{"id":"UBUNTU-CVE-2015-7944","details":"The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.x before 2.15.2, when used in SSL mode, allows remote attackers to cause a denial of service (resource consumption) via SSL parameter renegotiation.","modified":"2025-07-16T08:18:19.597Z","published":"2017-08-18T17:29:00Z","withdrawn":"2025-07-18T16:43:17Z","upstream":["CVE-2015-7944"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-7944"},{"type":"REPORT","url":"http://www.ocert.org/advisories/ocert-2015-012.html"},{"type":"REPORT","url":"http://git.ganeti.org/?p=ganeti.git;a=commit;h=201fcb916b8164c78f4ed8e0c9cfc0227a78684c"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2015-7944"}],"affected":[{"package":{"name":"ganeti","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/ganeti@2.15.2-3?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.15.2-3"}]}],"versions":["2.15.1-1","2.15.2-1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"2.15.2-3","binary_name":"ganeti"},{"binary_version":"2.15.2-3","binary_name":"ganeti-2.15"},{"binary_version":"2.15.2-3","binary_name":"ganeti-doc"},{"binary_version":"2.15.2-3","binary_name":"ganeti-haskell-2.15"},{"binary_version":"2.15.2-3","binary_name":"ganeti-htools"},{"binary_version":"2.15.2-3","binary_name":"ganeti-htools-2.15"},{"binary_version":"2.15.2-3","binary_name":"ganeti2"},{"binary_version":"2.15.2-3","binary_name":"python-ganeti-rapi"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2015/UBUNTU-CVE-2015-7944.json"}},{"package":{"name":"ganeti","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/ganeti@2.16.0~rc2-1build1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.16.0~rc2-1build1"}]}],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"2.16.0~rc2-1build1","binary_name":"ganeti"},{"binary_version":"2.16.0~rc2-1build1","binary_name":"ganeti-2.16"},{"binary_version":"2.16.0~rc2-1build1","binary_name":"ganeti-doc"},{"binary_version":"2.16.0~rc2-1build1","binary_name":"ganeti-haskell-2.16"},{"binary_version":"2.16.0~rc2-1build1","binary_name":"ganeti-haskell-2.16-dbgsym"},{"binary_version":"2.16.0~rc2-1build1","binary_name":"ganeti-htools"},{"binary_version":"2.16.0~rc2-1build1","binary_name":"ganeti-htools-2.16"},{"binary_version":"2.16.0~rc2-1build1","binary_name":"ganeti-htools-2.16-dbgsym"},{"binary_version":"2.16.0~rc2-1build1","binary_name":"python-ganeti-rapi"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2015/UBUNTU-CVE-2015-7944.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]}