NVD

Id
26616  
Name
CVE-2015-5470  
Description
The label decompression functionality in PowerDNS Recursor before 3.6.4 and 3.7.x before 3.7.3 and Authoritative (Auth) Server before 3.3.3 and 3.4.x before 3.4.5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a long name that refers to itself. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1868.  
Reject
 
CVSS Version
2  
CVSS Score
7.8  
Severity
High  
CVSS Base Score
7.8  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:C)  
Pub Date
2017-01-19  
Published
2015-11-02  
Modified Date
2015-11-03  
Seq
2015-5470  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
140810 26616 CVE-2015-5470 [oss-security] 20150707 Follow up: PowerDNS Security Advisory 2015-01  View
140811 26616 CVE-2015-5470 [oss-security] 20150710 Re: Follow up: PowerDNS Security Advisory 2015-01  View
140812 26616 CVE-2015-5470 https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
10409 JVNDB-2015-005729 PowerDNS Recursor および Authoritative Server のラベル展開機能におけるサービス運用妨害 (DoS) の脆弱性 PowerDNS Recursor および Authoritative (Auth) Server のラベル展開機能には、サービス運用妨害 (CPU 資源の消費またはクラッシュ) 状態にされる脆弱性が存在します。 CVE-2015-5470 82695 CVE-2015-5470 26616 7.8 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-005729.html 2015-04-23 2015-11-05 View