| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local users to cause a denial of service (crash) via an SCTP socket with a certain SO_LINGER value, possibly related to the patch for CVE-2006-3745. NOTE: older kernel versions for specific Linux distributions are also affected, due to backporting of the CVE-2006-3745 patch. |
| The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a length inconsistency or a missing argument. |
| The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which causes the creation to fail, leading to a null dereference in the keyring destructor. |
| Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does not properly handle when the ip_options_echo function in icmp.c fails, which allows remote attackers to cause a denial of service (crash) via vectors such as (1) record-route and (2) timestamp IP options with the needaddr bit set and a truncated value. |
| The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued. |
| The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory. |
| Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of service (memory consumption) via a NASL script that calls split with an invalid sep parameter. NOTE: a design goal of the NASL language is to facilitate sharing of security tests by guaranteeing that a script "can not do anything nasty." This issue is appropriate for CVE only if Nessus users have an expectation that a split statement will not use excessive memory. |
| OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. |
| The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context. |
| Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (crash) via a certain email. |
| Memory leak in the Windows 2000 kernel allows remote attackers to cause a denial of service (SMB request hang) via a NetBIOS continuation packet. |
| Buffer overflow in httpd32.exe in Deerfield VisNetic WebSite before 3.5.15 allows remote attackers to cause a denial of service (crash) via a long HTTP OPTIONS request. |
| Unspecified vulnerability in the GSM BSSMAP dissector in Wireshark (aka Ethereal) 0.10.11 to 0.99.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors. |
| NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to cause a denial of service (memory usage and cpu utilization) via a flood of arbitrary UDP datagrams to ports 0 to 65000. NOTE: this issue was reported as a buffer overflow, but that term usually does not apply in flooding attacks. |
| mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference. |
| The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2. |
| PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation fault) by defining and executing a recursive function. NOTE: it has been reported by a reliable third party that some later versions are also affected. |
| The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data. |
| Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644. |
| Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim. |
