← Retour aux CVEs
CVE-2015-5695
N/ADescription
Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set.
Details CVE
Score CVSS v3.1N/A
Publie8/31/2017
Derniere modification4/20/2025
Sourcenvd
Observations honeypot0
Produits affectes
openstack:designate
Faiblesses (CWE)
CWE-400
References
http://www.openwall.com/lists/oss-security/2015/07/28/11(cve@mitre.org)
http://www.openwall.com/lists/oss-security/2015/07/29/6(cve@mitre.org)
https://bugs.launchpad.net/designate/+bug/1471161(cve@mitre.org)
https://bugzilla.redhat.com/show_bug.cgi?id=1245241(cve@mitre.org)
http://lists.openstack.org/pipermail/openstack/2015-July/013548.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2015/07/28/11(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2015/07/29/6(af854a3a-2127-422b-91ae-364da2661108)
https://bugs.launchpad.net/designate/+bug/1471161(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1245241(af854a3a-2127-422b-91ae-364da2661108)
https://launchpadlibrarian.net/211525251/bug-1471161-quotas-master.patch(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.