[Openstack-security] [Bug 1454074] Re: denial of service via large number of logout page requests
Tristan Cacqueray
tdecacqu at redhat.com
Fri Aug 21 13:07:46 UTC 2015
** Description changed:
- This issue is being treated as a potential security risk under embargo.
- Please do not make any public mention of embargoed (private) security
- vulnerabilities before their coordinated publication by the OpenStack
- Vulnerability Management Team in the form of an official OpenStack
- Security Advisory. This includes discussion of the bug or associated
- fixes in public forums such as mailing lists, code review systems and
- bug trackers. Please also avoid private disclosure to other individuals
- not already approved for access to this information, and provide this
- same reminder to those who are made aware of the issue prior to
- publication. All discussion should remain confined to this private bug
- report, and any proposed fixes should be added to the bug as
- attachments.
-
While investigating CVE-2014-8124
(https://bugs.launchpad.net/horizon/+bug/1394370) I think I found
another instance of the underlying issue, but with the logout form.
I'm on Ubuntu 14.04 LTS, with distro-packaged openstack-dashboard
1:2014.1.4-0ubuntu2. I verified the patch from
https://review.openstack.org/140356 is applied to the installed files. I
configured horizon to use mysql datastore, and ran the following
command:
while true ; do wget http://localhost/horizon/auth/logout/ ; done
While this command was running I checked the mysql dash database table
django_sessions and found it growing without apparent bound:
select * from django_session;
...
231 rows in set (0.00 sec)
Is this an issue?
Thanks
--
You received this bug notification because you are a member of OpenStack
Security, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1454074
Title:
denial of service via large number of logout page requests
Status in OpenStack Dashboard (Horizon):
Triaged
Status in OpenStack Security Advisory:
Won't Fix
Bug description:
While investigating CVE-2014-8124
(https://bugs.launchpad.net/horizon/+bug/1394370) I think I found
another instance of the underlying issue, but with the logout form.
I'm on Ubuntu 14.04 LTS, with distro-packaged openstack-dashboard
1:2014.1.4-0ubuntu2. I verified the patch from
https://review.openstack.org/140356 is applied to the installed files.
I configured horizon to use mysql datastore, and ran the following
command:
while true ; do wget http://localhost/horizon/auth/logout/ ; done
While this command was running I checked the mysql dash database table
django_sessions and found it growing without apparent bound:
select * from django_session;
...
231 rows in set (0.00 sec)
Is this an issue?
Thanks
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1454074/+subscriptions
More information about the Openstack-security
mailing list