Launchpad CVE tracker

CVE 2013-4155

OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE request with a timestamp that is older than expected.

Related bugs and status

CVE-2013-4155 (Candidate) is related to these bugs:

Bug #1196932: [OSSA 2013-022] Possibly DoS attack using object tombstones (CVE-2013-4155)

		In	Importance	Status
1196932	[OSSA 2013-022] Possibly DoS attack using object tombstones (CVE-2013-4155)	OpenStack Object Storage (swift)	Critical	Fix Released
1196932	[OSSA 2013-022] Possibly DoS attack using object tombstones (CVE-2013-4155)	OpenStack Security Advisory	Medium	Fix Released
1196932	[OSSA 2013-022] Possibly DoS attack using object tombstones (CVE-2013-4155)	OpenStack Object Storage (swift) grizzly	Undecided	Fix Committed
1196932	[OSSA 2013-022] Possibly DoS attack using object tombstones (CVE-2013-4155)	OpenStack Object Storage (swift) folsom	Undecided	Fix Committed

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-4155

References