CVE Vulnerabilities

CVE-2013-4769

Published: Dec 26, 2014 | Modified: Dec 29, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The cloud controller (aka CLC) component in Eucalyptus 3.3.x and 3.4.x before 3.4.2, when the dns.recursive.enabled setting is used, allows remote attackers to cause a denial of service (traffic amplification) via spoofed DNS queries.

Affected Software

Name Vendor Start Version End Version
Eucalyptus Eucalyptus 3.3.1 3.3.1
Eucalyptus Eucalyptus 3.3.2 3.3.2
Eucalyptus Eucalyptus 3.3.0 3.3.0
Eucalyptus Eucalyptus 3.4.0 3.4.0
Eucalyptus Eucalyptus 3.4.1 3.4.1

References