SGI : Security Vulnerabilities, CVEs, (Denial of service)
CVE-2002-1318
Public exploit
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.
Max CVSS
10.0
EPSS Score
14.54%
Published
2002-12-11
Updated
2018-05-03
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
Max CVSS
10.0
EPSS Score
0.67%
Published
2004-08-18
Updated
2017-07-11
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
Max CVSS
10.0
EPSS Score
1.63%
Published
2004-08-06
Updated
2018-05-03
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied.
Max CVSS
10.0
EPSS Score
1.23%
Published
2004-08-06
Updated
2021-06-06
Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Max CVSS
10.0
EPSS Score
3.27%
Published
2004-08-18
Updated
2017-10-11
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
Max CVSS
10.0
EPSS Score
0.61%
Published
2005-12-31
Updated
2018-10-19
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.
Max CVSS
7.6
EPSS Score
16.92%
Published
2007-09-18
Updated
2018-10-15
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
Max CVSS
7.5
EPSS Score
13.89%
Published
2002-12-11
Updated
2018-10-30
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
Max CVSS
7.5
EPSS Score
0.57%
Published
2004-11-23
Updated
2023-12-28
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-07-07
Updated
2018-05-03
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
Max CVSS
7.1
EPSS Score
1.37%
Published
2004-12-31
Updated
2017-07-11
nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attackers to view files and cause a possible denial of service by mounting the nsd virtual file system.
Max CVSS
6.4
EPSS Score
5.12%
Published
1999-05-31
Updated
2017-12-19
Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1.
Max CVSS
5.0
EPSS Score
0.24%
Published
1997-07-01
Updated
2022-08-17
Buffer overflow in OSF Distributed Computing Environment (DCE) security demon (secd) in IRIX 6.4 and earlier allows attackers to cause a denial of service via a long principal, group, or organization.
Max CVSS
5.0
EPSS Score
0.35%
Published
1997-10-24
Updated
2017-10-10
Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.
Max CVSS
5.0
EPSS Score
2.87%
Published
2001-08-31
Updated
2017-10-10
SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay.
Max CVSS
5.0
EPSS Score
0.94%
Published
2001-12-06
Updated
2017-10-10
Vulnerability in the cache-limiting function of the unified name service daemon (nsd) in IRIX 6.5.4 through 6.5.11 allows remote attackers to cause a denial of service by forcing the cache to fill the disk.
Max CVSS
5.0
EPSS Score
1.30%
Published
2002-01-31
Updated
2017-10-10
rpcbind in SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via malformed RPC packets with invalid lengths.
Max CVSS
5.0
EPSS Score
0.21%
Published
2002-03-28
Updated
2008-09-05
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
Max CVSS
5.0
EPSS Score
2.88%
Published
2002-11-12
Updated
2017-10-10
The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP port scan.
Max CVSS
5.0
EPSS Score
0.16%
Published
2003-08-18
Updated
2008-09-05
The IPv6 capability in IRIX 6.5.19 allows remote attackers to cause a denial of service (hang) in inetd via port scanning.
Max CVSS
5.0
EPSS Score
1.04%
Published
2003-08-07
Updated
2017-07-11
Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows attackers to cause a denial of service (memory consumption).
Max CVSS
5.0
EPSS Score
0.28%
Published
2003-08-18
Updated
2017-07-11
Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6.5.19f and earlier allows remote attackers to cause a denial of service (kernel panic) via certain packets that cause XDR decoding errors, a different vulnerability than CVE-2003-0619.
Max CVSS
5.0
EPSS Score
0.33%
Published
2003-08-27
Updated
2008-09-10
The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.
Max CVSS
5.0
EPSS Score
9.64%
Published
2003-10-20
Updated
2018-05-03
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.
Max CVSS
5.0
EPSS Score
1.77%
Published
2003-12-15
Updated
2016-10-18