CVE-2013-0247

Related Files

Red Hat Security Advisory 2013-0253-01

Posted Feb 12, 2013

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0253-01 - The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity, Token, Catalog, and Policy services. It was found that an excessive amount of information was logged when invalid tokens were requested, resulting in large log files. An attacker could use this flaw to consume an excessive amount of disk space by requesting a large number of invalid tokens. The CVE-2013-0247 issue was discovered by Dan Prince of Red Hat.

tags | advisory, python

systems | linux, redhat

advisories | CVE-2013-0247

SHA-256 | 3609debda144b85ffbeb2e910d12baa8f24886fd4bf2b73e852a613dada75eb1

Download | Favorite | View

Ubuntu Security Notice USN-1715-1

Posted Feb 5, 2013

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1715-1 - Dan Prince discovered that Keystone did not properly perform input validation when handling certain error conditions. An unauthenticated user could exploit this to cause a denial of service in Keystone API servers via disk space exhaustion.

tags | advisory, denial of service

systems | linux, ubuntu

advisories | CVE-2013-0247

SHA-256 | 6931121898407cec646aa576445f110d3643fe67cbbeb3559b44c52d6f2575c1

Download | Favorite | View