CVE-2016-8626 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-8626 Interim 1 19 2023-02-10T02:29:43Z current 2021-05-30T13:46:48Z 2023-02-10T02:29:43Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-8626 A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2017-March/002713.html E-Mail link for SUSE-SU-2017:0758-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Enterprise Storage 3 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 ceph ceph-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-base-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-common ceph-common-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-fuse-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-mds-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-mon-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-osd-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-radosgw-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-test-10.2.5+git.1485186288.4e3c6c4-12.2 libcephfs-devel libcephfs1 libcephfs1-10.2.5+git.1485186288.4e3c6c4-12.2 libcephfs2 librados-devel librados2 librados2-10.2.5+git.1485186288.4e3c6c4-12.2 libradosstriper-devel libradosstriper1 libradosstriper1-10.2.5+git.1485186288.4e3c6c4-12.2 librbd-devel librbd1 librbd1-10.2.5+git.1485186288.4e3c6c4-12.2 librgw2 librgw2-10.2.5+git.1485186288.4e3c6c4-12.2 python-ceph-compat-10.2.5+git.1485186288.4e3c6c4-12.2 python-cephfs python-cephfs-10.2.5+git.1485186288.4e3c6c4-12.2 python-rados python-rados-10.2.5+git.1485186288.4e3c6c4-12.2 python-rbd python-rbd-10.2.5+git.1485186288.4e3c6c4-12.2 python-rgw rbd-fuse-10.2.5+git.1485186288.4e3c6c4-12.2 rbd-mirror-10.2.5+git.1485186288.4e3c6c4-12.2 rbd-nbd-10.2.5+git.1485186288.4e3c6c4-12.2 ceph-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 ceph-base-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 ceph-common-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 ceph-fuse-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 ceph-mds-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 ceph-mon-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 ceph-osd-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 ceph-radosgw-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 ceph-test-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 libcephfs1-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 librados2-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 libradosstriper1-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 librbd1-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 librgw2-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 python-ceph-compat-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 python-cephfs-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 python-rados-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 python-rbd-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 rbd-fuse-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 rbd-mirror-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 rbd-nbd-10.2.5+git.1485186288.4e3c6c4-12.2 as a component of SUSE Enterprise Storage 3 ceph-common as a component of SUSE Linux Enterprise Server 12 SP2 libcephfs1 as a component of SUSE Linux Enterprise Server 12 SP2 librados2 as a component of SUSE Linux Enterprise Server 12 SP2 libradosstriper1 as a component of SUSE Linux Enterprise Server 12 SP2 librbd1 as a component of SUSE Linux Enterprise Server 12 SP2 python-cephfs as a component of SUSE Linux Enterprise Server 12 SP2 python-rados as a component of SUSE Linux Enterprise Server 12 SP2 python-rbd as a component of SUSE Linux Enterprise Server 12 SP2 ceph as a component of SUSE Linux Enterprise Server 12 SP2 ceph-common as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 libcephfs2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 librados2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 libradosstriper1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 librbd1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 librgw2 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 python-cephfs as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 python-rados as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 python-rbd as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 python-rgw as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 ceph as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 libcephfs-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 librados-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 libradosstriper-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 librbd-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 ceph as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 A flaw was found in Red Hat Ceph before 0.94.9-8. The way Ceph Object Gateway handles POST object requests permits an authenticated attacker to launch a denial of service attack by sending null or specially crafted POST object requests. CVE-2016-8626 SUSE Enterprise Storage 3:ceph-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:ceph-base-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:ceph-common-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:ceph-fuse-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:ceph-mds-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:ceph-mon-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:ceph-osd-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:ceph-radosgw-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:ceph-test-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:libcephfs1-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:librados2-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:libradosstriper1-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:librbd1-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:librgw2-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:python-ceph-compat-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:python-cephfs-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:python-rados-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:python-rbd-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:rbd-fuse-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:rbd-mirror-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Enterprise Storage 3:rbd-nbd-10.2.5+git.1485186288.4e3c6c4-12.2 SUSE Linux Enterprise Server 12 SP2:ceph SUSE Linux Enterprise Server 12 SP2:ceph-common SUSE Linux Enterprise Server 12 SP2:libcephfs1 SUSE Linux Enterprise Server 12 SP2:librados2 SUSE Linux Enterprise Server 12 SP2:libradosstriper1 SUSE Linux Enterprise Server 12 SP2:librbd1 SUSE Linux Enterprise Server 12 SP2:python-cephfs SUSE Linux Enterprise Server 12 SP2:python-rados SUSE Linux Enterprise Server 12 SP2:python-rbd SUSE Linux Enterprise Server for SAP Applications 12 SP3:ceph SUSE Linux Enterprise Server for SAP Applications 12 SP3:ceph-common SUSE Linux Enterprise Server for SAP Applications 12 SP3:libcephfs2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:librados2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:libradosstriper1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:librbd1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:librgw2 SUSE Linux Enterprise Server for SAP Applications 12 SP3:python-cephfs SUSE Linux Enterprise Server for SAP Applications 12 SP3:python-rados SUSE Linux Enterprise Server for SAP Applications 12 SP3:python-rbd SUSE Linux Enterprise Server for SAP Applications 12 SP3:python-rgw SUSE Linux Enterprise Software Development Kit 12 SP2:ceph SUSE Linux Enterprise Software Development Kit 12 SP2:libcephfs-devel SUSE Linux Enterprise Software Development Kit 12 SP2:librados-devel SUSE Linux Enterprise Software Development Kit 12 SP2:libradosstriper-devel SUSE Linux Enterprise Software Development Kit 12 SP2:librbd-devel moderate 6.3 AV:N/AC:M/Au:S/C:N/I:N/A:C 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H