Comment 11 for bug 1336207
Revision history for this message
| Tristan Cacqueray (tristan-cacqueray) wrote Re: There is no quota for allowed address pair | #11 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
513534c
demo site
(Get the code!)
Here is impact description draft #1:
Title: Denial of Service in Neutron allowed address pair
Reporter: Liping Mao (Cisco)
Products: Neutron
Versions: up to 2013.2.3, and 2014.1 versions up to 2014.1.1
Description:
Liping Mao from Cisco reported a denial of service vulnerability in Neutron's handling of address pair. By creating a large number of allowed address pair, an authenticated user may overwhelm neutron firewall rules and render compute nodes unusable. All Neutron setups are affected.