OpenStack Swift vulnerability

2014-05-06T00:00:00
ID USN-2207-1
Type ubuntu
Reporter Ubuntu
Modified 2014-05-06T00:00:00

Description

Samuel Merritt discovered a timing attack vulnerability in OpenStack Swift. If Swift was configured to use the TempURL middleware, an attacker could exploit this to guess valid secret URLs and obtain unintended access to objects publicly shared with specific recipients.