CVE Daily
← All tags

Tag: Denial of Service (DoS)

All CVEs associated with "Denial of Service (DoS)". Page 314/331 • 39648 CVEs.

Subscribe CVEs: RSS for “Denial of Service (DoS)”  ·  RSS (High+Critical only)

About “Denial of Service (DoS)”

A curated feed of “Denial of Service (DoS)”-related CVEs appears below. We currently track 39648 CVEs for this tag (all time). In the last 365 days, 3219 were published. Average CVSS is 6.6 (all time; 6.6 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-770 - Allocation of Resources Without Limits or Throttling, CWE-476 - NULL Pointer Dereference.

In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2004-10-20
High

CVE-2004-0754

Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0785

Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2004-0786

The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0788

Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.

CVSS: 5.0 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Medium

CVE-2004-0794

Multiple signal handler race conditions in lukemftpd (aka tnftpd before 20040810) allow remote authenticated attackers to cause a denial of service or execute arbitrary code.

CVSS: 5.1 CWE: N/A View on NVD
Medium

CVE-2004-0796

SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages.

CVSS: 5.0 CWE: N/A View on NVD
Low

CVE-2004-0797

The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service (application crash).

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2004-0799

The HTTP daemon in Ipswitch WhatsUp Gold 8.03 and 8.03 Hotfix 1 allows remote attackers to cause a denial of service (server crash) via a GET request containing an MS-DOS device name, as demonstrated…

CVSS: 5.0 CWE: N/A View on NVD
2004-10-19
Medium

CVE-2004-1618

Vypress Tonecast 1.3 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed mp2 stream.

CVSS: 5.0 CWE: N/A View on NVD
2004-10-18
Medium

CVE-2004-1613

Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-1614

Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an "unusual combination of visual elements," including several large MARQUEE tags with…

CVSS: 5.0 CWE: N/A View on NVD
Low

CVE-2004-1615

Opera allows remote attackers to cause a denial of service (invalid memory reference and application crash) via a web page or HTML email that contains a TBODY tag with a large COL SPAN value, as demo…

CVSS: 2.6 CWE: N/A View on NVD
Medium

CVE-2004-1616

Links allows remote attackers to cause a denial of service (memory consumption) via a web page or HTML email that contains a table with a td element and a large rowspan value,as demonstrated by mangl…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-1617

Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service (infinite loop) via a web page or HTML email that contains invalid HTML including (1) a TEXTAREA tag…

CVSS: 5.0 CWE: CWE-20 - Improper Input Validation View on NVD
2004-10-13
Medium

CVE-2004-1597

RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote attackers to cause a denial of service (device reboot and possibly data corruption) via a calendar message with a long Location fie…

CVSS: 5.0 CWE: N/A View on NVD
2004-09-28
Medium

CVE-2003-0931

Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial of service (service hang) by replaying a malformed discovery packet to UDP port 39999.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0163

Sygate Secure Enterprise (SSE) 3.5MR3 and earlier does not change the key used to encrypt data, which allows remote attackers to cause a denial of service (resource exhaustion) by capturing a session…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2004-0458

mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference.

CVSS: 7.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
High

CVE-2004-0500

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protoco…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2004-0558

The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0644

The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encodin…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2004-0691

Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2004-0692

The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different v…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0693

The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different v…

CVSS: 5.0 CWE: N/A View on NVD
2004-09-24
Medium

CVE-2004-1698

The Base64 function in PopMessenger 1.60 (before 20 Sep 2004) and earlier allows remote attackers to cause a denial of service (application crash) via invalid characters in a message, which causes se…

CVSS: 5.0 CWE: N/A View on NVD
2004-09-21
Medium

CVE-2004-1378

The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-1696

EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to cause a denial of service (application crash) via a sequence of carriage returns sent to TCP port 66.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-1699

SettingsBase.php in Pinnacle ShowCenter 1.51 allows remote attackers to cause a denial of service (web interface errors) via an invalid Skin parameter.

CVSS: 5.0 CWE: N/A View on NVD
2004-09-18
Medium

CVE-2004-1691

The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumption and crash) via a large amount of data.

CVSS: 5.0 CWE: N/A View on NVD
2004-09-16
Medium

CVE-2004-0809

The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV au…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2004-0827

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute ar…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2004-1688

Pigeon Server 3.02.0143 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a long login name sent to port 3103.

CVSS: 5.0 CWE: N/A View on NVD
2004-09-13
Medium

CVE-2004-0807

Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an i…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-1680

application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of service (VxWorks OS crash) via a long HTTP GET request, possibly trigg…

CVSS: 5.0 CWE: N/A View on NVD
2004-09-11
Medium

CVE-2004-1675

Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application crash) via a STORE UNIQUE (STOU) command with an MS-DOS device name argument such as (1) COM1, (2) LPT1…

CVSS: 5.0 CWE: CWE-20 - Improper Input Validation View on NVD
2004-09-09
Medium

CVE-2004-0830

The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earli…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-1667

Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote attackers to cause a denial of service (server crash) via a long client response.

CVSS: 5.0 CWE: N/A View on NVD
2004-09-06
Medium

CVE-2004-1348

Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash).

CVSS: 5.0 CWE: N/A View on NVD
2004-09-05
Medium

CVE-2004-1664

Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a large (1) query or (2) reply packet, which is not properly handled by the buffer overflow protection…

CVSS: 5.0 CWE: N/A View on NVD
2004-09-04
Medium

CVE-2004-1663

Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of serv…

CVSS: 5.0 CWE: N/A View on NVD
2004-08-30
Medium

CVE-2004-1644

Xedus 1.0 allows remote attackers to cause a denial of service (refuse connections) by connecting multiple times from the same IP address.

CVSS: 5.0 CWE: N/A View on NVD
2004-08-29
Medium

CVE-2004-1641

Heap-based buffer overflow in Titan FTP 3.21 and earlier allows remote attackers to cause a denial of service (crash) via a long FTP command such as (1) CWD, (2) STAT, or (3) LIST.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-1642

WFTPD Pro Server 3.21 allows remote authenticated users to cause a denial of service (crash) via a series of long MLIST commands.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-1643

WS_FTP 5.0.2 allows remote authenticated users to cause a denial of service (CPU consumption) via a CD command that contains an invalid path with a "../" sequence.

CVSS: 5.0 CWE: N/A View on NVD
2004-08-26
Medium

CVE-2004-1751

Ground Control II: Operation Exodus 1.0.0.7 and earlier allows remote servers to cause a denial of service (client or server crash) via a large packet, which generates a "Message too long" socket err…

CVSS: 5.0 CWE: N/A View on NVD
2004-08-25
Medium

CVE-2004-0819

The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging firewall with the link2 option for IPSec enabled, allows remote attackers to cause a denial of service…

CVSS: 5.0 CWE: N/A View on NVD
2004-08-24
Medium

CVE-2004-1744

Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to cause a denial of service (CPU consumption or crash) via many large HTTP requests.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-1745

Buffer overflow in Painkiller 1.3.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password.

CVSS: 5.0 CWE: N/A View on NVD
2004-08-23
Medium

CVE-2004-1739

Bird Chat 1.61 allows remote attackers to cause a denial of service (crash) via invalid users.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-1741

Music daemon (musicd) 0.0.3 and earlier allows remote attackers to cause a denial of service (crash) by calling LOAD with a binary file as an argument, then calling SHOWLIST.

CVSS: 5.0 CWE: N/A View on NVD
2004-08-20
Medium

CVE-2004-1727

BadBlue 2.5 allows remote attackers to cause a denial of service (refuse HTTP connections) via a large number of connections from the same IP address.

CVSS: 5.0 CWE: N/A View on NVD
2004-08-18
Critical

CVE-2004-0226

Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2004-0232

Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0375

SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0421

The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bou…

CVSS: 5.0 CWE: CWE-125 - Out-of-bounds Read View on NVD
Critical

CVE-2004-0433

Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-lib) before 1-rc4, when playing Real RTSP (realrtsp) streams, allow r…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2004-0476

Buffer overflow in 3Com OfficeConnect Remote 812 ADSL Router 1.1.9.4 allows remote attackers to cause a denial of service (reboot or packet loss) via a long string containing Telnet escape characters…

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2004-0487

A certain ActiveX control in Symantec Norton AntiVirus 2004 allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary programs.

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2004-0504

Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0505

The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0506

The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference.

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2004-0507

Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2004-0758

Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service t…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0766

NGSEC StackDefender 2.0 allows attackers to cause a denial of service (system crash) via an invalid address for the BaseAddress parameter to the hooks for the (1) ZwAllocateVirtualMemory or (2) ZwPro…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0767

NGSEC StackDefender 1.10 allows attackers to cause a denial of service (system crash) via an invalid address for the ObjectAttribues parameter to the hooks for the (1) ZwCreateFile or (2) ZwOpenFile…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0230

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecti…

CVSS: 5.0 CWE: N/A View on NVD
2004-08-17
Low

CVE-2004-1718

The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 and earlier allows local users to cause a denial of service (crash) via an invalid pointer in the "oa" argument.

CVSS: 2.1 CWE: N/A View on NVD
2004-08-11
High

CVE-2004-1714

BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a…

CVSS: 7.1 CWE: CWE-732 - Incorrect Permission Assignment for Critical Resource View on NVD
2004-08-10
Medium

CVE-2004-1347

X Display Manager (XDM) on Solaris 8 allows remote attackers to cause a denial of service (XDM crash) via an invalid X Display Manager Control Protocol (XDMCP) request.

CVSS: 5.0 CWE: N/A View on NVD
2004-08-09
Medium

CVE-2004-1702

The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and trigg…

CVSS: 5.0 CWE: N/A View on NVD
2004-08-06
Low

CVE-2004-0136

The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary."

CVSS: 2.1 CWE: N/A View on NVD
Low

CVE-2004-0137

Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system panic) as a result of "page invalidation issues."

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2004-0202

IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (applicati…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0215

Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header.

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2004-0413

libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory con…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0414

CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash),…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2004-0447

Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477.…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2004-0453

Format string vulnerability in the monitor "memory dump" command in VICE 1.6 to 1.14 allows local users to cause a denial of service (emulator crash) and possibly execute arbitrary code via format st…

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2004-0460

Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arb…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0461

The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2004-0492

Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a nega…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2004-0493

The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based…

CVSS: 6.4 CWE: N/A View on NVD
Medium

CVE-2004-0525

HP Integrated Lights-Out (iLO) 1.10 and other versions before 1.55 allows remote attackers to cause a denial of service (hang) by accessing iLO using the TCP/IP reserved port zero.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0547

Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows remote attackers to cause a denial of service (crash).

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0551

Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid…

CVSS: 5.0 CWE: N/A View on NVD
Low

CVE-2004-0554

Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and…

CVSS: 2.1 CWE: N/A View on NVD
Low

CVE-2004-0587

Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2004-0589

Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2)…

CVSS: 4.3 CWE: N/A View on NVD
Low

CVE-2004-0596

The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null…

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2004-0651

Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang).

CVSS: 5.0 CWE: N/A View on NVD
Low

CVE-2004-0654

Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows loc…

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2004-0656

The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2004-0658

Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and p…

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2004-0661

Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME op…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2004-0666

Off-by-one error in the POP3_readmsg function in popclient 3.0b6 allows remote attackers to cause a denial of service (application crash) via an e-mail message with a certain line length, which leads…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2004-0668

Web Access in Lotus Domino 6.5.1 allows remote attackers to cause a denial of service (server crash) via a large e-mail message, as demonstrated using a large image attachment.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0670

Prestige 650HW-31 running Rompager 4.7 software allows remote attackers to cause a denial of service (device reboot) via a long password.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0674

Enterasys XSR-1800 series Security Routers, when running firmware 7.0.0.0 and using Policy-Based Routing, allow remote attackers to cause a denial of service (crash) via a packet with the IP record r…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0677

Fastream NETFile FTP Server 6.7.2.1085 and earlier allows remote attackers to cause a denial of service (temporary hang) via the cd command with an unusual argument, possibly due to multiple leading…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0683

Symantec Norton AntiVirus 2002 and 2003 allows remote attackers to cause a denial of service (CPU consumption) via a compressed archive that contains a large number of directories.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0684

WebSphere Edge Component Caching Proxy in WebSphere Edge Server 5.02, with the JunctionRewrite directive enabled, allows remote attackers to cause a denial of service via an HTTP GET request without…

CVSS: 5.0 CWE: N/A View on NVD
2004-08-04
Medium

CVE-2004-1369

The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset…

CVSS: 5.0 CWE: N/A View on NVD
2004-08-02
High

CVE-2004-1706

The U.S. Robotics USR808054 wireless access point allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via an HTTP GET request with a long version s…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2004-1708

Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of service (crash) via a large number of connections.

CVSS: 5.0 CWE: N/A View on NVD
2004-07-30
Medium

CVE-2004-1705

Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers to cause a denial of service via a long username.

CVSS: 5.0 CWE: N/A View on NVD
2004-07-27
High

CVE-2003-1048

Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image.

CVSS: 7.8 CWE: CWE-415 - Double Free View on NVD
Medium

CVE-2004-0710

IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 co…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0714

Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers t…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0724

The Half-Life engine before July 7 2004 allows remote attackers to cause a denial of service (server or client crash) via an empty fragmented packet.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0728

The Remote Control Client service in Microsoft's Systems Management Server (SMS) 2.50.2726.0 allows remote attackers to cause a denial of service (crash) via a data packet to TCP port 2702 that cause…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2004-0733

Format string vulnerability in OllyDbg 1.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are directly provided to…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0739

Buffer overflow in Whisper FTP Surfer 1.0.7 allows remote FTP servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long filename.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2004-0740

The HTTP server in Lexmark T522 and possibly other models allows remote attackers to cause a denial of service (server crash, reload, or hang) via an HTTP header with a long Host field, possibly trig…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2004-0741

LionMax Software WWW File Share Pro 2.60 allows remote attackers to cause a denial of service (crash or hang) via a long URL, possibly triggering a buffer overflow.

CVSS: 5.0 CWE: N/A View on NVD
2004-07-22
Medium

CVE-2004-1749

Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed routing configuration, allows remote attackers to cause a denial of service (CPU consumption) via a lar…

CVSS: 5.0 CWE: N/A View on NVD
2004-07-07
High

CVE-2004-0399

Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0400

Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2004-0424

Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the…

CVSS: 7.2 CWE: N/A View on NVD
Low

CVE-2004-0427

The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activ…

CVSS: 2.1 CWE: CWE-401 - Missing Release of Memory after Effective Lifetime View on NVD
Medium

CVE-2004-0437

Titan FTP Server version 3.01 build 163, and possibly other versions before build 169, allows remote authenticated users to cause a denial of service (crash) by disconnecting from the system during a…

CVSS: 5.0 CWE: N/A View on NVD