Ubuntu Security Notice 3452-1 - It was discovered that Ceph incorrectly handled the handle_command function. A remote authenticated user could use this issue to cause Ceph to crash, resulting in a denial of service. Rahul Aggarwal discovered that Ceph incorrectly handled the authenticated-read ACL. A remote attacker could possibly use this issue to list bucket contents via a URL. Diluga Salome discovered that Ceph incorrectly handled certain POST objects with null conditions. A remote attacker could possibly use this issue to cuase Ceph to crash, resulting in a denial of service. Various other issues were also addressed.
d0c4dbab4d999caaccd4e408ea4c5e060bec46f1b4a9923abaf76b2c18d3879dRed Hat Security Advisory 2016-2847-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Security Fix: A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests.
ff9c3b0b4c89fdbb1b7c3f5a73cab03f16ebe37f730bfc97ef17ae59fb8263dfRed Hat Security Advisory 2016-2848-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Security Fix: A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests.
0b013de12e046716e6f70eec15d7f4db2d9281b003c28e8fb4e959f101e5e910Red Hat Security Advisory 2016-2816-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. The following packages have been upgraded to a newer upstream version: ceph, ceph-deploy, calamari-server, nfs-ganesha, ceph-iscsi-config, libntirpc, ceph-iscsi-tools. Security Fix: A flaw was found in the way Ceph Object Gateway handles POST object requests. An authenticated attacker could launch a denial of service attack by sending null or specially crafted POST object requests.
139b9b08c711bedadc85f67290f1923e202d4dd9d564f6fee986e44d565ac765Red Hat Security Advisory 2016-2815-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. The following packages have been upgraded to a newer upstream version: ceph, ceph-deploy, calamari-server, nfs-ganesha, ceph-iscsi-config, libntirpc, ceph-iscsi-tools. Multiple security issues have been addressed.
ef405f0bd7b17b62af6a472bc30f36f4a65f15e773f951d2de8b2b16aaddd1c8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed