GNU : Security Vulnerabilities, CVEs, (Denial of service)
Land IP denial of service.
Max CVSS
5.0
EPSS Score
0.15%
Published
1997-12-01
Updated
2008-09-09
Denial of service of inetd on Linux through SYN and RST packets.
Max CVSS
5.0
EPSS Score
0.22%
Published
1997-11-01
Updated
2022-08-17
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.
Max CVSS
7.5
EPSS Score
3.66%
Published
2002-03-04
Updated
2018-10-30
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.
Max CVSS
5.0
EPSS Score
0.36%
Published
2002-03-04
Updated
2018-10-30
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash).
Max CVSS
5.0
EPSS Score
9.78%
Published
2002-10-11
Updated
2008-09-10
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
Max CVSS
5.0
EPSS Score
2.88%
Published
2002-11-12
Updated
2017-10-10
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.
Max CVSS
5.0
EPSS Score
1.77%
Published
2003-12-15
Updated
2016-10-18
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.
Max CVSS
5.0
EPSS Score
0.65%
Published
2003-11-17
Updated
2008-09-10
Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
Max CVSS
2.1
EPSS Score
0.04%
Published
2003-12-15
Updated
2017-10-11
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
Max CVSS
4.9
EPSS Score
0.04%
Published
2003-12-15
Updated
2017-10-11
Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitrary code during key retrieval.
Max CVSS
7.5
EPSS Score
3.47%
Published
2004-01-05
Updated
2017-07-11
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
Max CVSS
5.0
EPSS Score
1.51%
Published
2004-03-03
Updated
2017-10-10
The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference.
Max CVSS
5.0
EPSS Score
2.52%
Published
2004-03-03
Updated
2017-10-10
Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field.
Max CVSS
5.0
EPSS Score
0.22%
Published
2004-06-01
Updated
2008-09-05
The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service (server crash) via malformed SNMP messages containing an invalid OID.
Max CVSS
5.0
EPSS Score
0.93%
Published
2004-12-06
Updated
2017-07-11
Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests.
Max CVSS
5.0
EPSS Score
0.75%
Published
2004-12-23
Updated
2017-07-11
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).
Max CVSS
5.0
EPSS Score
2.33%
Published
2004-12-31
Updated
2018-10-19
The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash).
Max CVSS
5.0
EPSS Score
1.45%
Published
2004-08-09
Updated
2017-07-11
Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a vulnerability unless there are plausible scenarios under which privilege boundaries could be crossed
Max CVSS
6.4
EPSS Score
0.17%
Published
2004-12-31
Updated
2024-04-11
Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an "infinite" Unique IDentification Listing (UIDL) list.
Max CVSS
5.0
EPSS Score
1.57%
Published
2004-12-31
Updated
2017-07-11
Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code.
Max CVSS
7.5
EPSS Score
0.86%
Published
2004-12-31
Updated
2017-07-11
X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys.
Max CVSS
7.8
EPSS Score
1.88%
Published
2004-12-31
Updated
2017-07-11
The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c.
Max CVSS
5.0
EPSS Score
2.69%
Published
2005-05-03
Updated
2017-10-11
The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETCH command.
Max CVSS
5.0
EPSS Score
1.45%
Published
2005-05-26
Updated
2008-09-05
Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash).
Max CVSS
5.0
EPSS Score
91.00%
Published
2005-11-16
Updated
2017-10-11