OpenStack Nova Long server names grow nova-api log files significantly

GHSA-pjvw-p2v5-wf6q · CVE-2012-1585

Published May 14, 2022 · Modified May 19, 2024

Description

OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2012-1585
WEB https://bugs.launchpad.net/nova/+bug/962515
PACKAGE https://github.com/openstack/nova
WEB http://github.com/openstack/nova/commit/0fa7d12dbfb7ae016657dd91034b4c0781ea43de
WEB http://github.com/openstack/nova/commit/1ebec5726c7a9db0a6f29fad0ef747b0c087f702
WEB http://github.com/openstack/nova/commit/c7f526fae6062e9ab51f65474af71d496aa66554
WEB http://github.com/openstack/nova/commit/c869a41951b77c6930bf4fb4734f05cd3d6ac4b1
WEB http://lwn.net/Alerts/491298
WEB http://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes