CVE-2015-7945

HIGH

Ganeti <2.9.7-2.15.2 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-7945. PoCs published by Pierre Kim.

AI-analyzed exploit summary The exploit demonstrates an unauthenticated remote DoS and information disclosure vulnerability in Ganeti's RAPI daemon. It includes a PoC for SSL renegotiation DoS and a tool (GHETTO-BLASTER) to extract sensitive network configuration data.

Description

The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2 allows remote attackers to obtain the DRBD secret via instance information job results.

Exploits (1)

exploitdb WORKING POC

by Pierre Kim · perldosmultiple

https://www.exploit-db.com/exploits/39169

View Code ZIP pw:eip

The exploit demonstrates an unauthenticated remote DoS and information disclosure vulnerability in Ganeti's RAPI daemon. It includes a PoC for SSL renegotiation DoS and a tool (GHETTO-BLASTER) to extract sensitive network configuration data.

Classification

Working Poc 90%

Attack Type

Dos | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Ganeti (all versions up to the last released version in 2015)

No auth needed

Prerequisites: Network access to the RAPI daemon (default port 5080) · RAPI daemon exposed on an accessible interface

MITRE ATT&CK

T1499 - Endpoint Denial of Service T1082 - System Information Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11

Core References

Release Notes, Vendor Advisory x_refsource_confirm

http://docs.ganeti.org/ganeti/2.11/html/news.html#version-2-11-8

Release Notes, Vendor Advisory x_refsource_confirm

http://docs.ganeti.org/ganeti/2.12/html/news.html#version-2-12.6

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2016/dsa-3431

Release Notes, Vendor Advisory x_refsource_confirm

http://docs.ganeti.org/ganeti/2.13/html/news.html#version-2-13-3

Release Notes, Vendor Advisory x_refsource_confirm

http://docs.ganeti.org/ganeti/2.15/html/news.html#version-2-15-2

Patch, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/135101/Ganeti-Leaked-Secret-Denial-Of-Service.html

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/39169/

Release Notes, Vendor Advisory x_refsource_confirm

http://docs.ganeti.org/ganeti/2.9/html/news.html#version-2-9-7

Patch, Third Party Advisory, VDB Entry x_refsource_misc

http://www.ocert.org/advisories/ocert-2015-012.html

Release Notes, Vendor Advisory x_refsource_confirm

http://docs.ganeti.org/ganeti/2.10/html/news.html#version-2-10-8

Release Notes, Vendor Advisory x_refsource_confirm

http://docs.ganeti.org/ganeti/2.14/html/news.html#version-2-14-2

Scores

CVSS v3 7.5

EPSS 0.1355

EPSS Percentile 94.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-200

Status published

Products (30)

spi-inc/ganeti 2.10.0 (5 CPE variants)

spi-inc/ganeti 2.10.1

spi-inc/ganeti 2.10.2

spi-inc/ganeti 2.10.3

spi-inc/ganeti 2.10.4

spi-inc/ganeti 2.10.5

spi-inc/ganeti 2.10.6

spi-inc/ganeti 2.10.7

spi-inc/ganeti 2.11.0 (3 CPE variants)

spi-inc/ganeti 2.11.1

... and 20 more

Published Aug 18, 2017

Tracked Since Feb 18, 2026