Comment 18 for bug 1466549
Revision history for this message
| Tristan Cacqueray (tristan-cacqueray) wrote Re: Download DLO objects leak connections when client kill connection | #18 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
demo site
(Get the code!)
Thanks clayg, so this issue can be abused, the fix should be backported and an OSSA issued.
Here is the proposed impact description:
Title: Swift proxy-server DoS through Large Object
Reporter: Romain LE DISEZ (OVH)
Products: Swift
Affects: versions through 2.3.0
Description:
Romain LE DISEZ from OVH reported a vulnerability in Swift Large Object. By repeatedly requesting and interrupting connections to a Large Object (Dynamic or Static) URL, a remote attacker may exhausts Swift proxy-server resources, potentially resulting in a denial of service. All Swift setup are affected.