6 matches found
SUSE CVE-2014-2828
The V3 API in OpenStack Identity Keystone 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service CPU consumption via a large number of the same authentication method in a request, aka "authentication chaining."...
Oracle Solaris Third-Party Patch Update : keystone (cve_2014_2828_authentication_issues)
The remote Solaris system is missing necessary patches to address security updates : - The V3 API in OpenStack Identity Keystone 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service CPU consumption via a large number of the same authenticati...
Fedora 20 : openstack-keystone-2013.2.3-5.fc20 (2014-5497)
Sanitizes authentication methods received in requests CVE-2014-2828 - Privilege escalation through trust chained delegation CVE-2014-3476 - Keystone V2 trusts privilege escalation through user supplied project id CVE-2014-3520 Note that Tenable Network Security has extracted the preceding...
Fedora Update for openstack-keystone FEDORA-2014-5497
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-2828
CVE-2014-2828 affects OpenStack Keystone (V3 API) where an attacker can trigger a denial of service by sending many requests using the same authentication method. The vulnerability exists in Keystone 2013.1 before 2013.2.4 and in Icehouse before icehouse-rc2. Public advisories from Red Hat, IBM, ...
CVE-2014-2828
The V3 API in OpenStack Identity Keystone 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service CPU consumption via a large number of the same authentication method in a request, aka "authentication chaining."...