Bug 983822 - (CVE-2013-4120) CVE-2013-4120 Katello DoS in API OAuth authentication
CVE-2013-4120 Katello DoS in API OAuth authentication
Status: CLOSED WONTFIX
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20140711,reported=2...
: Security
Depends On: 980866 983832 988661 995654
Blocks: 1000138 1011266
  Show dependency treegraph
 
Reported: 2013-07-11 22:59 EDT by Garth Mollett
Modified: 2014-08-05 09:57 EDT (History)
14 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-08-05 09:57:26 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Garth Mollett 2013-07-11 22:59:00 EDT
Marek Hulan <mhulan@redhat.com> reports:

Katello API OAuth authentication is vulnerable to DoS. User can set consumer_key to any value which is later converted to symbol. This can lead to memory exhaustion.
Comment 2 Murray McAllister 2013-07-15 03:11:06 EDT
Acknowledgements:

This issue was discovered by Marek Hulán of the Red Hat Foreman team.
Comment 6 Bryan Kearney 2014-06-27 10:32:34 EDT
I think the exposure here is pretty small. The consumer key is passed as an http header. Per http://tomcat.apache.org/tomcat-6.0-doc/config/http.html the default max header size is 8k and the default concurrent threads is 200.  That gets me to about 2 meg of memory consumption.
Comment 7 Bryan Kearney 2014-08-05 09:57:26 EDT
Per discussions with Tjay, closing this out.

Note You need to log in before you can comment on or make changes to this bug.