7799 matches found
UBUNTU-CVE-2015-7546
The identity service in OpenStack Identity Keystone before 2015.1.3 Kilo and 8.0.x before 8.0.2 Liberty and keystonemiddleware formerly python-keystoneclient before 1.5.4 Kilo and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers,...
CVE-2015-7546
The identity service in OpenStack Identity Keystone before 2015.1.3 Kilo and 8.0.x before 8.0.2 Liberty and keystonemiddleware formerly python-keystoneclient before 1.5.4 Kilo and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers,...
CVE-2015-7546
CVE-2015-7546 affects OpenStack Keystone and related keystonemiddleware: the identity service fails to invalidate authorization tokens when using PKI or PKIZ providers, enabling remote authenticated users to bypass access controls by manipulating bytes in a revoked token. Affected versions includ...
CVE-2015-7546
The identity service in OpenStack Identity Keystone before 2015.1.3 Kilo and 8.0.x before 8.0.2 Liberty and keystonemiddleware formerly python-keystoneclient before 1.5.4 Kilo and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers,...
[SECURITY] Fedora 23 Update: openstack-swift-2.3.0-3.fc23
OpenStack Object Storage Swift aggregates commodity servers to work toget her in clusters for reliable, redundant, and large-scale storage of static obje cts. Objects are written to multiple hardware devices in the data center, with t he OpenStack software responsible for ensuring data replicatio...
[SECURITY] Fedora 23 Update: openstack-heat-2015.1.2-2.fc23
Heat provides AWS CloudFormation and CloudWatch functionality for OpenStack...
OpenStack Object Storage Denial of Service Vulnerability (CNVD-2016-00844)
OpenStack is a cloud platform management project.OpenStack Object Storage aka Swift is one of the storage projects for storing permanent static data. OpenStack Object Storage failed to properly close a server connection, allowing a remote attacker to conduct a denial of service attack by sending ...
OpenStack Object Storage Denial of Service Vulnerability
OpenStack is a cloud platform management project.OpenStack Object Storage aka Swift is one of the storage projects for storing permanent static data. OpenStack Object Storage failed to properly close client connections, allowing a remote attacker to perform a denial of service by sending a series...
DEBIAN-CVE-2016-0738
OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
CVE-2016-0738
OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
CVE-2016-0738
OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
DEBIAN-CVE-2016-0737
OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
CVE-2016-0737
OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
CVE-2016-0737
OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
Design/Logic Flaw
OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
Design/Logic Flaw
OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
CVE-2016-0738
OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...
CVE-2016-0738
CVE-2016-0738 affects OpenStack Swift (Object Storage) prior to 2.3.1 in Kilo, 2.4.x, and prior to 2.5.1 in Liberty. The issue is a memory-leak/unfinished-read vulnerability that can allow a remote attacker (authenticated) to cause a denial of service by exhausting proxy-server resources through ...
CVE-2016-0737
CVE-2016-0737 affects OpenStack Swift before 2.4.0, where the proxy-server may consume resources due to not properly closing client connections after interrupted requests to a Large Object URL. This is corroborated by multiple connected entries (GHSA-972C-CFV8-2HQ8; RHSA advisories) indicating op...
CVE-2016-0737
OpenStack Object Storage Swift before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...