RHEL 7 : swiftonfile (RHSA-2015:1846)
Medium Nessus Plugin ID 86844
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionA flaw exists in Red Hat Gluster Storage's OpenStack Object Storage (swiftonfile) due to improper enforcement of metadata constraints. An authenticated, remote attacker can exploit this, via added metadata in several separate calls, to bypass the max_meta_count restraint and store more metadata than allowed by the configuration, resulting in a denial of service condition.
SolutionUpdate the affected packages.