Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CAGGkMit28sz3s0iDJ2fBJZ4daKU1A-dsWaZHzeak2DmKXSOjCg@mail.gmail.com>
Date: Thu, 25 Jun 2020 21:07:17 +0200
From: Przemyslaw Roguski <proguski@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2020-10753 ceph: radosgw: HTTP header injection via CORS
 ExposeHeader tag

Hello Team,

A flaw was found in the Ceph Storage RadosGW (Ceph Object Gateway). The
vulnerability is related to the injection of HTTP headers via a CORS
ExposeHeader tag.
The newline character in the ExposeHeader tag in the CORS configuration
file generates a header injection in the response when the CORS request is
made.
This issue affects the RadosGW S3 API, it does not affect the Swift API.

This flaw affects Nautilus and Octopus based versions.
Red Hat has assigned CVE-2020-10753 and rated it as Moderate impact flaw.

PR:  https://github.com/ceph/ceph/pull/35773
Patch:
https://github.com/ceph/ceph/pull/35773/commits/1524d3c0c5cb11775313ea1e2bb36a93257947f2
The fix will be included in the Octopus version in the coming days.

Credit: William Bowling


Best Regards,
Przemyslaw Roguski  / Red Hat Product Security

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.