Details

    • Security:
      Yes
    • SLA:
      Not Applicable
    • Rank:
      2|hzyjtj:
    • Damage Potential:
      57
    • Business Impact:
      0.84
    • Total Risk:
      47.88

      Description

      Walrus insecurely parses XML for some request messages (eg., bucket logging), this can be used to consume server resources resulting in a denial of service (such as using all memory or using up all available threads). The server logs may show out of memory errors when various threads fail (you would also observe high CPU usage for such an attack).

      This issue is originally reported by Steve Jones.

        Gliffy Diagrams

          Attachments

            Activity

            Hide
            neil Neil Soman added a comment -

            Ready for security review: team/storage/EUCA-2031

            Show
            neil Neil Soman added a comment - Ready for security review: team/storage/EUCA-2031
            Hide
            neil Neil Soman added a comment -

            commit c117ddb20a17da6acc4b99e05c99e24a66950cf1
            Author: Neil Soman <neil@eucalyptus.com>
            Date: Sat Mar 9 14:15:11 2013 -0800

            Disable DTD processing when parsing XML snippets.

            Get rid of unused XMLParser.

            Make sure that DocumentBuilder is used securely and defined only once.

            Show
            neil Neil Soman added a comment - commit c117ddb20a17da6acc4b99e05c99e24a66950cf1 Author: Neil Soman <neil@eucalyptus.com> Date: Sat Mar 9 14:15:11 2013 -0800 Disable DTD processing when parsing XML snippets. Get rid of unused XMLParser. Make sure that DocumentBuilder is used securely and defined only once.
            Hide
            rusvika Vika Felmetsger added a comment -

            I have reviewed and tested the security aspect of the fix and will spot check once packages are available.

            Show
            rusvika Vika Felmetsger added a comment - I have reviewed and tested the security aspect of the fix and will spot check once packages are available.
            Hide
            awithrow Aaron Withrow added a comment -

            3.2.2 has been released, moving this to Resolved.

            Show
            awithrow Aaron Withrow added a comment - 3.2.2 has been released, moving this to Resolved.

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Development