oss-security - Re: Re: CVE Request - OpenStack Designate mDNS DoS through incorrect handling of large RecordSets

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Message-ID: <55B8D603.6070007@macinnes.ie>
Date: Wed, 29 Jul 2015 14:32:51 +0100
From: Kiall Mac Innes <kiall@...innes.ie>
To: oss-security@...ts.openwall.com
Subject: Re: Re: CVE Request - OpenStack Designate mDNS DoS
 through incorrect handling of large RecordSets

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 28/07/15 22:09, cve-assign@...re.org wrote:
>>> https://launchpad.net/bugs/1471161
> 
>>> Designate does not enforce the DNS protocol limit concerning
>>> record set sizes
> 
>>> As a result, the rendering loop in desginate-mdns can does not
>>> make progress
> 
>>> https://bugs.launchpad.net/designate/+bug/1471161/comments/5
> 
>>> 1: Quotas were being bypassed as part of the v1 API.
> 
>> two CVE IDs:
> 
>> one for the original "does not enforce the DNS protocol limit 
>> concerning record set sizes" issue
> 
> Use CVE-2015-5694.
> 
> 
>> one for the "Quotas were being bypassed" issue.
> 
> Use CVE-2015-5695.
> 
> 

Great, Thank you.

Thanks,
Kiall
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJVuNYCAAoJEHuWgzsGpgIasHEIAJlxDqvKFfZTQA0Nuoqr9jPP
+V+oZIjg4bGQTSrFi11Jq8D3fmyoqRCb47E/XC/8VPZkBk/lPJ6BcBiDcOu9flst
zw1J4qmcbxMeT9hCLmutcSZXI8KTWmpTczI3MN+RrgeDi4D2IEnkv+658b7mrOix
7JMW56pkOLWLCf5QNDRTWHHTpac6hA0C2svp3Jwv5uMh+UWMcjD4ob6SM0tlG59w
1ZRpGf/zE3UoabwJADXtNLewyb5CbI2qVUkvco/JeIZdFF0I/I8oRG7yxxotHYkg
6MvwDVN6cLCvwe28vo/Mm0rvVw9uf4hqVIfYwE3rGCfN4zlTRu0ncPwRuHg865I=
=S6kC
-----END PGP SIGNATURE-----

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.