Published: 17/08/2012 Updated: 14/11/2018

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

OpenStack Compute (Nova) Essex prior to 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openstack nova

Debian Bug report logs - #666888 DoS through long server names Package: nova; Maintainer for nova is Debian OpenStack <team+openstack@trackerdebianorg>; Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Mon, 2 Apr 2012 08:03:02 UTC Severity: grave Tags: security Fixed in version 20121~rc3-1 Done ...

Nova log files could be made to exhaust storage resources ...

CWE-399 https://bugs.launchpad.net/nova/+bug/962515 http://lwn.net/Alerts/491298/http://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=666888 https://usn.ubuntu.com/1413-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-1585

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect