oss-sec mailing list archives

Re: Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets

From: Kiall Mac Innes <kiall () macinnes ie>
Date: Wed, 29 Jul 2015 14:32:51 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 28/07/15 22:09, cve-assign () mitre org wrote:

https://launchpad.net/bugs/1471161

Designate does not enforce the DNS protocol limit concerning
record set sizes

As a result, the rendering loop in desginate-mdns can does not
make progress

https://bugs.launchpad.net/designate/+bug/1471161/comments/5

1: Quotas were being bypassed as part of the v1 API.

two CVE IDs:

one for the original "does not enforce the DNS protocol limit 
concerning record set sizes" issue


Use CVE-2015-5694.

one for the "Quotas were being bypassed" issue.


Use CVE-2015-5695.


Great, Thank you.

Thanks,
Kiall
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJVuNYCAAoJEHuWgzsGpgIasHEIAJlxDqvKFfZTQA0Nuoqr9jPP
+V+oZIjg4bGQTSrFi11Jq8D3fmyoqRCb47E/XC/8VPZkBk/lPJ6BcBiDcOu9flst
zw1J4qmcbxMeT9hCLmutcSZXI8KTWmpTczI3MN+RrgeDi4D2IEnkv+658b7mrOix
7JMW56pkOLWLCf5QNDRTWHHTpac6hA0C2svp3Jwv5uMh+UWMcjD4ob6SM0tlG59w
1ZRpGf/zE3UoabwJADXtNLewyb5CbI2qVUkvco/JeIZdFF0I/I8oRG7yxxotHYkg
6MvwDVN6cLCvwe28vo/Mm0rvVw9uf4hqVIfYwE3rGCfN4zlTRu0ncPwRuHg865I=
=S6kC
-----END PGP SIGNATURE-----

Current thread:

CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets Kiall Mac Innes (Jul 28)
- Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets cve-assign (Jul 28)
  - Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets Kiall Mac Innes (Jul 28)
- Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets cve-assign (Jul 28)
  - Re: Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets Kiall Mac Innes (Jul 29)