Internet threat level: 1
Home→Descriptions→SA49034
OpenStack Compute (Nova) iptables Resource Exhaustion Denial of Service Vulnerability
| Secunia ID | |
| CVE-ID | |
| Release Date |
30 Apr 2012 |
| Criticality | |
| Solution Status |
Vendor Workaround |
| Software |
OpenStack Compute (Nova) 2012.x |
| Where | |
| Impact |
DoS (Denial of Service)This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system. |
| Description |
A vulnerability has been reported in OpenStack Compute (Nova), which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to the application not enforcing quotas on the number of security group rules created. This can be exploited to create multiple iptables rules and exhaust system resources. The vulnerability is reported in version 2012.1. Other versions may also be affected. |
| Solution |
Fixed in the GIT repository. |
| Reported by |
Red Hat credits Dan Prince. |
| Original Advisory |
© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.