CVE-2012-1585
EPSS 0.47%OpenStack Nova Long server names grow nova-api log files significantly
Published: 5/14/2022Modified: 4/28/2026
Description
OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.
Affected packages (2)
- Debian/novafrom 0, < 2012-1~rc3-1
- PyPI/novafrom 0, < 12.0.0a0
References (10)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2012-1585
- ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-1585
- PATCHhttps://github.com/openstack/nova
- WEBhttp://github.com/openstack/nova/commit/0fa7d12dbfb7ae016657dd91034b4c0781ea43de
- WEBhttp://github.com/openstack/nova/commit/1ebec5726c7a9db0a6f29fad0ef747b0c087f702
- WEBhttp://github.com/openstack/nova/commit/c7f526fae6062e9ab51f65474af71d496aa66554
- WEBhttp://github.com/openstack/nova/commit/c869a41951b77c6930bf4fb4734f05cd3d6ac4b1
- WEBhttp://lwn.net/Alerts/491298
- WEBhttp://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html
- WEBhttps://bugs.launchpad.net/nova/+bug/962515