Описание
CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or RGW) in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name.
A feature in Ceph Object Gateway (RGW) allows to return a specific HTTP header that contains the name of a bucket that was accessed. It was found that the returned HTTP headers were not sanitized. An unauthenticated attacker could use this flaw to craft HTTP headers in responses that would confuse the load balancer residing in front of RGW, potentially resulting in a denial of service.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 1.2 | ceph | Will not fix | ||
| Red Hat Ceph Storage 1.3 for Red Hat Enterprise Linux 7 | babeltrace | Fixed | RHSA-2015:2066 | 23.11.2015 |
| Red Hat Ceph Storage 1.3 for Red Hat Enterprise Linux 7 | calamari-server | Fixed | RHSA-2015:2066 | 23.11.2015 |
| Red Hat Ceph Storage 1.3 for Red Hat Enterprise Linux 7 | ceph | Fixed | RHSA-2015:2066 | 23.11.2015 |
| Red Hat Ceph Storage 1.3 for Red Hat Enterprise Linux 7 | ceph-deploy | Fixed | RHSA-2015:2066 | 23.11.2015 |
| Red Hat Ceph Storage 1.3 for Red Hat Enterprise Linux 7 | ceph-puppet-modules | Fixed | RHSA-2015:2066 | 23.11.2015 |
| Red Hat Ceph Storage 1.3 for Red Hat Enterprise Linux 7 | facter | Fixed | RHSA-2015:2066 | 23.11.2015 |
| Red Hat Ceph Storage 1.3 for Red Hat Enterprise Linux 7 | foreman | Fixed | RHSA-2015:2066 | 23.11.2015 |
| Red Hat Ceph Storage 1.3 for Red Hat Enterprise Linux 7 | foreman-installer | Fixed | RHSA-2015:2066 | 23.11.2015 |
| Red Hat Ceph Storage 1.3 for Red Hat Enterprise Linux 7 | foreman-proxy | Fixed | RHSA-2015:2066 | 23.11.2015 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS2
Связанные уязвимости
CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or RGW) in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name.
CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or RGW) in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name.
CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw o ...
CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or RGW) in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name.
EPSS
5.5 Medium
CVSS2