OpenStack Compute (Nova) CVE-2012-2101 Denial Of Service Vulnerability
BID:53297
Info
OpenStack Compute (Nova) CVE-2012-2101 Denial Of Service Vulnerability
| Bugtraq ID: | 53297 |
| Class: | Unknown |
| CVE: |
CVE-2012-2101 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 30 2012 12:00AM |
| Updated: | Apr 16 2015 05:45PM |
| Credit: | Dan Prince |
| Vulnerable: |
Ubuntu Ubuntu Linux 12.04 LTS i386 Ubuntu Ubuntu Linux 12.04 LTS amd64 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Jesse Andrews OpenStack Compute (Nova) 2012.1 |
| Not Vulnerable: | |
Discussion
OpenStack Compute (Nova) CVE-2012-2101 Denial Of Service Vulnerability
OpenStack Compute (Nova) is prone to a denial-of-service vulnerability.
Remote attackers can exploit this issue to create multiple iptables rules and exhaust system resources, resulting in a denial-of-service condition.
OpenStack Compute (Nova) 2012.1 is vulnerable; other versions may also be affected.
OpenStack Compute (Nova) is prone to a denial-of-service vulnerability.
Remote attackers can exploit this issue to create multiple iptables rules and exhaust system resources, resulting in a denial-of-service condition.
OpenStack Compute (Nova) 2012.1 is vulnerable; other versions may also be affected.
Exploit / POC
OpenStack Compute (Nova) CVE-2012-2101 Denial Of Service Vulnerability
An attacker can use readily available network utilities to exploit this issue.
An attacker can use readily available network utilities to exploit this issue.
Solution / Fix
OpenStack Compute (Nova) CVE-2012-2101 Denial Of Service Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
OpenStack Compute (Nova) CVE-2012-2101 Denial Of Service Vulnerability
References:
References:
- Missing quotas on security group rules (Dan)
- OpenStack Compute (Nova) Homepage (Jesse Andrews)