CVE-2013-4261

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2013-4261

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2013-4261.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2013-4261

Downstream

DEBIAN-CVE-2013-4261

RHSA-2013:1199

Published

2013-10-29T22:55:02Z

Modified

2025-08-09T19:01:26Z

Summary

[none]

Details

OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause a denial of service (connection pool consumption), as demonstrated using multiple requests that send long strings to an instance console and retrieving the console log.

References

http://rhn.redhat.com/errata/RHSA-2013-1199.html
https://bugs.launchpad.net/nova/+bug/1215091
https://bugzilla.redhat.com/show_bug.cgi?id=999164
http://seclists.org/oss-sec/2013/q3/595
https://bugzilla.redhat.com/show_bug.cgi?id=999271

CVE-2013-4261

Affected packages