Comment 24 for bug 1196932
Revision history for this message
| Thierry Carrez (ttx) wrote Re: Possibly DoS attack using object tombstones | #24 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Proposed impact description (will be used in CVE request and public advisory):
-------
Title: Swift Denial of Service using superfluous object tombstones
Reporter: Peter Portante
Products: Swift
Affects: All versions
Description:
Peter Portante reported a vulnerability in Swift. By issuing a lot of DELETE requests an authenticated attacker can fill an object server with superfluous object tombstones, which may significantly slow down subsequent requests to that object server, facilitating a Denial of Service attack against Swift clusters.
-------
@all: please check that the description is accurate.
@Peter: do you want us to additionally credit the company you work for, if any ?