Lucene search
RootSSV:60979HistoryAug 27, 2013 - 12:00 a.m.
OpenStack Swift 远程拒绝服务漏洞(CVE-2013-4155)
2013-08-2700:00:00
Root
www.seebug.org
15
0.003 Low
EPSS
Percentile
64.5%
Bugtraq ID:61690
CVE ID:CVE-2013-4155
OpenStack Swift是OpenStack开源云计算项目的子项目之一,被称为对象存储,提供了强大的扩展性、冗余和持久性
OpenStack Swift存在一个安全漏洞,通过提交包含旧的X-Timestamp值的请求,通过验证的攻击者可把多余对象tombstone填充到对象服务器中,可明显减缓对该对象服务器的请求,对Swift集群进行拒绝服务攻击
0
OpenStack Swift
厂商解决方案
用户可参考如下厂商提供的安全补丁以修复该漏洞:
Havana (development branch) fix:
https://review.openstack.org/40643
Grizzly fix:
https://review.openstack.org/40645
Folsom fix:
https://review.openstack.org/40646
OpenStack Swift 1.9.1已经修复该漏洞,建议用户下载更新:
http://swift.openstack.org/
Related
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:58:17
fedora
fedora
[SECURITY] Fedora 19 Update: openstack-swift-1.8.0-3.fc19
2013-08-18 21:36:36
prion
prion
Design/Logic Flaw
2013-08-20 22:55:00
securityvulns
securityvulns
[USN-2001-1] Swift vulnerability
2013-10-28 00:00:00
OpenStack multiple security vulnerabilities
2013-07-01 00:00:00
OpenStack multiple security vulnerabilities
2013-12-23 00:00:00
nessus
nessus
Fedora 19 : openstack-swift-1.8.0-3.fc19 (2013-14477)
2013-08-20 00:00:00
Debian DSA-2737-1 : swift - several vulnerabilities
2013-08-15 00:00:00
cvelist
cvelist
CVE-2013-4155
2013-08-20 22:00:00
openvas
openvas
Fedora Update for openstack-swift FEDORA-2013-14477
2013-08-20 00:00:00
Ubuntu Update for swift USN-2001-1
2013-10-29 00:00:00
Fedora Update for openstack-swift FEDORA-2013-14477
2013-08-20 00:00:00
debiancve
debiancve
CVE-2013-4155
2013-08-20 22:55:04
github
github
OpenStack Swift allows authenticated users to cause a denial of service
2022-05-17 04:58:58
ubuntucve
ubuntucve
CVE-2013-4155
2013-08-07 00:00:00
redhat
redhat
(RHSA-2013:1197) Moderate: openstack-swift security update
2013-09-03 00:00:00
cve
cve
CVE-2013-4155
2013-08-20 22:55:04