{"id":"CVE-2015-5470","details":"The label decompression functionality in PowerDNS Recursor before 3.6.4 and 3.7.x before 3.7.3 and Authoritative (Auth) Server before 3.3.3 and 3.4.x before 3.4.5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a long name that refers to itself.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1868.","modified":"2026-01-27T04:15:06.098331Z","published":"2015-11-02T19:59:09Z","withdrawn":"2026-01-27T04:15:06.098331Z","related":["MGASA-2015-0301"],"references":[{"type":"FIX","url":"https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2015/07/07/6"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2015/07/10/8"}],"schema_version":"1.7.3"}