Red Hat Bugzilla – Bug 983822
CVE-2013-4120 Katello DoS in API OAuth authentication
Last modified: 2014-08-05 09:57:26 EDT
Marek Hulan <email@example.com> reports:
Katello API OAuth authentication is vulnerable to DoS. User can set consumer_key to any value which is later converted to symbol. This can lead to memory exhaustion.
This issue was discovered by Marek Hulán of the Red Hat Foreman team.
I think the exposure here is pretty small. The consumer key is passed as an http header. Per http://tomcat.apache.org/tomcat-6.0-doc/config/http.html the default max header size is 8k and the default concurrent threads is 200. That gets me to about 2 meg of memory consumption.
Per discussions with Tjay, closing this out.