CVE-2014-3497

Cross-site scripting XSS vulnerability in OpenStack Swift 1.11.0 through 1.13.1 allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header...

CVE-2014-3497

Cross-site scripting XSS vulnerability in OpenStack Swift 1.11.0 through 1.13.1 allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header...

UBUNTU-CVE-2014-3497

Cross-site scripting XSS vulnerability in OpenStack Swift 1.11.0 through 1.13.1 allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header...

PT-2014-5360 · Openstack +1 · Openstack Swift +1

Name of the Vulnerable Software and Affected Versions: OpenStack Swift versions 1.11.0 through 1.13.1 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header. Recommendations: For versions 1.11.0 through 1.13.1,...

openSUSE Security Update : openstack-swift (openSUSE-SU-2013:1146-1)

This update of openstack-swift fixes a security vulnerability. - Add CVE-2013-2161.patch: fix unchecked user input in Swift XML responses CVE-2013-2161, bnc824286. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

Ubuntu: Security Advisory (USN-2207-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for swift USN-2207-1

Check for the Version of swift OpenVAS Vulnerability Test $Id: gbubuntuUSN22071.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for swift USN-2207-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; yo...

[USN-2207-1] OpenStack Swift vulnerability

========================================================================== Ubuntu Security Notice USN-2207-1 May 06, 2014 swift vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

USN-2207-1: OpenStack Swift vulnerability

Samuel Merritt discovered a timing attack vulnerability in OpenStack Swift. If Swift was configured to use the TempURL middleware, an attacker could exploit this to guess valid secret URLs and obtain unintended access to objects publicly shared with specific recipients...

Swift: TempURL timing attack

The TempURL middleware in OpenStack Object Storage Swift 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack...

Swift: TempURL timing attack

The TempURL middleware in OpenStack Object Storage Swift 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack...

DEBIAN-CVE-2014-0006

The TempURL middleware in OpenStack Object Storage Swift 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack...

UBUNTU-CVE-2014-0006

The TempURL middleware in OpenStack Object Storage Swift 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack...

Moderate: Red Hat Security Advisory: openstack-swift security update

Updated openstack-swift packages that fix one security issue are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

OpenStack: Swift Denial of Service using superfluous object tombstones

OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service "superfluous" tombstone consumption and Swift cluster slowdown via a DELETE request with a timestamp that is older than expected...

OpenStack Swift 远程拒绝服务漏洞(CVE-2013-4155)

Bugtraq ID:61690 CVE ID:CVE-2013-4155 OpenStack Swift是OpenStack开源云计算项目的子项目之一,被称为对象存储,提供了强大的扩展性、冗余和持久性 OpenStack Swift存在一个安全漏洞，通过提交包含旧的X-Timestamp值的请求，通过验证的攻击者可把多余对象tombstone填充到对象服务器中，可明显减缓对该对象服务器的请求，对Swift集群进行拒绝服务攻击 0 OpenStack Swift 厂商解决方案 用户可参考如下厂商提供的安全补丁以修复该漏洞： Havana development branch fix:...

CVE-2013-2161

XML injection vulnerability in account/utils.py in OpenStack Swift Folsom, Grizzly, and Havana allows attackers to trigger invalid or spoofed Swift responses via an account name...

CVE-2013-2161

XML injection vulnerability in account/utils.py in OpenStack Swift Folsom, Grizzly, and Havana allows attackers to trigger invalid or spoofed Swift responses via an account name...

DEBIAN-CVE-2013-4155

OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service "superfluous" tombstone consumption and Swift cluster slowdown via a DELETE request with a timestamp that is older than expected...

CVE-2013-4155

OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service "superfluous" tombstone consumption and Swift cluster slowdown via a DELETE request with a timestamp that is older than expected...