CVE 2013-0247
OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service (disk consumption) via many invalid token requests that trigger excessive generation of log entries.
Related bugs and status
CVE-2013-0247 (Candidate) is related to these bugs:
Bug #1046905: Memcached Token Backend does not support list tokens
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1046905 | Memcached Token Backend does not support list tokens | OpenStack Identity (keystone) | Critical | Fix Released | ||
1046905 | Memcached Token Backend does not support list tokens | OpenStack Identity (keystone) essex | Critical | Fix Released | ||
1046905 | Memcached Token Backend does not support list tokens | keystone (Ubuntu) | Undecided | Fix Released | ||
1046905 | Memcached Token Backend does not support list tokens | keystone (Ubuntu Precise) | Undecided | Fix Released |
Bug #1050025: Token invalidation in case of role grant/revoke should be limited to affected tenant
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1050025 | Token invalidation in case of role grant/revoke should be limited to affected tenant | OpenStack Identity (keystone) | Medium | Fix Released | ||
1050025 | Token invalidation in case of role grant/revoke should be limited to affected tenant | OpenStack Identity (keystone) essex | Medium | Fix Released | ||
1050025 | Token invalidation in case of role grant/revoke should be limited to affected tenant | keystone (Ubuntu) | Undecided | Fix Released | ||
1050025 | Token invalidation in case of role grant/revoke should be limited to affected tenant | keystone (Ubuntu Precise) | Undecided | Fix Released |
Bug #1056373: memcache driver needs protection against unicode user keys
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1056373 | memcache driver needs protection against unicode user keys | OpenStack Identity (keystone) | Critical | Fix Released | ||
1056373 | memcache driver needs protection against unicode user keys | OpenStack Identity (keystone) essex | Critical | Fix Released | ||
1056373 | memcache driver needs protection against unicode user keys | keystone (Ubuntu) | Undecided | Fix Released | ||
1056373 | memcache driver needs protection against unicode user keys | keystone (Ubuntu Precise) | Undecided | Fix Released |
Bug #1089488: Meta bug for tracking Openstack Stable Updates
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1089488 | Meta bug for tracking Openstack Stable Updates | nova (Ubuntu) | Undecided | Invalid | ||
1089488 | Meta bug for tracking Openstack Stable Updates | horizon (Ubuntu) | Undecided | Invalid | ||
1089488 | Meta bug for tracking Openstack Stable Updates | keystone (Ubuntu) | Undecided | Invalid | ||
1089488 | Meta bug for tracking Openstack Stable Updates | horizon (Ubuntu Precise) | Undecided | Fix Released | ||
1089488 | Meta bug for tracking Openstack Stable Updates | keystone (Ubuntu Precise) | Undecided | Fix Released | ||
1089488 | Meta bug for tracking Openstack Stable Updates | nova (Ubuntu Precise) | Undecided | Fix Released | ||
1089488 | Meta bug for tracking Openstack Stable Updates | glance (Ubuntu) | Undecided | Fix Released |
Bug #1098307: [OSSA 2013-003] unauthenticated POST to /tokens can fill up disk/logs
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1098307 | [OSSA 2013-003] unauthenticated POST to /tokens can fill up disk/logs | OpenStack Identity (keystone) | High | Fix Released | ||
1098307 | [OSSA 2013-003] unauthenticated POST to /tokens can fill up disk/logs | OpenStack Identity (keystone) folsom | High | Fix Released | ||
1098307 | [OSSA 2013-003] unauthenticated POST to /tokens can fill up disk/logs | OpenStack Identity (keystone) essex | High | Fix Released | ||
1098307 | [OSSA 2013-003] unauthenticated POST to /tokens can fill up disk/logs | OpenStack Security Advisory | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.