Описание
Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set.
Ссылки
- PatchVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Mailing ListPatchThird Party Advisory
- PatchVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Mailing ListPatchThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
Связанные уязвимости
Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set.
Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set.
Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo doe ...
Designate mDNS DoS through incorrect handling of large RecordSets
EPSS
6.5 Medium
CVSS3
4 Medium
CVSS2