{"id":"PYSEC-2013-44","details":"OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service (resource exhaustion and failure to spawn new instances) via a large number of calls to the addFixedIp function.","aliases":["CVE-2013-1838","GHSA-63fq-8fp9-vhwq"],"modified":"2024-11-25T22:42:12.167349Z","published":"2013-03-22T21:55:00Z","references":[{"type":"WEB","url":"https://review.openstack.org/#/c/24453/"},{"type":"WEB","url":"https://review.openstack.org/#/c/24452/"},{"type":"WEB","url":"http://www.securityfocus.com/bid/58492"},{"type":"ADVISORY","url":"http://secunia.com/advisories/52728"},{"type":"WEB","url":"https://lists.launchpad.net/openstack/msg21892.html"},{"type":"WEB","url":"http://osvdb.org/91303"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2013/03/14/18"},{"type":"WEB","url":"https://review.openstack.org/#/c/24451/"},{"type":"ADVISORY","url":"http://secunia.com/advisories/52580"},{"type":"WEB","url":"http://ubuntu.com/usn/usn-1771-1"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=919648"},{"type":"WEB","url":"https://bugs.launchpad.net/nova/+bug/1125468"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2013-0709.html"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/82877"}],"affected":[{"package":{"name":"nova","ecosystem":"PyPI","purl":"pkg:pypi/nova"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"12.0.0a0"}]}],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/nova/PYSEC-2013-44.yaml"}}],"schema_version":"1.7.3"}