Medium
CVE-1999-1156
BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns.
Tag: Denial of Service (DoS)
All CVEs associated with "Denial of Service (DoS)". Page 330/331 • 39647 CVEs.
Subscribe CVEs: RSS for “Denial of Service (DoS)” · RSS (High+Critical only)
About “Denial of Service (DoS)”
A curated feed of “Denial of Service (DoS)”-related CVEs appears below. We currently track 39647 CVEs for this tag (all time). In the last 365 days, 3219 were published. Average CVSS is 6.6 (all time; 6.6 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-770 - Allocation of Resources Without Limits or Throttling, CWE-476 - NULL Pointer Dereference.
In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
1999-05-17
High
CVE-1999-1510
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands.
1999-05-12
Medium
CVE-1999-0229
Denial of service in Windows NT IIS server using ..\..
1999-05-08
Medium
CVE-1999-1566
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.
1999-05-07
Medium
CVE-1999-0686
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
1999-05-01
Medium
CVE-1999-0194
Denial of service in in.comsat allows attackers to generate messages.
1999-04-19
Medium
CVE-1999-0684
Denial of service in Sendmail 8.8.6 in HPUX.
1999-04-12
Medium
CVE-1999-0444
Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.
Low
CVE-1999-0446
Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS.
1999-04-07
Medium
CVE-1999-1196
Hummingbird Exceed X version 5 allows remote attackers to cause a denial of service via malformed data to port 6000.
1999-04-01
Low
CVE-1999-0480
Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack.
Medium
CVE-1999-0921
BMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service.
1999-03-30
High
CVE-1999-0434
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
1999-03-22
Medium
CVE-1999-0481
Denial of service in "poll" in OpenBSD.
1999-03-21
Medium
CVE-1999-0433
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
1999-03-09
Low
CVE-1999-0417
64 bit Solaris 7 procfs allows local users to perform a denial of service.
1999-03-08
Medium
CVE-1999-0418
Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection.
Medium
CVE-1999-1254
Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.
Medium
CVE-1999-1567
Seapine Software TestTrack server allows a remote attacker to cause a denial of service (high CPU) via (1) TestTrackWeb.exe and (2) ttcgi.exe by connecting to port 99 and disconnecting without sendin…
1999-03-02
Medium
CVE-1999-1551
Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL.
1999-03-01
Medium
CVE-1999-0221
Denial of service of Ascend routers through port 150 (remote administration).
Medium
CVE-1999-0222
Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL.
Medium
CVE-1999-0419
When the Microsoft SMTP service attempts to send a message to a server and receives a 4xx error code, it quickly and repeatedly attempts to redeliver the message, causing a denial of service.
Medium
CVE-1999-0430
Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload.
Medium
CVE-1999-0431
Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service.
Medium
CVE-1999-0437
Remote attackers can perform a denial of service in WebRamp systems by sending a malicious string to the HTTP port.
Medium
CVE-1999-0438
Remote attackers can perform a denial of service in WebRamp systems by sending a malicious UDP packet to port 5353, changing its IP address.
Medium
CVE-1999-0479
Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems.
Critical
CVE-1999-1046
Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181.
1999-02-22
Medium
CVE-1999-0377
Process table attack in Unix systems allows a remote attacker to perform a denial of service by filling a machine's process tables through multiple connections to network services.
Medium
CVE-1999-0441
Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service.
1999-02-19
Low
CVE-1999-0460
Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service.
1999-02-17
Low
CVE-1999-0396
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.
Medium
CVE-1999-1060
Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by connecting to port 31457 from a host with a long DNS…
1999-02-12
Medium
CVE-1999-1203
Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote attackers to cause a denial of service via a spoofed endpoint identifier.
1999-02-06
Medium
CVE-1999-1201
Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain…
1999-02-04
Medium
CVE-1999-1169
nobo 1.2 allows remote attackers to cause a denial of service (crash) via a series of large UDP packets.
1999-02-02
Medium
CVE-1999-0362
WS_FTP server remote denial of service through cwd command.
1999-02-01
Medium
CVE-1999-0351
FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a client.
Medium
CVE-1999-0403
A bug in Cyrix CPUs on Linux allows local users to perform a denial of service.
Medium
CVE-1999-0459
Local users can perform a denial of service in Alpha Linux, using MILO to force a reboot.
1999-01-27
High
CVE-1999-0349
A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.
1999-01-26
Medium
CVE-1999-0400
Denial of service in Linux 2.2.0 running the ldd command on a core file.
High
CVE-1999-0449
The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.
1999-01-25
Medium
CVE-1999-0357
Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets.
1999-01-24
Medium
CVE-1999-1544
Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command.
1999-01-19
Low
CVE-1999-0451
Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port.
1999-01-04
Low
CVE-1999-0464
Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames.
1999-01-01
Medium
CVE-1999-0205
Denial of service in Sendmail 8.6.11 and 8.6.12.
Critical
CVE-1999-0220
Attackers can do a denial of service of IRC by crashing the server.
Critical
CVE-1999-0226
Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service.
Medium
CVE-1999-0231
Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access.
Critical
CVE-1999-0285
Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection.
Medium
CVE-1999-0355
Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service.
Medium
CVE-1999-0393
Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers.
Critical
CVE-1999-0698
Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux.
High
CVE-1999-1568
Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command.
1998-12-27
Low
CVE-1999-1285
Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until t…
1998-12-17
High
CVE-1999-0188
The passwd command in Solaris can be subjected to a denial of service.
1998-12-01
High
CVE-1999-0332
Buffer overflow in NetMeeting allows denial of service and remote command execution.
Critical
CVE-1999-0385
The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.
Medium
CVE-1999-0463
Remote attackers can perform a denial of service using IRIX fcagent.
Medium
CVE-1999-0478
Denial of service in HP-UX sendmail 8.8.6 related to accepting connections.
1998-11-05
Medium
CVE-1999-1284
NukeNabber allows remote attackers to cause a denial of service by connecting to the NukeNabber port (1080) without sending any data, which causes the CPU usage to rise to 100% from the report.exe pr…
High
CVE-1999-1321
Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handl…
1998-11-04
High
CVE-1999-0052
IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.
1998-10-13
Medium
CVE-1999-0053
TCP RST denial of service in FreeBSD.
1998-10-02
Medium
CVE-1999-1404
IBM/Tivoli OPC Tracker Agent version 2 release 1 allows remote attackers to cause a denial of service (resource exhaustion) via malformed data to the localtracker client port (5011), which prevents t…
1998-09-29
Medium
CVE-1999-0969
The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially set…
1998-09-22
Medium
CVE-1999-1265
SMTP server in SLmail 3.1 and earlier allows remote attackers to cause a denial of service via malformed commands whose arguments begin with a "(" (parenthesis) character, such as (1) SEND, (2) VRFY,…
1998-09-03
Medium
CVE-1999-0779
Denial of service in HP-UX SharedX recserv program.
1998-08-23
Medium
CVE-1999-1416
AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service (resource exhaustion) via an HTTP POST request with a large content-length.
High
CVE-1999-1417
Format string vulnerability in AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via encoded % characters in an H…
1998-08-18
Medium
CVE-1999-0157
Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service.
1998-08-14
Medium
CVE-1999-1283
Opera 3.2.1 allows remote attackers to cause a denial of service (application crash) via a URL that contains an extra / in the http:// tag.
1998-08-07
Critical
CVE-1999-1199
Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.
1998-08-01
Medium
CVE-1999-0288
The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonst…
1998-07-29
Low
CVE-1999-1406
dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel.
1998-07-28
Medium
CVE-1999-1447
Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag.
1998-07-25
Medium
CVE-1999-1070
Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter.
1998-07-20
Medium
CVE-1999-1200
Vintra SMTP MailServer allows remote attackers to cause a denial of service via a malformed "EXPN *@" command.
Medium
CVE-1999-1421
NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, whi…
1998-07-16
Medium
CVE-1999-1149
Buffer overflow in CSM Proxy 4.1 allows remote attackers to cause a denial of service (crash) via a long string to the FTP port.
1998-07-15
Critical
CVE-1999-0213
libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind.
1998-07-03
Medium
CVE-1999-1202
StarTech (1) POP3 proxy server and (2) telnet server allows remote attackers to cause a denial of service via a long USER command.
1998-07-01
Medium
CVE-1999-0494
Denial of service in WinGate proxy through a buffer overflow in POP3.
1998-06-30
Low
CVE-1999-1441
Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch i…
1998-06-29
Low
CVE-1999-0797
NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.
1998-06-22
High
CVE-1999-1442
Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses out…
1998-06-16
Medium
CVE-1999-0783
FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system.
1998-06-10
Medium
CVE-1999-0054
Sun's ftpd daemon can be subjected to a denial of service.
1998-06-03
Medium
CVE-1999-1151
Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the int…
1998-05-10
Critical
CVE-1999-0919
A memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections.
1998-05-09
Medium
CVE-1999-1361
Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the serv…
1998-04-14
Medium
CVE-1999-1113
Buffer overflow in Eudora Internet Mail Server (EIMS) 2.01 and earlier on MacOS systems allows remote attackers to cause a denial of service via a long USER command to port 106.
1998-04-08
Medium
CVE-1999-0011
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
Medium
CVE-1999-0010
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
Medium
CVE-1999-1015
Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command.
Medium
CVE-1999-1503
Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to cause a denial of service in nfrd (crash) via a TCP packet with a null header and data field.
Medium
CVE-1999-1504
Stalker Internet Mail Server 1.6 allows a remote attacker to cause a denial of service (crash) via a long HELO command.
1998-04-07
High
CVE-1999-1505
Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet.
1998-04-01
Medium
CVE-1999-0257
Nestea variation of teardrop IP fragmentation denial of service.
1998-03-18
Medium
CVE-1999-1075
inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attac…
1998-03-16
Medium
CVE-1999-0060
Attackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool.
1998-03-11
Low
CVE-1999-1118
ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters.
1998-03-01
Medium
CVE-1999-0514
UDP messages to broadcast addresses are allowed, allowing for a Fraggle attack that can cause a denial of service by flooding the target.
1998-02-21
Medium
CVE-1999-0290
The WinGate telnet proxy allows remote attackers to cause a denial of service via a large number of connections to localhost.
1998-02-18
High
CVE-1999-1207
Buffer overflow in web-admin tool in NetXRay 2.6 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request.
1998-02-14
Medium
CVE-1999-0225
Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size.
1998-02-13
Medium
CVE-1999-0258
Bonk variation of teardrop IP fragmentation denial of service.
1998-02-01
Medium
CVE-1999-0087
Denial of service in AIX telnet can freeze a system and prevent users from accessing the server.
Medium
CVE-1999-0486
Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash.
1998-01-21
High
CVE-1999-0014
Unauthorized privileged access or denial of service via dtappgather program in CDE.
1998-01-15
High
CVE-1999-1045
pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request.
1998-01-05
Medium
CVE-1999-0513
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
1998-01-01
Medium
CVE-1999-0273
Denial of service through Solaris 2.5.1 telnet by sending ^D characters.
High
CVE-1999-0284
Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command.
1997-12-30
Medium
CVE-1999-0107
Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.
1997-12-24
Medium
CVE-1999-1230
Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself.
1997-12-23
Medium
CVE-1999-1581
Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.exe) for Windows NT 4.0 before Service Pack 4 allows remote attackers to cause a denial of service (memory consumption) via a larg…