Dan-Prince

**Name of the Vulnerable Software and Affected Versions** OpenStack Identity (Keystone) versions prior to 2013.1 **Description** The issue allows remote attackers to cause a denial of service, resulting in memory consumption and a crash, via multiple long requests. **Recommendations** For versions prior to 2013.1, update to version 2013.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** OpenStack Compute (Nova) versions prior to 2011.3 **Description** The issue allows remote authenticated users to cause a denial of service, resulting in Nova-API log file and disk consumption, by providing a long server name. **Recommendations** For versions prior to 2011.3, update to version 2011.3 or later to resolve the issue.