Comment 17 for bug 1461054
Revision history for this message
| Tristan Cacqueray (tristan-cacqueray) wrote Re: Adding 0.0.0.0/0 to allowed address pairs breaks l2 agent | #17 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
* All neutron setups are affected right ?
* Darragh, your community profile says you're still working at HP, is this correct ?
Assuming yes at those two question, here is the impact description draft #1:
Title: Neutron L2 agent DoS through incorrect allowed address pairs
Reporter: Darragh O'Reilly (HP)
Products: Neutron
Affects: 2014.1 versions through 2014.1.4, and 2014.2 versions through 2014.2.3 and 2015.1.0 version
Description:
Darragh O'Reilly from HP reported a vulnerability in Neutron. By adding an invalid allowed address pairs, an authenticated user may crash the Neutron L2 agent resulting in a denial of service attack. All Neutron setups are affected.