CVE-2015-5695
First published: Thu Aug 31 2017(Updated: )
Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Openstack Designate | =1.0.0.0b1 | |
| Openstack Designate | =1.0.0a0 | |
| Openstack Designate | =2015.1.0 | |
| pip/designate | =2015.1.0b2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.openstack.org/pipermail/openstack/2015-July/013548.html
- http://www.openwall.com/lists/oss-security/2015/07/28/11
- http://www.openwall.com/lists/oss-security/2015/07/29/6
- https://bugs.launchpad.net/designate/+bug/1471161
- https://bugzilla.redhat.com/show_bug.cgi?id=1245241
- https://launchpadlibrarian.net/211525251/bug-1471161-quotas-master.patch
- https://nvd.nist.gov/vuln/detail/CVE-2015-5695
- https://github.com/pypa/advisory-database/tree/main/vulns/designate/PYSEC-2017-114.yaml
- https://github.com/advisories/GHSA-m6h2-634h-jcpj (Advisory)
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/tags
- agent/weakness
- agent/first-publish-date
- agent/description
- agent/event
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-m6h2-634h-jcpj
- alias/CVE-2015-5695
- agent/software-canonical-lookup
- vendor/openstack
- canonical/openstack designate
- version/openstack designate/1.0.0.0b1
- version/openstack designate/1.0.0a0
- version/openstack designate/2015.1.0
- package-manager/pip