CVE-2012-1585
EPSS 0.47%OpenStack Nova Long server names grow nova-api log files significantly
發布日:2022/5/14修改日:2026/4/28
也稱為:DEBIAN-CVE-2012-1585
描述
OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.
受影響套件(2)
- Debian/novafrom 0, < 2012-1~rc3-1
- PyPI/novafrom 0, < 12.0.0a0
參考連結(10)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2012-1585
- ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-1585
- PATCHhttps://github.com/openstack/nova
- WEBhttp://github.com/openstack/nova/commit/0fa7d12dbfb7ae016657dd91034b4c0781ea43de
- WEBhttp://github.com/openstack/nova/commit/1ebec5726c7a9db0a6f29fad0ef747b0c087f702
- WEBhttp://github.com/openstack/nova/commit/c7f526fae6062e9ab51f65474af71d496aa66554
- WEBhttp://github.com/openstack/nova/commit/c869a41951b77c6930bf4fb4734f05cd3d6ac4b1
- WEBhttp://lwn.net/Alerts/491298
- WEBhttp://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html
- WEBhttps://bugs.launchpad.net/nova/+bug/962515