ceph: Object Gateway server DoS by sending invalid cross-origin HTTP request

A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request...

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 2.1 security and bug fix update

An update is now available for Red Hat Ceph Storage 2.1. This erratum is for Red Hat Ceph Storage that runs on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

CVE-2016-9579

A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request. Ceph branches...

PT-2016-7784 · Red Hat +1 · Ceph +1

Name of the Vulnerable Software and Affected Versions: Ceph versions 1.3.x through 2.x Description: A flaw in Ceph Object Gateway's processing of cross-origin HTTP requests can cause a denial of service when the CORS policy allows origin on a bucket. This can be exploited by a remote...

UBUNTU-CVE-2016-9579

A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request. Ceph branches...

CVE-2016-9579

A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request...

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 1.3 security, bug fix, and enhancement update

An update is now available for Red Hat Ceph Storage 1.3. This erratum is applicable for Red Hat Ceph Storage that runs on Ubuntu 14.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

Ceph: RGW Denial of Service by sending null or specially crafted POST object requests

A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests...

Ceph: RGW Denial of Service by sending null or specially crafted POST object requests

A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests...

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 1.3 security, bug fix, and enhancement update

An update is now available for Red Hat Ceph Storage 1.3. This erratum is applicable for Red Hat Ceph Storage that runs on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, whic...

Ceph: RGW Denial of Service by sending null or specially crafted POST object requests

A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests...

Ceph: RGW Denial of Service by sending null or specially crafted POST object requests

A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests...

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage security, bug fix, and enhancement update

An update is now available for Red Hat Ceph Storage 2.1 that fix one security issue, multiple bugs, and add various enhancements. This erratum is applicable for Red Hat Ceph Storage that runs on Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. ...

CVE-2016-8626

A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests...

CVE-2016-8626

A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests...

Red Hat Ceph RGW Information Disclosure Vulnerability

Red Hat Ceph is a Linux petabyte-level distributed file system from Red Hat. The main goal of the system is to be designed as a distributed file system based on POSIX Portable Operating System Interface without a single point of failure, so that data can be fault-tolerant and seamless replication...

DEBIAN-CVE-2016-7031

The RGW code in Ceph before 10.0.1, when authenticated-read ACL is applied to a bucket, allows remote attackers to list the bucket contents via a URL...

The Ceph Object Gateway CRLF Vulnerability(CVE-2 0 1 5-5 2 4 5)-vulnerability warning-the black bar safety net

CVECAN ID: CVE-2 0 1 5-5 2 4 5 The Ceph Object Gateway is constructed in the librados on top of the object storage interface, you can make the application through a RESTful gateway to access the distributed storage system Ceph Storage Clusters. Ceph 0.94.4 before the version, Ceph Object Gateway,...

Ceph Object Gateway CRLF Vulnerability

Ceph Object Gateway is an object storage interface built on top of librados that enables applications to access Ceph Storage Clusters, a distributed storage system, through a RESTful gateway. A CRLF injection vulnerability exists in Ceph Object Gateway versions prior to 0.94.4, where a remote...

Ceph Object Gateway CRLF漏洞

No description provided by source...