CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2003(Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2003-1564 189 DoS 2003-12-31 2008-10-24
9.3
Admin Remote Medium Not required Complete Complete Complete
libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, aka the "billion laughs attack."
2 CVE-2003-1563 DoS 2003-12-31 2008-09-05
4.0
None Local High Not required None None Complete
Sun Cluster 2.2 through 3.2 for Oracle Parallel Server / Real Application Clusters (OPS/RAC) allows local users to cause a denial of service (cluster node panic or abort) by launching a daemon listening on a TCP port that would otherwise be used by the Distributed Lock Manager (DLM), possibly involving this daemon responding in a manner that spoofs a cluster reconfiguration.
3 CVE-2003-1558 119 DoS Exec Code Overflow 2003-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to create a denial of service (crash) and possibly execute arbitrary code via a long CGI request passed to the do_cgi function.
4 CVE-2003-1544 DoS 2003-12-31 2008-09-05
6.8
None Remote Low Single system None None Complete
Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on msgina.dll, which prevents msgina.dll from being loaded.
5 CVE-2003-1527 DoS 2003-12-31 2008-09-05
4.3
None Remote Medium Not required None None Partial
BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.
6 CVE-2003-1518 119 DoS Overflow 2003-12-31 2008-09-05
7.8
None Remote Low Not required None None Complete
Adiscon WinSyslog 4.21 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a long syslog message.
7 CVE-2003-1515 264 DoS 2003-12-31 2008-09-05
7.8
None Remote Low Not required None None Complete
Origo ASR-8100 ADSL Router 3.21 has an administration service running on port 254 that does not require a password, which allows remote attackers to cause a denial of service by restoring the factory defaults.
8 CVE-2003-1514 119 DoS Overflow 2003-12-31 2008-09-05
7.8
None Remote Low Not required None None Complete
eMule 0.29c allows remote attackers to cause a denial of service (crash) via a long password, possibly due to a buffer overflow.
9 CVE-2003-1512 119 DoS Overflow 2003-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in mIRC 6.1 and 6.11 allows remote attackers to cause a denial of service (crash) via a long DCC SEND request.
10 CVE-2003-1510 DoS 2003-12-31 2008-09-05
7.8
None Remote Low Not required None None Complete
TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU consumption) via a ".%00." in an HTTP GET request to the cgi-bin directory.
11 CVE-2003-1508 119 DoS Overflow 2003-12-31 2008-09-05
4.3
None Remote Medium Not required None None Partial
Buffer overflow in mIRC 6.12, when the DCC get dialog window has been minimized and the user opens the minimized window, allows remote attackers to cause a denial of service (crash) via a long filename.
12 CVE-2003-1505 DoS 2003-12-31 2008-09-05
4.3
None Remote Medium Not required None None Partial
Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) by creating a web page or HTML e-mail with a textarea in a div element whose scrollbar-base-color is modified by a CSS style, which is then moved.
13 CVE-2003-1497 119 DoS Overflow 2003-12-31 2008-09-05
6.3
None Remote Medium Single system None None Complete
Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable.
14 CVE-2003-1495 264 DoS +Priv 2003-12-31 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the non-SSL web agent in various HP Management Agent products allows local users or remote attackers to gain privileges or cause a denial of service via unknown attack vectors.
15 CVE-2003-1494 399 DoS 2003-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (CPU consumption) via a crafted TCP packet.
16 CVE-2003-1493 DoS 2003-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Memory leak in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (memory exhaustion) via crafted TCP packets.
17 CVE-2003-1490 20 DoS Overflow 2003-12-31 2008-09-05
7.8
None Remote Low Not required None None Complete
SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service (device reset) via a long HTTP POST to the internal interface, possibly due to a buffer overflow.
18 CVE-2003-1484 119 DoS Overflow 2003-12-31 2008-09-05
4.3
None Remote Medium Not required None None Partial
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by creating a DHTML link that uses the AnchorClick "A" object with a blank href attribute.
19 CVE-2003-1478 119 DoS Overflow 2003-12-31 2008-09-05
4.3
None Remote Medium Not required None None Partial
Konqueror in KDE 3.0.3 allows remote attackers to cause a denial of service (core dump) via a web page that begins with a "xFFxFE" byte sequence and a large number of CRLF sequences, as demonstrated using freeze.htm.
20 CVE-2003-1477 119 DoS Overflow 2003-12-31 2008-09-05
7.8
None Remote Low Not required None None Complete
MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects."
21 CVE-2003-1472 119 DoS Exec Code Overflow 2003-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner.
22 CVE-2003-1471 20 DoS 2003-12-31 2008-09-05
6.3
None Remote Medium Single system None None Complete
MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service (crash) via a (1) DELE or (2) UIDL with a negative number.
23 CVE-2003-1470 119 DoS Exec Code Overflow 2003-12-31 2008-09-05
9.0
Admin Remote Low Single system Complete Complete Complete
Buffer overflow in IMAP service in MDaemon 6.7.5 and earlier allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a CREATE command with a long mailbox name.
24 CVE-2003-1464 119 DoS Overflow 2003-12-31 2008-09-05
7.8
None Remote Low Not required None None Complete
Buffer overflow in Siemens 45 series mobile phones allows remote attackers to cause a denial of service (disconnect and unavailable inbox) via a Short Message Service (SMS) message with a long image name.
25 CVE-2003-1462 DoS 2003-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
mod_survey 3.0.0 through 3.0.15-pre6 does not check whether a survey exists before creating a subdirectory for it, which allows remote attackers to cause a denial of service (disk consumption and possible crash).
26 CVE-2003-1450 20 DoS 2003-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
BitchX 75p3 and 1.0c16 through 1.0c20cvs allows remote attackers to cause a denial of service (segmentation fault) via a malformed RPL_NAMREPLY numeric 353 message.
27 CVE-2003-1448 399 DoS 2003-12-31 2008-09-05
7.8
None Remote Low Not required None None Complete
Memory leak in the Windows 2000 kernel allows remote attackers to cause a denial of service (SMB request hang) via a NetBIOS continuation packet.
28 CVE-2003-1445 119 DoS Exec Code Overflow 2003-12-31 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Stack-based buffer overflow in Far Manager 1.70beta1 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long pathname.
29 CVE-2003-1444 20 DoS 2003-12-31 2008-09-05
4.4
None Local Medium Not required Partial Partial Partial
Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname.
30 CVE-2003-1441 20 DoS 2003-12-31 2008-09-05
4.3
None Remote Medium Not required None None Partial
Posadis 0.50.4 through 0.50.8 allows remote attackers to cause a denial of service (crash) via a DNS message without a question section, which triggers null dereference.
31 CVE-2003-1440 20 DoS 2003-12-31 2008-09-05
4.3
None Remote Medium Not required None None Partial
SpamProbe 0.8a allows remote attackers to cause a denial of service (crash) via HTML e-mail with newline characters within an href tag, which is not properly handled by certain regular expressions.
32 CVE-2003-1432 189 DoS Exec Code 2003-12-31 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file.
33 CVE-2003-1431 119 DoS Overflow 2003-12-31 2008-09-05
7.1
None Remote Medium Not required None None Complete
Buffer overflow in Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (crash) via a long host string in the Unreal URL.
34 CVE-2003-1421 399 DoS 2003-12-31 2008-09-05
4.3
None Remote Medium Not required None None Partial
Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors.
35 CVE-2003-1419 20 DoS 2003-12-31 2008-09-05
4.3
None Remote Medium Not required None None Partial
Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function.
36 CVE-2003-1416 20 DoS 2003-12-31 2008-09-05
4.3
None Remote Medium Not required None None Partial
BisonFTP Server 4 release 2 allows remote attackers to cause a denial of service (CPU consumption) via a long (1) ls or (2) cwd command.
37 CVE-2003-1398 200 DoS +Info 2003-12-31 2008-09-05
9.3
None Remote Medium Not required Complete Complete Complete
Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification).
38 CVE-2003-1397 119 DoS Overflow 2003-12-31 2008-09-05
4.3
None Remote Medium Not required None None Partial
The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method.
39 CVE-2003-1396 119 DoS Exec Code Overflow 2003-12-31 2008-09-05
4.3
None Remote Medium Not required None None Partial
Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension.
40 CVE-2003-1395 119 DoS Exec Code Overflow 2003-12-31 2008-09-05
9.0
None Remote Low Not required Partial Partial Complete
Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a response to the ad server.
41 CVE-2003-1393 119 DoS Exec Code Overflow 2003-12-31 2008-09-05
8.5
None Remote Medium Single system Complete Complete Complete
Buffer overflow in Gupta SQLBase 8.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long EXECUTE command.
42 CVE-2003-1369 119 DoS Exec Code Overflow 2003-12-31 2008-09-05
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in ByteCatcher FTP client 1.04b allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner.
43 CVE-2003-1368 119 DoS Exec Code Overflow 2003-12-31 2008-09-05
6.4
None Remote Low Not required None Partial Partial
Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner.
44 CVE-2003-1364 20 DoS 2003-12-31 2008-09-05
8.5
None Remote Low Not required None Partial Complete
Aprelium Technologies Abyss Web Server 1.1.2, and possibly other versions before 1.1.4, allows remote attackers to cause a denial of service (crash) via an HTTP GET message with empty (1) Connection or (2) Range fields.
45 CVE-2003-1356 264 DoS 2003-12-31 2009-03-04
7.2
Admin Local Low Not required Complete Complete Complete
The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors.
46 CVE-2003-1355 119 DoS Exec Code Overflow 2003-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long user name and password.
47 CVE-2003-1342 399 DoS 2003-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a denial of service (memory consumption) in IIS via multiple URL requests for ActiveSupport.exe.
48 CVE-2003-1339 119 1 DoS Exec Code Overflow 2003-12-31 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and (2) a long operation or autologin parameter to SwEzModule.dll.
49 CVE-2003-1329 DoS 2003-12-31 2008-09-05
7.8
None Remote Low Not required None None Complete
ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service.
50 CVE-2003-1325 1 DoS 2003-12-31 2008-09-05
5.2
None Local Network Medium Single system None None Complete
The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a certain connection string to UDP port 27015 that represents "absence of player informations," a related issue to CVE-2006-0734.
Total number of vulnerabilities : 381   Page : 1 (This Page)2 3 4 5 6 7 8
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.