PT-2016-4394 · Openstack+1 · Openstack Object Storage+1

Romain Le Disez

·

Publicado

2016-01-29

·

Atualizado

2023-02-12

·

CVE-2016-0737

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions OpenStack Object Storage (Swift) versions prior to 2.4.0
Description The issue allows remote attackers to cause a denial of service by consuming proxy-server resources through a series of interrupted requests to a Large Object URL, due to the software not properly closing client connections.
Recommendations For versions prior to 2.4.0, update to version 2.4.0 or later to resolve the issue.

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

CVE-2016-0737
GHSA-972C-CFV8-2HQ8
RHSA-2016:0126
RHSA-2016:0127
RHSA-2016:0128
RHSA-2016:0155
RHSA-2016:0328
RHSA-2016:0329
USN-3451-1

Produtos afetados

Openstack Object Storage
Ubuntu