Multiple vulnerabilities were discovered in Ceph, a distributed storage and file system: The cephx authentication protocol was suspectible to replay attacks and calculated signatures incorrectly, "ceph mon" did not validate capabilities for pool operations and a format string vulnerability in libradosstriper could result in denial of service.