openSUSE Security Update : ceph (openSUSE-2020-187)

This update for ceph fixes the following issues : - CVE-2020-1700: Fixed a denial of service against the RGW server via connection leakage bsc1161312. - CVE-2020-1699: Fixed a information disclosure by improper URL checking bsc1161074. This update was imported from the SUSE:SLE-15-SP1:Update upda...

Security update for ceph (moderate)

openSUSE Security Update: Security update for ceph Announcement ID: openSUSE-SU-2020:0187-1 Rating: moderate References: 1161074 1161312 Cross-References: CVE-2020-1699 CVE-2020-1700 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description: This...

Denial Of Service (DoS)

ceph is vulnerable to denial of service. An unauthenticated remote attacker is able to crash the Ceph RGW server by sending valid HTTP headers and terminating the connection...

CVE-2019-3821

A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulting in a remote denial of service...

Moderate: Red Hat Security Advisory: Red Hat Ceph Storage 3.0 security and bug fix update

An update for ceph is now available for Red Hat Ceph Storage for Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...