CVE Daily
← All tags

Tag: Denial of Service (DoS)

All CVEs associated with "Denial of Service (DoS)". Page 301/331 • 39649 CVEs.

Subscribe CVEs: RSS for “Denial of Service (DoS)”  ·  RSS (High+Critical only)

About “Denial of Service (DoS)”

A curated feed of “Denial of Service (DoS)”-related CVEs appears below. We currently track 39649 CVEs for this tag (all time). In the last 365 days, 3220 were published. Average CVSS is 6.6 (all time; 6.6 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-770 - Allocation of Resources Without Limits or Throttling, CWE-476 - NULL Pointer Dereference.

In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2006-06-19
Medium

CVE-2006-3074

klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-06-16
Medium

CVE-2006-3057

Unspecified vulnerability in NetworkManager daemon for DHCP (dhcdbd) allows remote attackers to cause a denial of service (crash) via certain invalid DHCP responses that trigger memory corruption.

CVSS: 5.0 CWE: N/A View on NVD
2006-06-13
Medium

CVE-2006-2374

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the…

CVSS: 5.5 CWE: CWE-667 - Improper Locking View on NVD
Medium

CVE-2006-3005

The JPEG library in media-libs/jpeg before 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent attackers to cause a denial of service (memory exhaustion) v…

CVSS: 5.0 CWE: N/A View on NVD
2006-06-12
High

CVE-2006-2961

Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MKD command. NOTE: t…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2006-2971

Integer overflow in the recv_packet function in 0verkill 0.16 allows remote attackers to cause a denial of service (daemon crash) via a UDP packet with fewer than 12 bytes, which results in a long le…

CVSS: 5.0 CWE: N/A View on NVD
2006-06-09
Medium

CVE-2006-2924

Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4.4.1, when TLS is enabled or when SSL/TLS is enabled in the web server, allows remote attackers to cause a denial of service (cras…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2006-2926

Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-2919

Unspecified vulnerability in Microsoft NetMeeting 3.01 allows remote attackers to cause a denial of service (crash or CPU consumption) and possibly execute arbitrary code via crafted inputs that trig…

CVSS: 7.8 CWE: N/A View on NVD
2006-06-08
High

CVE-2006-2193

Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2006-2906

The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via…

CVSS: 5.4 CWE: N/A View on NVD
2006-06-07
Medium

CVE-2006-1173

Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for perf…

CVSS: 5.0 CWE: CWE-399 View on NVD
High

CVE-2006-2898

The IAX2 channel driver (chan_iax2) for Asterisk 1.2.x before 1.2.9 and 1.0.x before 1.0.11 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via truncated IAX 2…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-06-06
High

CVE-2006-2838

Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash)…

CVSS: 7.6 CWE: N/A View on NVD
2006-06-05
High

CVE-2006-2830

Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent (TRA) before 5.4, and Hawk before 4.6.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-2806

The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.

CVSS: 7.8 CWE: N/A View on NVD
2006-06-03
Medium

CVE-2006-2802

Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstr…

CVSS: 5.0 CWE: N/A View on NVD
2006-06-02
Low

CVE-2006-2789

Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service (persistent crash) via a crafted "From" he…

CVSS: 2.6 CWE: N/A View on NVD
High

CVE-2006-2788

Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript c…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2006-2779

Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMN…

CVSS: 9.3 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
Critical

CVE-2006-2780

Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "jsstr tagify," which leads to…

CVSS: 9.3 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
Medium

CVE-2006-2781

Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary co…

CVSS: 6.4 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Low

CVE-2006-2766

Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows Explorer, Outlook Express 6, and possibly other programs, allows remote user-assisted attackers to…

CVSS: 2.6 CWE: N/A View on NVD
Medium

CVE-2006-2756

Eitsop My Web Server 1.0 allows remote attackers to cause a denial of service (application crash) via a long GET request. NOTE: CVE analysis suggests that this is a different product, and therefore…

CVSS: 5.0 CWE: N/A View on NVD
2006-06-01
Medium

CVE-2006-2723

Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicate…

CVSS: 5.0 CWE: N/A View on NVD
2006-05-31
Medium

CVE-2006-2705

Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause an unspecified denial of service via a large number of forged client registration messages.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2706

Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause a denial of service via forged "session start" messages that cause AVR to connect to arbitrary hosts.

CVSS: 5.0 CWE: N/A View on NVD
2006-05-30
High

CVE-2006-2659

libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is n…

CVSS: 7.8 CWE: N/A View on NVD
Medium

CVE-2006-2661

ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference.

CVSS: 5.0 CWE: CWE-476 - NULL Pointer Dereference View on NVD
2006-05-27
Medium

CVE-2006-2629

Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP platforms, allows local users to cause a denial of service (crash) by creating and exiting a large number of tasks, then accessing…

CVSS: 4.0 CWE: N/A View on NVD
2006-05-25
High

CVE-2006-2444

The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause fa…

CVSS: 7.8 CWE: N/A View on NVD
Medium

CVE-2006-2587

Buffer overflow in the WebTool HTTP server component in (1) PunkBuster before 1.229, as used by multiple products including (2) America's Army 1.228 and earlier, (3) Battlefield 1942 1.158 and earlie…

CVSS: 5.0 CWE: N/A View on NVD
2006-05-24
High

CVE-2006-2549

Stack-based buffer overflow in PDF Form Filling and Flattening Tool before 3.1.0.12 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long field names.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2006-2575

The setFrame function in Lib/2D/Surface.hpp for NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service (crash) via a client flag (frameNum) that is greater than 41, which trig…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-1862

The virtual memory implementation in Linux kernel 2.6.x allows local users to cause a denial of service (panic) by running lsof a large number of times in a way that produces a heavy system load.

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2006-2555

The parse_command function in Genecys 0.2 and earlier allows remote attackers to cause a denial of service (crash) via a command with a missing ":" (colon) separator, which triggers a null dereferenc…

CVSS: 5.0 CWE: N/A View on NVD
2006-05-23
Low

CVE-2006-2551

Unspecified vulnerability in the kernel in HP-UX B.11.00 allows local users to cause an unspecified denial of service via unknown vectors.

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2006-0747

Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing b…

CVSS: 5.0 CWE: CWE-189 View on NVD
High

CVE-2006-1861

Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) s…

CVSS: 7.5 CWE: CWE-189 View on NVD
Low

CVE-2006-2542

xmcdconfig in xmcd for Debian GNU/Linux 2.6-17.1 creates /var/lib/cddb and /var/lib/xmcd/discog with world writable permissions, which allows local users to cause a denial of service (disk consumptio…

CVSS: 2.1 CWE: N/A View on NVD
2006-05-22
Low

CVE-2006-2538

IE Tab 1.0.9 plugin for Mozilla Firefox 1.5.0.3 allows remote user-assisted attackers to cause a denial of service (application crash), possibly due to a null dereference, via certain Javascript, as…

CVSS: 2.6 CWE: N/A View on NVD
Critical

CVE-2006-1857

Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk.

CVSS: 9.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2006-1858

SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length o…

CVSS: 7.8 CWE: CWE-20 - Improper Input Validation View on NVD
2006-05-20
Critical

CVE-2006-2496

Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors.

CVSS: 10.0 CWE: N/A View on NVD
2006-05-19
High

CVE-2006-2489

Integer overflow in CGI scripts in Nagios 1.x before 1.4.1 and 2.x before 2.3.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a content length (…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2006-2480

Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via f…

CVSS: 5.1 CWE: CWE-134 - Use of Externally-Controlled Format String View on NVD
High

CVE-2006-0059

Heap-based buffer overflow in the ISO Transport Service over TCP (RFC 1006) implementation of LiveData ICCP Server before 5.00.035 allows remote attackers to cause a denial of service or execute arbi…

CVSS: 7.5 CWE: N/A View on NVD
2006-05-18
Medium

CVE-2006-1528

Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space.

CVSS: 4.9 CWE: CWE-20 - Improper Input Validation View on NVD
Low

CVE-2006-1855

choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving terminatio…

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2006-2441

Pioneers meta-server before 0.9.55, when the server-console is not installed, allows remote attackers to cause a denial of service (crash) via certain requests from an older gnocatan client to create…

CVSS: 5.0 CWE: N/A View on NVD
2006-05-17
Medium

CVE-2006-2426

Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.…

CVSS: 6.4 CWE: N/A View on NVD
2006-05-16
Medium

CVE-2006-2410

raydium_network_netcall_exec function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a packet of type 0xFF, which ca…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2412

The raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a large ID, which causes an invalid…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2413

GNUnet before SVN revision 2781 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an empty UDP datagram, possibly involving FIONREAD errors.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2006-2391

Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2006-2393

The client_cmd function in Empire 4.3.2 and earlier allows remote attackers to cause a denial of service (application crash) by causing long text strings to be appended to the player->client buffer,…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2006-2399

Stack-based buffer overflow in the ServerNetworking::incoming_client_data function in servnet.cpp in Outgun 1.0.3 bot 2 and earlier allows remote attackers to cause a denial of service (application c…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2006-2400

The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (game interruption) via large packets, which cause an exception to be th…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2006-2401

The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (application crash) via packets with incorrect message sizes, which trig…

CVSS: 7.8 CWE: N/A View on NVD
2006-05-15
High

CVE-2006-2362

Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (appl…

CVSS: 7.3 CWE: CWE-787 - Out-of-bounds Write View on NVD
2006-05-12
High

CVE-2006-1455

QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, whi…

CVSS: 7.8 CWE: N/A View on NVD
Medium

CVE-2006-1459

Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie (.MOV).

CVSS: 5.1 CWE: CWE-189 View on NVD
Low

CVE-2006-1859

Memory leak in __setlease in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (memory consumption) via unspecified actions related to an "uninitialised return…

CVSS: 2.1 CWE: N/A View on NVD
Low

CVE-2006-1860

lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (fcntl_setlease lockup) via actions that cause lease_init to free a lock that might not have be…

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2006-2316

S24EvMon.exe in the Intel PROset/Wireless software, possibly 10.1.0.33, uses a S24EventManagerSharedMemory shared memory section with weak permissions, which allows local users to read or modify pass…

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2006-2332

Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of service via a web page with a large number of IMG elements in which the SRC attribute is a mailto URI. NOTE: another researcher f…

CVSS: 2.6 CWE: N/A View on NVD
Low

CVE-2006-2334

The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows co…

CVSS: 2.1 CWE: N/A View on NVD
2006-05-10
Medium

CVE-2006-2298

The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked daemon crash) via crafted IKE packet…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-1184

Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW re…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2276

bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface.

CVSS: 4.9 CWE: CWE-399 View on NVD
Medium

CVE-2006-2277

Multiple Apple Mac OS X 10.4 applications might allow context-dependent attackers to cause a denial of service (application crash) via a crafted OpenEXR (.exr) image file, which triggers the crash wh…

CVSS: 5.0 CWE: N/A View on NVD
Low

CVE-2006-2288

Avahi before 0.6.10 allows local users to cause a denial of service (mDNS/DNS-SD service disconnect) via unspecified mDNS name conflicts.

CVSS: 3.6 CWE: N/A View on NVD
2006-05-09
Medium

CVE-2006-2274

Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointe…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2006-2275

Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quick…

CVSS: 7.5 CWE: CWE-667 - Improper Locking View on NVD
High

CVE-2006-2271

The ECNE chunk handling in Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via an unexpected chunk when the session is in CLOSED state.

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2006-2272

Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via incoming IP fragmented (1) COOKIE_ECHO and (2) HEARTBEAT SCTP control chunks.

CVSS: 7.8 CWE: N/A View on NVD
Medium

CVE-2006-2240

Unspecified vulnerability in the (1) web cache or (2) web proxy in Fujitsu NetShelter/FW allows remote attackers to cause a denial of service (device unresponsiveness) via certain DNS packets, as dem…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2242

acFTP 1.4 allows remote attackers to cause a denial of service (application crash) via a long string with "{" (brace) characters to the USER command.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2254

Buffer overflow in filecpnt.exe in FileCOPA 1.01 allows remote attackers to cause a denial of service (application crash) via a username with a large number of newline characters.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2267

Kerio WinRoute Firewall before 6.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors in the "email protocol inspectors," possibly (1) SMTP and (2) POP3.

CVSS: 5.0 CWE: N/A View on NVD
2006-05-05
Low

CVE-2006-2221

A third-party installer generation tool, possibly BitRock InstallBuilder, as used in products including Process-one ejabberd 1.1.1_1 and earlier, generates an installer that allows local users to cau…

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2006-2222

Buffer overflow in zawhttpd 0.8.23, and possibly previous versions, allows remote attackers to cause a denial of service (daemon crash) via a request for a URI composed of several "\" (backslash) cha…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2226

Buffer overflow in XM Easy Personal FTP Server 4.2 and 5.0.1 allows remote authenticated users to cause a denial of service via a long argument to the PORT command.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2229

OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow r…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2006-2230

Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command…

CVSS: 5.0 CWE: N/A View on NVD
Low

CVE-2006-2205

The audio_write function in NetBSD 3.0 allows local users to cause a denial of service (kernel crash) by using the audiosetinfo ioctl to change the sample rate of an audio device.

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2006-2213

Hostapd 0.3.7-2 allows remote attackers to cause a denial of service (segmentation fault) via an unspecified value in the key_data_length field of an EAPoL frame.

CVSS: 5.0 CWE: N/A View on NVD
2006-05-04
High

CVE-2006-2172

Buffer overflow in Gene6 FTP Server 3.1.0 allows remote authenticated attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to (1) MKD or (2) XMKD, as…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2006-2173

Buffer overflow in FileZilla FTP Server 2.2.22 allows remote authenticated attackers to cause a denial of service and possibly execute arbitrary code via a long (1) PORT or (2) PASS followed by the M…

CVSS: 6.4 CWE: N/A View on NVD
Medium

CVE-2006-2180

Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long argument to the (1) NLST or (2) APPE comma…

CVSS: 6.4 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-05-03
Medium

CVE-2006-1527

The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote attackers to trigger a denial of service (infinite loop) via unknown vectors that cause an invalid SCTP chunk size to be process…

CVSS: 5.0 CWE: N/A View on NVD
2006-05-02
Low

CVE-2006-1526

Buffer overflow in the X render (Xrender) extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service (crash), as demonstrated by the (1) XRenderCompositeTriStrip and (2) XR…

CVSS: 2.1 CWE: N/A View on NVD
2006-05-01
Low

CVE-2006-2120

The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which tri…

CVSS: 2.1 CWE: N/A View on NVD
2006-04-29
Medium

CVE-2006-2087

The Gmax Mail client in Hitachi Groupmax before 20060426 allows remote attackers to cause a denial of service (application hang or erroneous behavior) via an attachment with an MS-DOS device filename.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2092

Unspecified vulnerability in HP StorageWorks Secure Path for Windows 4.0C-SP2 before 20060419 allows remote attackers to cause an unspecified denial of service via unknown vectors.

CVSS: 5.0 CWE: N/A View on NVD
Low

CVE-2006-2093

Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of service (memory consumption) via a NASL script that calls split with an invalid sep parameter. NOTE: a…

CVSS: 2.6 CWE: CWE-399 View on NVD
Medium

CVE-2006-2095

Phex before 2.8.6 allows remote attackers to cause a denial of service (application hang) by initiating multiple chat requests to a single user and then logging off.

CVSS: 5.0 CWE: CWE-264 View on NVD
High

CVE-2006-2107

Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the (1) EHLO, (2) MAIL FROM, and (3)…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2006-2108

parser.exe in Océ (OCE) 3121/3122 Printer allows remote attackers to cause a denial of service (crash or reboot) via a long request, possibly triggering a buffer overflow.

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2006-04-27
Medium

CVE-2006-2075

Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers to cause a denial of service via a crafted DNS message, aka "Query-of-death," as demonstrated by the OUSPG PROTOS DNS test suite.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2076

Memory leak in Paul Rombouts pdnsd before 1.2.4 allows remote attackers to cause a denial of service (memory consumption) via a DNS query with an unsupported (1) QTYPE or (2) QCLASS, as demonstrated…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2006-2078

Multiple unspecified vulnerabilities in multiple FITELnet products, including FITELnet-F40, F80, F100, F120, F1000, and E20/E30, allow remote attackers to cause a denial of service via crafted DNS me…

CVSS: 7.8 CWE: N/A View on NVD
Medium

CVE-2006-2072

Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2073

Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2064

Unspecified vulnerability in the libpkcs11 library in Sun Solaris 10 might allow local users to gain privileges or cause a denial of service (application failure) via unknown attack vectors that invo…

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2006-2068

Unspecified vulnerability in Hitachi JP1 products allow remote attackers to cause a denial of service (application stop or fail) via unexpected requests or data.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2069

The recursor in PowerDNS before 3.0.1 allows remote attackers to cause a denial of service (application crash) via malformed EDNS0 packets.

CVSS: 5.0 CWE: CWE-399 View on NVD
2006-04-26
Medium

CVE-2006-2054

3Com Baseline Switch 2848-SFP Plus Model #3C16486 with firmware before 1.0.2.0 allows remote attackers to cause a denial of service (unstable operation) via long DHCP packets.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-0048

Francesco Stablum tcpick 0.2.1 allows remote attackers to cause a denial of service (segmentation fault) via certain fragmented packets, possibly involving invalid headers and an attacker-controlled…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2030

The Allied Telesyn AT-9724TS switch allows remote attackers to cause a denial of service via a large amount of UDP data to the switch, which leads to unstable operation and possibly failure of the ma…

CVSS: 5.0 CWE: N/A View on NVD
2006-04-25
Medium

CVE-2006-2024

Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2006-2025

Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a craf…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2006-2026

Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image th…

CVSS: 6.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2006-2023

Integer overflow in the RTSP_msg_len function in rtsp/RTSP_msg_len.c in Fenice 1.10 and earlier allows remote attackers to cause a denial of service (application crash) via a large HTTP Content-Lengt…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-2019

Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan at…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-1933

Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (large or infinite loops) viarafted packets to the (1) UMA and (2) BER dissec…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-1934

Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Ins…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-1935

Buffer overflow in Ethereal 0.9.15 up to 0.10.14 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the COPS dissector.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-1937

Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) multiple vectors in H.248, and the (2)…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2006-1938

Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via the (1) Sniffer capture or (2) SMB PIPE diss…

CVSS: 5.0 CWE: N/A View on NVD