues are now available for Red Hat Gluster Storage 3.1 update 2 in Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
Moderate: Red Hat Security Advisory: openstack-swift security update
Updated openstack-swift packages that fix two security issues are now available for Red Hat Gluster Storage 3.1 update 2 in Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
Moderate: Red Hat Security Advisory: openstack-swift security update
Updated openstack-swift packages that fix two security issues are now available for Red Hat Gluster Storage 3.1 update 2 in Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
Moderate: Red Hat Security Advisory: openstack-swift security update
Updated openstack-swift packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for RHEL 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
Moderate: Red Hat Security Advisory: openstack-swift security update
Updated openstack-swift packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for RHEL 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
OpenStack Object Storage Denial of Service Vulnerability
OpenStack is a cloud platform management project.OpenStack Object Storage aka Swift is one of the storage projects for storing permanent static data. OpenStack Object Storage failed to properly close client connections, allowing a remote attacker to perform a denial of service by sending a series...
OpenStack Object Storage Denial of Service Vulnerability (CNVD-2016-00844)
OpenStack is a cloud platform management project.OpenStack Object Storage aka Swift is one of the storage projects for storing permanent static data. OpenStack Object Storage failed to properly close a server connection, allowing a remote attacker to conduct a denial of service attack by sending ...
CVE-2016-0738
OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
CVE-2016-0737
OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
Design/Logic Flaw
OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
CVE-2016-0738
OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
PT-2016-4395 · Openstack +1 · Openstack Object Storage +1
Name of the Vulnerable Software and Affected Versions: OpenStack Object Storage Swift versions prior to 2.3.1 Kilo OpenStack Object Storage Swift version 2.4.x OpenStack Object Storage Swift versions prior to 2.5.1 Liberty Description: The issue allows remote attackers to cause a denial of servic...
CVE-2016-0737
OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...