CVE-2015-5695

CVE Database · CVE-2015-5695

CVE-2015-5695

· N/AModified

CVSS v3.1

N/A

EPSS

2.15%

Published

Aug 31, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set.

Weaknesses (CWE)

CWE-400

Affected Products (3)

openstack · designatevulnerable

References (12)

http://lists.openstack.org/pipermail/openstack/2015-July/013548.html

PatchVendor Advisory

http://www.openwall.com/lists/oss-security/2015/07/28/11

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2015/07/29/6

Mailing ListThird Party Advisory

https://bugs.launchpad.net/designate/+bug/1471161

ExploitIssue TrackingThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1245241

Issue TrackingThird Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs