Ubuntu Update For Swift USN-2207-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Samuel Merritt discovered a timing attack vulnerability in OpenStack Swift. If Swift was configured to use the TempURL middleware, an attacker could exploit this to guess valid secret URLs and obtain unintended access to objects publicly shared with specific recipients.

Affected

swift on Ubuntu 13.10 , Ubuntu 12.10 , Ubuntu 12.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-May/002506.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-0006
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Ubuntu Update for dnsmasq vulnerability USN-627-1
Ubuntu Update for bind9 vulnerability USN-622-1
Ubuntu Update for clamav USN-1482-2
Ubuntu Update for cinder USN-2248-1
Ubuntu Update for curl USN-2474-1

Ubuntu Update for swift USN-2207-1

Take action and discover your vulnerabilities