CVE-2014-0006 Information

Description

The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0 1.9.0 through 1.10.0 and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timing side-channel attack.

Reference

http://rhn.redhat.com/errata/RHSA-2014-0232.html http://www.openwall.com/lists/oss-security/2014/01/17/5 https://bugs.launchpad.net/swift/+bug/1265665