Dan Prince reported a vulnerability in OpenStack Compute (Nova) API servers. By PUTing or POSTing extremely long server names to the OpenStack API, any authenticated user may grow nova-api log files significantly, potentially resulting in disk space exhaustion and denial of service to the affected nova-api nodes. Only setups running the OpenStack API are affected.
References: [1] http://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html [2] https://bugs.launchpad.net/nova/+bug/962515 [3] http://lwn.net/Alerts/491298/