Rackspace resolves 'dirty disk' vulnerability
Cloud provider Rackspace has closed a data separation vulnerability that could allow third parties to access fragments of other customers' data.
The vulnerability was identified by consultants from Context Security who were able to access fragments of databases and elements of system information that was left on other users' "dirty disks".
Context Security said the vulnerability affected cloud providers including VPS.NET and Rackspace and stemmed from how some providers automatically provisioned new virtual servers, initialised operating systems and allocated new storage space. Security measures to provide separation between different nodes on a multi-user platform sometimes were not implemented, for performance reasons or due to errors, the researchers found.
- Mon, 2013-02-11 06:27
- Fri, 2012-12-07 01:17
- Mon, 2012-08-06 23:16