Proposed impact description (will be used in CVE request and public advisory):
----------------------------------
Title: Swift Denial of Service using superfluous object tombstones
Reporter: Peter Portante
Products: Swift
Affects: All versions
Description:
Peter Portante reported a vulnerability in Swift. By issuing a lot of DELETE requests an authenticated attacker can fill an object server with superfluous object tombstones, which may significantly slow down subsequent requests to that object server, facilitating a Denial of Service attack against Swift clusters.
----------------------------------
@all: please check that the description is accurate.
@Peter: do you want us to additionally credit the company you work for, if any ?
Proposed impact description (will be used in CVE request and public advisory):
------- ------- ------- ------- ------
Title: Swift Denial of Service using superfluous object tombstones
Reporter: Peter Portante
Products: Swift
Affects: All versions
Description: ------- ------- ------- ------
Peter Portante reported a vulnerability in Swift. By issuing a lot of DELETE requests an authenticated attacker can fill an object server with superfluous object tombstones, which may significantly slow down subsequent requests to that object server, facilitating a Denial of Service attack against Swift clusters.
-------
@all: please check that the description is accurate.
@Peter: do you want us to additionally credit the company you work for, if any ?