Published: 07/06/2012 Updated: 29/08/2017

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

VMScore: 312

Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P

Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openstack nova folsom
openstack nova 2012.1
openstack nova 2011.3

Nova could be made to crash the system under certain conditions ...

CWE-264 https://lists.launchpad.net/openstack/msg10268.html http://secunia.com/advisories/49034 http://secunia.com/advisories/49048 https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64 http://ubuntu.com/usn/usn-1438-1 https://bugs.launchpad.net/nova/+bug/969545 https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7 http://www.osvdb.org/81641 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html https://exchange.xforce.ibmcloud.com/vulnerabilities/75243 https://usn.ubuntu.com/1438-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-2101

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect