CVE-2012-2101 - Unsubject English Springer Spaniel

Description

Openstack Compute (Nova) Folsom 2012.1 and 2011.3 does not limit the number of security group rules which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network request that triggers a large number of iptables rules.

Reference

https://lists.launchpad.net/openstack/msg10268.html http://secunia.com/advisories/49034 http://secunia.com/advisories/49048 https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64 http://ubuntu.com/usn/usn-1438-1 https://bugs.launchpad.net/nova/+bug/969545 https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7 http://www.osvdb.org/81641 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html https://exchange.xforce.ibmcloud.com/vulnerabilities/75243