Details

    • Security:
      Yes
    • SLA:
      Not Applicable
    • Rank:
      1|hzyv3j:
    • Damage Potential:
      57
    • Business Impact:
      0.84
    • Total Risk:
      47.88

      Description

      Walrus insecurely parses XML for some request messages (eg., bucket logging), this can be used to consume server resources resulting in a denial of service (such as using all memory or using up all available threads). The server logs may show out of memory errors when various threads fail (you would also observe high CPU usage for such an attack).

      This issue is originally reported by Steve Jones.

        Gliffy Diagrams

          Activity

          Hide
          neil Neil Soman added a comment -

          Ready for security review: team/storage/EUCA-2031

          Show
          neil Neil Soman added a comment - Ready for security review: team/storage/EUCA-2031
          Hide
          neil Neil Soman added a comment -

          commit c117ddb20a17da6acc4b99e05c99e24a66950cf1
          Author: Neil Soman <neil@eucalyptus.com>
          Date: Sat Mar 9 14:15:11 2013 -0800

          Disable DTD processing when parsing XML snippets.

          Get rid of unused XMLParser.

          Make sure that DocumentBuilder is used securely and defined only once.

          Show
          neil Neil Soman added a comment - commit c117ddb20a17da6acc4b99e05c99e24a66950cf1 Author: Neil Soman <neil@eucalyptus.com> Date: Sat Mar 9 14:15:11 2013 -0800 Disable DTD processing when parsing XML snippets. Get rid of unused XMLParser. Make sure that DocumentBuilder is used securely and defined only once.
          Hide
          rusvika Vika Felmetsger added a comment -

          I have reviewed and tested the security aspect of the fix and will spot check once packages are available.

          Show
          rusvika Vika Felmetsger added a comment - I have reviewed and tested the security aspect of the fix and will spot check once packages are available.
          Hide
          awithrow Aaron Withrow added a comment -

          3.2.2 has been released, moving this to Resolved.

          Show
          awithrow Aaron Withrow added a comment - 3.2.2 has been released, moving this to Resolved.

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development