1072738 – (CVE-2014-0091) CVE-2014-0091 Foreman: Improper input validation

Bug 1072738 (CVE-2014-0091) - CVE-2014-0091 Foreman: Improper input validation

Summary: CVE-2014-0091 Foreman: Improper input validation

Keywords:
Status:	CLOSED WONTFIX
Alias:	CVE-2014-0091
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1072746
Blocks:	1076333
TreeView+	depends on / blocked

Reported:	2014-03-05 06:01 UTC by Garth Mollett
Modified:	2019-09-29 13:14 UTC (History)
CC List:	20 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-02-04 23:23:22 UTC
Embargoed:

Attachments	(Terms of Use)

Description Garth Mollett 2014-03-05 06:01:07 UTC

Jeremy Choi and Keqin Hong of the Red Hat HSS Pen-Test Team reported that a lack of proper input validation could under some circumstances lead to partial DoS in foreman. This issue was already addressed upstream in http://projects.theforeman.org/issues/3697 however the DoS impact was not fully noted at the time.

Note You need to log in before you can comment on or make changes to this bug.

aortega
apevec
athomas
ayoung
bkearney
chrisw
cpelland
gkotton
iheim
jrusnack
katello-bugs
khong
kseifried
lhh
markmc
mmccune
rbryant
rhos-maint
sclewis
yeylon