Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2101

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2012-2101
Last Modified 06 Nov 2012 12:11:01
Published 07 Jun 2012 03:55:08
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2012-2101

Summary

Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.

Vulnerable Systems

Application

  • Openstack Nova 2011.3

  • Openstack Nova 2012.1

  • Openstack Nova Folsom


References

MLIST - [openstack] 20120419 [OSSA 2012-005] No quota enforced on security group rules

CONFIRM - https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64

CONFIRM - https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb

CONFIRM - https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7

CONFIRM - https://bugs.launchpad.net/nova/+bug/969545

OSVDB - 81641

UBUNTU - USN-1438-1

SECUNIA - 49048

SECUNIA - 49034

FEDORA - FEDORA-2012-6273

FEDORA - FEDORA-2012-6365

XF - nova-quotas-dos(75243)


Last Updated: 27 May 2016 10:49:37