CVE-2015-7944

HIGH

Ganeti DoS via SSL Parameter Renegotiation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-7944. PoCs published by Pierre Kim.

AI-analyzed exploit summary The exploit demonstrates an unauthenticated remote DoS and information disclosure vulnerability in Ganeti's RAPI daemon. It includes a PoC for SSL renegotiation DoS and a tool (GHETTO-BLASTER) to extract sensitive network configuration data.

Description

The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2, when used in SSL mode, allows remote attackers to cause a denial of service (resource consumption) via SSL parameter renegotiation.

Exploits (1)

exploitdb WORKING POC

by Pierre Kim · perldosmultiple

https://www.exploit-db.com/exploits/39169

View Code ZIP pw:eip

The exploit demonstrates an unauthenticated remote DoS and information disclosure vulnerability in Ganeti's RAPI daemon. It includes a PoC for SSL renegotiation DoS and a tool (GHETTO-BLASTER) to extract sensitive network configuration data.

Classification

Working Poc 90%

Attack Type

Dos | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Ganeti (all versions up to the last released version in 2015)

No auth needed

Prerequisites: Network access to the RAPI daemon (default port 5080) · RAPI daemon exposed on an accessible interface

MITRE ATT&CK

T1499 - Endpoint Denial of Service T1082 - System Information Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11

Core References

Release Notes, Vendor Advisory x_refsource_confirm

http://docs.ganeti.org/ganeti/2.11/html/news.html#version-2-11-8

Release Notes, Vendor Advisory x_refsource_confirm

http://docs.ganeti.org/ganeti/2.12/html/news.html#version-2-12.6

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2016/dsa-3431

Release Notes, Vendor Advisory x_refsource_confirm

http://docs.ganeti.org/ganeti/2.13/html/news.html#version-2-13-3

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/39169/

Release Notes, Vendor Advisory x_refsource_confirm

http://docs.ganeti.org/ganeti/2.9/html/news.html#version-2-9-7

Patch, Third Party Advisory, VDB Entry x_refsource_misc

http://www.ocert.org/advisories/ocert-2015-012.html

Release Notes, Vendor Advisory x_refsource_confirm

http://docs.ganeti.org/ganeti/2.10/html/news.html#version-2-10-8

Release Notes, Vendor Advisory x_refsource_confirm

http://docs.ganeti.org/ganeti/2.14/html/news.html#version-2-14-2

Release Notes, Vendor Advisory x_refsource_confirm

http://docs.ganeti.org/ganeti/2.15/html/news.html#version-2-15-2

Patch, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/135101/Ganeti-Leaked-Secret-Denial-Of-Service.html

Scores

CVSS v3 7.5

EPSS 0.1895

EPSS Percentile 95.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-399

Status published

Products (30)

spi-inc/ganeti 2.10.0 (5 CPE variants)

spi-inc/ganeti 2.10.1

spi-inc/ganeti 2.10.2

spi-inc/ganeti 2.10.3

spi-inc/ganeti 2.10.4

spi-inc/ganeti 2.10.5

spi-inc/ganeti 2.10.6

spi-inc/ganeti 2.10.7

spi-inc/ganeti 2.11.0 (3 CPE variants)

spi-inc/ganeti 2.11.1

... and 20 more

Published Aug 18, 2017

Tracked Since Feb 18, 2026