High
CVE-1999-0808
Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options.
Tag: Denial of Service (DoS)
All CVEs associated with "Denial of Service (DoS)". Page 329/331 • 39647 CVEs.
Subscribe CVEs: RSS for “Denial of Service (DoS)” · RSS (High+Critical only)
About “Denial of Service (DoS)”
A curated feed of “Denial of Service (DoS)”-related CVEs appears below. We currently track 39647 CVEs for this tag (all time). In the last 365 days, 3219 were published. Average CVSS is 6.6 (all time; 6.6 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-770 - Allocation of Resources Without Limits or Throttling, CWE-476 - NULL Pointer Dereference.
In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
1999-12-31
Medium
CVE-1999-0815
Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries.
Medium
CVE-1999-1035
IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability.
Medium
CVE-1999-1043
Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error).
High
CVE-1999-1127
Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing…
Medium
CVE-1999-1132
Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a…
Medium
CVE-1999-1148
FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time.
Medium
CVE-1999-1157
Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same ne…
Medium
CVE-1999-1222
Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cause a denial of service (crash) by returning 0.0.0.0 as the IP address for a DNS host name lookup.
Medium
CVE-1999-1223
IIS 3.0 allows remote attackers to cause a denial of service via a request to an ASP page in which the URL contains a large number of / (forward slash) characters.
Medium
CVE-1999-1290
Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string.
Critical
CVE-1999-1293
mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core.
Medium
CVE-1999-1315
Vulnerabilities in DECnet/OSI for OpenVMS before 5.8 on DEC Alpha AXP and VAX/VMS systems allow local users to gain privileges or cause a denial of service.
Low
CVE-1999-1331
netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the…
Medium
CVE-1999-1339
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic…
Low
CVE-1999-1360
Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close…
Low
CVE-1999-1362
Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters.
Low
CVE-1999-1363
Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool.
Low
CVE-1999-1364
Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.
Low
CVE-1999-1476
A bug in Intel Pentium processor (MMX and Overdrive) allows local users to cause a denial of service (hang) in Intel-based operating systems such as Windows NT and Windows 95, via an invalid instruct…
1999-12-30
Medium
CVE-1999-0001
ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.
1999-12-29
Medium
CVE-2000-0007
Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service.
Critical
CVE-2000-0042
Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command.
1999-12-28
Medium
CVE-2000-0014
Denial of service in Savant web server via a null character in the requested URL.
1999-12-27
Medium
CVE-2000-0060
Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers to cause a denial of service via a long user name.
1999-12-23
Medium
CVE-2000-0001
RealMedia server allows remote attackers to cause a denial of service via a long ramgen request.
1999-12-22
Medium
CVE-1999-1109
Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands a…
1999-12-21
Medium
CVE-2000-0023
Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.
1999-12-20
Medium
CVE-2000-0020
DNS PRO allows remote attackers to conduct a denial of service via a large number of connections.
1999-12-16
High
CVE-1999-0995
Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Id…
1999-12-13
Medium
CVE-1999-1003
War FTP Daemon 1.70 allows remote attackers to cause a denial of service by flooding it with connections.
1999-12-08
Medium
CVE-1999-0986
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
1999-12-07
Low
CVE-1999-0976
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail.
1999-12-06
Medium
CVE-1999-0991
Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a long login name.
1999-12-03
Low
CVE-2000-0139
Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a malformed RETR command.
1999-12-01
Medium
CVE-1999-0838
Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE command.
Medium
CVE-1999-0846
Denial of service in MDaemon 2.7 via a large number of connection attempts.
1999-11-24
Medium
CVE-1999-0844
Denial of service in MDaemon WorldClient and WebConfig services via a long URL.
High
CVE-1999-1189
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument…
Medium
CVE-1999-1548
Cabletron SmartSwitch Router (SSR) 8000 firmware 2.x can only handle 200 ARP requests per second allowing a denial of service attack to succeed with a flood of ARP requests exceeding that limit.
1999-11-23
Low
CVE-2000-0531
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.
1999-11-22
High
CVE-1999-1058
Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via several long CWD commands.
1999-11-19
Medium
CVE-1999-0831
Denial of service in Linux syslogd via a large number of connections.
Medium
CVE-1999-0999
Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.
1999-11-17
Medium
CVE-1999-1519
Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password.
Medium
CVE-2000-0073
Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word.
1999-11-10
Critical
CVE-1999-0835
Denial of service in BIND named via malformed SIG records.
Critical
CVE-1999-0837
Denial of service in BIND by improperly closing TCP sessions via so_linger.
Medium
CVE-1999-0848
Denial of service in BIND named via consuming more than "fdmax" file descriptors.
Medium
CVE-1999-0849
Denial of service in BIND named via maxdname.
Low
CVE-1999-0851
Denial of service in BIND named via naptr.
High
CVE-1999-1511
Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service (crash) and possibly execute arbitrary commands via (1) a long PASS command in the POP3 service, (2) a long HELO command…
High
CVE-1999-1539
Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions 4.2d and 4.3 and QVT/Net 4.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via…
1999-11-07
High
CVE-1999-1533
Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause a denial of service (hang) via a long password argument to the login.htm file in its HTTP service.
1999-11-04
Medium
CVE-1999-0843
Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port.
High
CVE-1999-0898
Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request.
High
CVE-1999-1065
Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 14238 while the manager is in n…
1999-11-03
Medium
CVE-1999-0904
Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username.
1999-10-29
Medium
CVE-1999-1532
Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands.
1999-10-28
Low
CVE-1999-1226
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key.
1999-10-26
Medium
CVE-1999-1234
LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo.
1999-10-21
Medium
CVE-1999-0905
Denial of service in Axent Raptor firewall via malformed zero-length IP options.
1999-10-17
Medium
CVE-1999-1342
ICQ ActiveList Server allows remote attackers to cause a denial of service (crash) via malformed packets to the server's UDP port.
1999-10-13
Medium
CVE-1999-1343
HTTP server for Xerox DocuColor 4 LP allows remote attackers to cause a denial of service (hang) via a long URL that contains a large number of . characters.
1999-10-08
Medium
CVE-2000-0369
The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service.
1999-10-06
Medium
CVE-1999-1349
NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote attackers to cause a denial of service (resource exhaustion) via certain packets, possibly with the Urgent (URG) flag set, to port 111.
1999-10-04
High
CVE-1999-1523
Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request.
1999-10-01
Medium
CVE-1999-0880
Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.
Medium
CVE-1999-1500
Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to cause a denial of service (crash) via (1) LIST, (2) TOP, or (3) UIDL commands using letters as arguments.
Medium
CVE-2000-0016
Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username.
Medium
CVE-2000-0047
Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message.
1999-09-26
Medium
CVE-1999-0788
Arkiea nlservd allows remote attackers to conduct a denial of service.
1999-09-23
Medium
CVE-1999-0908
Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.
1999-09-22
Low
CVE-1999-0912
FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files.
1999-09-05
Low
CVE-2000-0489
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then…
1999-09-03
Medium
CVE-1999-0925
UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers.
Critical
CVE-1999-0926
Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.
1999-09-02
Low
CVE-1999-1564
FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes.
1999-08-31
Medium
CVE-1999-1515
A non-default configuration in TenFour TFS Gateway 4.0 allows an attacker to cause a denial of service via messages with incorrect sender and recipient addresses, which causes the gateway to continuo…
1999-08-27
Medium
CVE-1999-1016
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to caus…
1999-08-26
Medium
CVE-1999-0939
Denial of service in Debian IRC Epic/epic4 client via a long string.
1999-08-22
Critical
CVE-1999-1064
Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow attackers to cause a denial of service and possibly execute arbitrary commands by executing WindowMaker with a long program name (ar…
1999-08-19
Medium
CVE-1999-0740
Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.
1999-08-18
Low
CVE-1999-0747
Denial of service in BSDi Symmetric Multiprocessing (SMP) when an fstat call is made when the system has a high CPU load.
1999-08-16
Medium
CVE-1999-0746
A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.
1999-08-12
Medium
CVE-1999-1336
3Com HiPer Access Router Card (HiperARC) 4.0 through 4.2.29 allows remote attackers to cause a denial of service (reboot) via a flood of IAC packets to the telnet port.
1999-08-11
Low
CVE-1999-0694
Denial of service in AIX ptrace system call allows local users to crash the system.
Medium
CVE-1999-0867
Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers.
1999-08-09
Medium
CVE-1999-0675
Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host.
Medium
CVE-1999-0680
Windows NT Terminal Server performs extra work when a client opens a new connection but before it is authenticated, allowing for a denial of service.
1999-07-30
Medium
CVE-1999-0683
Denial of service in Gauntlet Firewall via a malformed ICMP packet.
1999-07-29
Low
CVE-1999-0770
Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresp…
1999-07-23
Medium
CVE-1999-0224
Denial of service in Windows NT messenger service through a long username.
1999-07-21
Critical
CVE-1999-0810
Denial of service in Samba NETBIOS name service daemon (nmbd).
1999-07-20
High
CVE-1999-0721
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.
Critical
CVE-1999-1535
Buffer overflow in AspUpload.dll in Persits Software AspUpload before 1.4.0.2 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument in the…
1999-07-15
Medium
CVE-1999-1518
Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget…
1999-07-07
Medium
CVE-1999-1537
IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the…
1999-07-06
Medium
CVE-1999-0752
Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.
Medium
CVE-1999-1478
The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character.
1999-07-03
High
CVE-1999-0918
Denial of service in various Windows systems via malformed, fragmented IGMP packets.
1999-06-30
Medium
CVE-1999-0140
Denial of service in RAS/PPTP on NT systems.
High
CVE-1999-0726
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.
Low
CVE-1999-1348
Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service.
1999-06-25
Medium
CVE-1999-1164
Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang.
1999-06-23
High
CVE-1999-0723
The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.
1999-06-16
Critical
CVE-1999-0874
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
Medium
CVE-1999-0929
Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests.
1999-06-05
Medium
CVE-1999-0970
The OmniHTTPD visadmin.exe program allows a remote attacker to conduct a denial of service via a malformed URL which causes a large number of temporary files to be created.
1999-06-03
Medium
CVE-1999-1412
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which ge…
1999-06-01
Medium
CVE-1999-0772
Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301.
Medium
CVE-1999-0804
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
Medium
CVE-2000-0481
Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name.
1999-05-31
Medium
CVE-1999-1485
nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attackers to view files and cause a possible denial of service by mounting the nsd virtual file system.
Medium
CVE-2000-0333
tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an i…
1999-05-28
Medium
CVE-1999-1028
Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631.
1999-05-23
Medium
CVE-1999-0928
Buffer overflow in SmartDesk WebSuite allows remote attackers to cause a denial of service via a long URL.
1999-05-20
Medium
CVE-1999-0715
Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.
1999-05-19
Medium
CVE-1999-1030
counter.exe 2.70 allows a remote attacker to cause a denial of service (hang) via an HTTP request that ends in %0A (newline), which causes a malformed entry in the counter log that produces an access…
Medium
CVE-1999-1031
counter.exe 2.70 allows a remote attacker to cause a denial of service (hang) via a long argument.