CVE-2015-5695
MEDIUMOpenStack Designate 2015.1.0-1.0.0.0b1 - Denial of Service via Zone File Transfer
Title source: llmDescription
Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set.
References (6)
Core 6
Core References
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1245241
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/07/29/6
Mailing List, Patch, Third Party Advisory x_refsource_confirm
https://launchpadlibrarian.net/211525251/bug-1471161-quotas-master.patch
Exploit, Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugs.launchpad.net/designate/+bug/1471161
Patch, Vendor Advisory mailing-list
x_refsource_mlist
http://lists.openstack.org/pipermail/openstack/2015-July/013548.html
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/07/28/11
Scores
CVSS v3
6.5
EPSS
0.0243
EPSS Percentile
85.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-400
Status
published
Products (4)
openstack/designate
1.0.0.0b1
openstack/designate
1.0.0a0
openstack/designate
2015.1.0
pypi/designate
PyPI
Published
Aug 31, 2017
Tracked Since
Feb 18, 2026