OpenStack Object Storage Denial of Service Vulnerability (CNVD-2016-00844)

OpenStack is a cloud platform management project.OpenStack Object Storage aka Swift is one of the storage projects for storing permanent static data. OpenStack Object Storage failed to properly close a server connection, allowing a remote attacker to conduct a denial of service attack by sending ...

CVE-2016-0738

OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

CVE-2016-0738

OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

DEBIAN-CVE-2016-0738

OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

CVE-2016-0737

OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

CVE-2016-0737

OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

DEBIAN-CVE-2016-0737

OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

Design/Logic Flaw

OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

Design/Logic Flaw

OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

CVE-2016-0737

CVE-2016-0737 affects OpenStack Swift before 2.4.0, where the proxy-server may consume resources due to not properly closing client connections after interrupted requests to a Large Object URL. This is corroborated by multiple connected entries (GHSA-972C-CFV8-2HQ8; RHSA advisories) indicating op...

CVE-2016-0737

OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

CVE-2016-0738

OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

CVE-2016-0738

CVE-2016-0738 affects OpenStack Swift (Object Storage) prior to 2.3.1 in Kilo, 2.4.x, and prior to 2.5.1 in Liberty. The issue is a memory-leak/unfinished-read vulnerability that can allow a remote attacker (authenticated) to cause a denial of service by exhausting proxy-server resources through ...

CVE-2016-0738

OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

CVE-2016-0737

OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

CVE-2016-0738

OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

PT-2016-4395 · Openstack +1 · Openstack Object Storage +1

Name of the Vulnerable Software and Affected Versions: OpenStack Object Storage Swift versions prior to 2.3.1 Kilo OpenStack Object Storage Swift version 2.4.x OpenStack Object Storage Swift versions prior to 2.5.1 Liberty Description: The issue allows remote attackers to cause a denial of servic...

CVE-2016-0737

OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...

PT-2016-4394 · Openstack +1 · Openstack Object Storage +1

Name of the Vulnerable Software and Affected Versions: OpenStack Object Storage Swift versions prior to 2.4.0 Description: The issue allows remote attackers to cause a denial of service by consuming proxy-server resources through a series of interrupted requests to a Large Object URL, due to the...

UBUNTU-CVE-2016-0738

OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...