Security Vulnerabilities, CVEs, Published In August 2003 (Denial of service)
Crob FTP Server 2.60.1 allows remote authenticated users to cause a denial of service (crash) by renaming a file to the "con" MS-DOS device name.
Max CVSS
5.0
EPSS Score
1.83%
Published
2003-08-06
Updated
2017-07-11
Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure."
Max CVSS
5.0
EPSS Score
0.21%
Published
2003-08-27
Updated
2008-09-10
Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users.
Max CVSS
1.2
EPSS Score
0.04%
Published
2003-08-27
Updated
2018-10-30
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets.
Max CVSS
5.0
EPSS Score
0.17%
Published
2003-08-27
Updated
2008-09-10
Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, and iChain 2.2 before Field Patch 1a, allow attackers to cause a denial of service (ABEND) and possibly execute arbitrary code via (1) a long user name or (2) an unknown attack related to a "special script against login."
Max CVSS
7.5
EPSS Score
0.82%
Published
2003-08-27
Updated
2016-10-18
Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call.
Max CVSS
5.0
EPSS Score
4.57%
Published
2003-08-27
Updated
2017-10-11
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
Max CVSS
7.5
EPSS Score
96.78%
Published
2003-08-27
Updated
2019-04-30
X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and possibly other types of packets, with a large num_ranges value, which causes an out-of-bounds array access.
Max CVSS
7.5
EPSS Score
0.83%
Published
2003-08-18
Updated
2016-10-18
mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size.
Max CVSS
7.5
EPSS Score
9.10%
Published
2003-08-18
Updated
2008-09-10
Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6.5.19f and earlier allows remote attackers to cause a denial of service (kernel panic) via certain packets that cause XDR decoding errors, a different vulnerability than CVE-2003-0619.
Max CVSS
5.0
EPSS Score
0.33%
Published
2003-08-27
Updated
2008-09-10
Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows attackers to cause a denial of service (memory consumption).
Max CVSS
5.0
EPSS Score
0.28%
Published
2003-08-18
Updated
2017-07-11
Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.
Max CVSS
7.8
EPSS Score
79.90%
Published
2003-08-18
Updated
2018-10-30
Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND) via a long input string.
Max CVSS
5.0
EPSS Score
4.53%
Published
2003-08-27
Updated
2016-10-18
Polycom MGC 25 allows remote attackers to cause a denial of service (crash) via a large number of "user" requests to the control port 5003, as demonstrated using the blast TCP stress tester.
Max CVSS
5.0
EPSS Score
0.33%
Published
2003-08-18
Updated
2016-10-18
ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability.
Max CVSS
7.5
EPSS Score
0.34%
Published
2003-08-18
Updated
2016-10-18
NeoModus Direct Connect 1.0 build 9, and possibly other versions, allows remote attackers to cause a denial of service (connection and possibly memory exhaustion) via a flood of ConnectToMe requests containing arbitrary IP addresses and ports.
Max CVSS
5.0
EPSS Score
0.33%
Published
2003-08-18
Updated
2016-10-18
The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.45%
Published
2003-08-27
Updated
2017-10-11
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name.
Max CVSS
5.0
EPSS Score
0.41%
Published
2003-08-27
Updated
2017-10-11
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549.
Max CVSS
5.0
EPSS Score
0.41%
Published
2003-08-27
Updated
2017-10-11
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or (2) via a valid MAIL FROM with a RCPT TO containing a ".!" string, which causes an instance of the SMTP listener to lock up.
Max CVSS
5.0
EPSS Score
7.70%
Published
2003-08-27
Updated
2017-10-11
Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng parameters.
Max CVSS
3.6
EPSS Score
0.06%
Published
2003-08-18
Updated
2016-10-18
The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM using a long string to the java.io.getCanonicalPath Java method.
Max CVSS
5.0
EPSS Score
0.34%
Published
2003-08-27
Updated
2018-10-12
Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified.
Max CVSS
5.0
EPSS Score
0.29%
Published
2003-08-18
Updated
2016-10-18
Certain versions of Internet Explorer 5 and 6, in certain Windows environments, allow remote attackers to cause a denial of service (freeze) via a URL to C:\aux (MS-DOS device name) and possibly other devices.
Max CVSS
5.0
EPSS Score
2.70%
Published
2003-08-18
Updated
2021-07-23
The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL.
Max CVSS
5.0
EPSS Score
2.43%
Published
2003-08-27
Updated
2017-10-11