Medium
CVE-2004-2641
Unspecified vulnerability in Sun Fire 3800/4800/4810/6800, Sun Fire V1280, and Netra 1280 allows remote attackers to cause a denial of service (system controller hang) via IP Packets With Type of Ser…
Tag: Denial of Service (DoS)
All CVEs associated with "Denial of Service (DoS)". Page 313/331 • 39648 CVEs.
Subscribe CVEs: RSS for “Denial of Service (DoS)” · RSS (High+Critical only)
About “Denial of Service (DoS)”
A curated feed of “Denial of Service (DoS)”-related CVEs appears below. We currently track 39648 CVEs for this tag (all time). In the last 365 days, 3219 were published. Average CVSS is 6.6 (all time; 6.6 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-770 - Allocation of Resources Without Limits or Throttling, CWE-476 - NULL Pointer Dereference.
In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2004-12-31
Medium
CVE-2004-2646
The addUser function in UserManager.java in Free Web Chat 2.0 allows remote attackers to cause a denial of service (uncaught NullPointerException) via unknown attack vectors that cause the usrName va…
Medium
CVE-2004-2647
Free Web Chat 2.0 allows remote attackers to cause a denial of service (CPU consumption) via multiple connections from the same user.
Low
CVE-2004-2648
FreezeX 1.00.100.0666 allows local users with administrator privileges to cause a denial of service (FreezeX application) by overwriting the db.fzx file.
Medium
CVE-2004-2650
Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, which prevents a lock fr…
High
CVE-2004-2652
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packe…
Medium
CVE-2004-2654
The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors that trigge…
Medium
CVE-2004-2660
Memory leak in direct-io.c in Linux kernel 2.6.x before 2.6.10 allows local users to cause a denial of service (memory consumption) via certain O_DIRECT (direct IO) write requests.
Medium
CVE-2004-2662
Soft3304 04WebServer before 1.41 allows remote attackers to cause a denial of service (resource consumption or crash) via certain data related to OpenSSL, which causes a thread to terminate but conti…
Medium
CVE-2004-2665
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service vi…
Critical
CVE-2004-2673
Multiple buffer overflows in ArGoSoft FTP Server before 1.4.1.6 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a SITE ZIP command with a lon…
Medium
CVE-2004-2675
ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to cause a denial of service (crash) via a SITE PASS command with a long password parameter, which causes the database to be corru…
High
CVE-2004-2691
Unspecified vulnerability in 3Com SuperStack 3 4400 switches with firmware version before 3.31 allows remote attackers to cause a denial of service (device reset) via a crafted request to the web man…
Medium
CVE-2004-2698
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly modify arbitrary files via a symlink at…
Medium
CVE-2004-2706
Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service (crash) via conference packets with error messages.
High
CVE-2004-2709
Buffer overflow in the strip_html_tags method for Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors in…
High
CVE-2004-2710
Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to (1) sending c…
High
CVE-2004-2711
Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "avatar retri…
Medium
CVE-2004-2712
Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to "URL data."
Low
CVE-2004-2713
Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissio…
High
CVE-2004-2724
LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service (server crash and client CPU consumption) via a username beginning with percent (%) followed by a null charac…
Medium
CVE-2004-2726
HTTPMail service in MailEnable Professional 1.18 does not properly handle arguments to the Authorization header, which allows remote attackers to cause a denial of service (null dereference and appli…
Medium
CVE-2004-2727
Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 allows remote attackers to cause a denial of service (application crash) via a long HTTP GET request.
Low
CVE-2004-2728
Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and 9.0 allows remote, authenticated users to cause a denial of service (application crash) via a long argument to the XCWD command.
Medium
CVE-2004-2753
Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to access unspecified files or cause a denial of service via unknown vectors related to handling of "fil…
High
CVE-2004-2758
Multiple unspecified vulnerabilities in the H.323 protocol implementation for Sun SunForum 3.2 and 3D 1.0 allow remote attackers to cause a denial of service (segmentation fault and process crash), a…
2004-12-29
Medium
CVE-2004-1316
Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:…
2004-12-23
Low
CVE-2004-0511
Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a null dereference.
Low
CVE-2004-0512
Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a core dump.
Medium
CVE-2004-0810
Buffer overflow in Netopia Timbuktu 7.0.3 allows remote attackers to cause a denial of service (server process crash) via a certain data string that is sent to multiple simultaneous client connection…
Low
CVE-2004-0814
Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that i…
High
CVE-2004-0816
Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.
High
CVE-2004-0842
Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading S…
Medium
CVE-2004-0849
Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cau…
Medium
CVE-2004-1305
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame nu…
High
CVE-2004-1373
Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as de…
2004-12-22
Medium
CVE-2005-0066
The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has alr…
Medium
CVE-2005-0067
The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connec…
Medium
CVE-2005-0068
The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and c…
2004-12-17
Medium
CVE-2004-1768
The character converters in the Spamhunter and Language ID modules for Symantec Brightmail AntiSpam 6.0.1 before patch 132 allow remote attackers to cause a denial of service (crash) via messages wit…
2004-12-16
Low
CVE-2004-1323
Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and…
2004-12-15
Medium
CVE-2004-1139
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).
Medium
CVE-2004-1142
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
Low
CVE-2004-1333
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a…
Low
CVE-2004-1334
Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a bu…
Low
CVE-2004-1335
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
2004-12-06
Medium
CVE-2004-0468
Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denial of service (memory exhaustion and device reboot) via certain IPv6 packets.
Medium
CVE-2004-0576
The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service (server crash) via malformed SNMP messages containing…
Medium
CVE-2004-0604
The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows remote attackers to cause a denial of service (crash), possibly via an empty search query, which triggers a NULL dereference.
Medium
CVE-2004-0605
Non-registered IRC users using (1) ircd-hybrid 7.0.1 and earlier, (2) ircd-ratbox 1.5.1 and earlier, or (3) ircd-ratbox 2.0rc6 and earlier do not have a rate-limit imposed, which could allow remote a…
Medium
CVE-2004-0610
The Web administration interface in Microsoft MN-500 Wireless Router allows remote attackers to cause a denial of service (connection refusal) via a large number of open HTTP connections.
Medium
CVE-2004-0611
Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections.
Low
CVE-2004-0618
FreeBSD 5.1 for the Alpha processor allows local users to cause a denial of service (crash) via an execve system call with an unaligned memory address as an argument.
High
CVE-2004-0619
Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add…
Medium
CVE-2004-0626
The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infini…
Critical
CVE-2004-0628
Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
Medium
CVE-2004-0633
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
Medium
CVE-2004-0634
The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.
Medium
CVE-2004-0635
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-b…
2004-11-23
High
CVE-2004-0079
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null…
Medium
CVE-2004-0081
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test…
Medium
CVE-2004-0112
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote at…
Medium
CVE-2004-0244
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2…
Medium
CVE-2004-0245
Web Crossing 4.x and 5.x allows remote attackers to cause a denial of service (crash) by sending a HTTP POST request with a large or negative Content-Length, which causes an integer divide-by-zero.
Medium
CVE-2004-0247
The client and server of Chaser 1.50 and earlier allow remote attackers to cause a denial of service (crash via exception) via a UDP packet with a length field that is greater than the actual data le…
Medium
CVE-2004-0252
TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of service (CPU consumption) via an empty USER name.
Critical
CVE-2004-0253
IBM Cloudscape 5.1 running jdk 1.4.2_03 allows remote attackers to execute arbitrary programs or cause a denial of service via certain SQL code, possibly due to a SQL injection vulnerability.
Medium
CVE-2004-0255
Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to…
Medium
CVE-2004-0257
OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that…
Medium
CVE-2004-0264
palmhttpd for PalmOS allows remote attackers to cause a denial of service (crash) by establishing two simultaneous HTTP connections, which exceeds the PalmOS accept queue.
Medium
CVE-2004-0268
Multiple buffer overflows in EvolutionX 3921 and 3935 allow remote attackers to cause a denial of service (hang) via (1) a long cd command to the FTP server, or (2) a long dir command to the telnet s…
Medium
CVE-2004-0270
libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an…
Medium
CVE-2004-0276
The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request with a sequence of "%" characters and a…
Critical
CVE-2004-0277
Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the username.
Medium
CVE-2004-0278
Ratbag game engine, as used in products such as Dirt Track Racing, Leadfoot, and World of Outlaws Spring Cars, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet…
Medium
CVE-2004-0282
Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of service (crash) by repeatedly connecting to and disconnecting from the server.
Medium
CVE-2004-0284
Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow remote attackers to cause a denial of service (CPU consumption), if "Do not save encrypted pages to disk" is disabled, via a web…
Critical
CVE-2004-0286
Buffer overflow in RobotFTP 1.0 and 2.0 beta 1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long username.
Medium
CVE-2004-0287
Xlight FTP server 1.52 allows remote authenticated users to cause a denial of service (crash) via a RETR command with a long argument containing a large number of / (slash) characters, possibly trigg…
Low
CVE-2004-0289
Buffer overflow in sdbscan in SignatureDB 0.1.1 allows local users to cause a denial of service (segmentation fault) via a database file that contains a large key parameter.
Critical
CVE-2004-0292
Buffer overflow in KarjaSoft Sami HTTP Server 1.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.
Medium
CVE-2004-0295
TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a denial of service (CPU consumption) via an open idle connection.
Critical
CVE-2004-0297
Buffer overflow in the Lightweight Directory Access Protocol (LDAP) daemon (iLDAP.exe 3.9.15.10) in Ipswitch IMail Server 8.03 allows remote attackers to cause a denial of service (crash) and execute…
Medium
CVE-2004-0298
CesarFTP 0.99e allows remote attackers to cause a denial of service (CPU consumption) via a long RETR parameter.
Low
CVE-2004-0299
Buffer overflow in smallftpd 0.99 allows local users to cause a denial of service (crash) via an FTP request with a large number of "/" (slash) characters.
Medium
CVE-2004-0307
Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), and ONS 15454 SD before 4.1(3) allows remote attackers to cause a denial of service (reset) by not sending the ACK portion of the TCP three-way…
Critical
CVE-2004-0313
Buffer overflow in PSOProxy 0.91 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP request, as demonstrated using a long (1) GET argument or (2)…
Critical
CVE-2004-0315
Buffer overflow in Avirt Voice 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long GET request on port 1080.
Medium
CVE-2004-0316
Buffer overflow in Avirt Soho 4.3 allows remote attackers to cause a denial of service (crash) via (1) a large GET request to port 1080 or (2) a large GET request of % characters to port 8080.
Critical
CVE-2004-0317
Buffer overflow in eauth in Load Sharing Facility 4.x, 5.x, and 6.x allows local users or remote attackers within the LSF cluster to cause a denial of service (segmentation fault) and possibly execut…
Medium
CVE-2004-0321
Team Factor 1.25 and earlier allows remote attackers to cause a denial of service (crash) via a packet that uses a negative number to specify the size of the data block that follows, which causes Tea…
Medium
CVE-2004-0329
FreeChat 1.1.1a allows remote attackers to cause a denial of service (crash) via certain unexpected strings, as demonstrated using "aaaaa".
Medium
CVE-2004-0331
Heap-based buffer overflow in Dell OpenManage Web Server 3.4.0 allows remote attackers to cause a denial of service (crash) via a HTTP POST with a long application variable.
Low
CVE-2004-0341
WFTPD Pro Server 3.21 Release 1 allocates memory for a command until a 0Ah byte (newline) is sent, which allows local users to cause a denial of service (CPU consumption) by continuing to send a long…
Medium
CVE-2004-0342
WFTPD Pro Server 3.21 Release 1, with the XeroxDocutech option enabled, allows local users to cause a denial of service (crash) via a (1) MKD or (2) XMKD command that causes an absolute path of 260 c…
Medium
CVE-2004-0352
Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a…
Medium
CVE-2004-0361
The Javascript engine in Safari 1.2 and earlier allows remote attackers to cause a denial of service (segmentation fault) by creating a new Array object with a large size value, then writing into tha…
Medium
CVE-2004-0598
The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.
Medium
CVE-2004-0599
Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow re…
Medium
CVE-2004-0744
The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending a subset of…
2004-11-03
Medium
CVE-2003-0718
The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND…
High
CVE-2004-0208
The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious p…
Low
CVE-2004-0211
The kernel for Microsoft Windows Server 2003 does not reset certain values in CPU data structures, which allows local users to cause a denial of service (system crash) via a malicious program.
Critical
CVE-2004-0214
Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application cr…
High
CVE-2004-0552
Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow m…
High
CVE-2004-0569
The RPC Runtime Library for Microsoft Windows NT 4.0 allows remote attackers to read active memory or cause a denial of service (system crash) via a malicious message, possibly related to improper le…
High
CVE-2004-0774
RealNetworks Helix Universal Server 9.0.2 for Linux and 9.0.3 for Windows allows remote attackers to cause a denial of service (CPU and memory exhaustion) via a POST request with a Content-Length hea…
Medium
CVE-2004-0804
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is…
Medium
CVE-2004-0832
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via a…
Critical
CVE-2004-0836
Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a…
Low
CVE-2004-0837
MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
Medium
CVE-2004-0911
telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service (free of an invalid pointer), a different vulnerability than…
Medium
CVE-2004-0920
Symantec Norton AntiVirus 2004, and earlier versions, allows a virus or other malicious code to avoid detection or cause a denial of service (application crash) using a filename containing an MS-DOS…
Medium
CVE-2004-0938
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (server crash) by sending an Ascend-Send-Secret attribute without the required leading packet.
2004-10-26
Medium
CVE-2004-1639
Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows remote attackers to cause a denial of service (application crash or memory consumption) via a large binary file with a .html extens…
2004-10-22
Medium
CVE-2004-1623
The WAV file property handler in Windows XP SP1 allows remote attackers to cause a denial of service (infinite loop in Explorer) via a WAV file with an invalid file header whose fmt chunk length is s…
Medium
CVE-2004-1625
pGina 1.7.6 and possibly older versions, when the Restart or Shutdown options are enabled on the login screen, allows remote attackers to cause a denial of service by connecting via Remote Desktop an…
2004-10-20
Medium
CVE-2004-0748
mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infi…
Medium
CVE-2004-0751
The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault).
Medium
CVE-2004-0753
The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.