The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service (system panic) via crafted values in the TCP timestamp option, which causes invalid arguments to be used when calculating the retransmit timeout.
Max CVSS
5.0
EPSS Score
4.44%
Published
2005-01-13
Updated
2008-09-05
WarFTPD 1.82 RC9, when running as an NT service, allows remote authenticated users to cause a denial of service (access violation) via a CWD command with a crafted pathname, as demonstrated using a large string of "%s" sequences, possibly indicating a format string vulnerability.
Max CVSS
2.1
EPSS Score
0.34%
Published
2005-01-27
Updated
2017-07-11
minis.php in Minis 0.2.1 allows remote attackers to cause a denial of service (infinite loop) via an HTTP request for a file that the web server does not have permission to read, as demonstrated using the month parameter.
Max CVSS
5.0
EPSS Score
1.48%
Published
2005-01-16
Updated
2017-07-11
Format string vulnerability in Soldner Secret Wars 30830 and earlier allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in a message.
Max CVSS
7.5
EPSS Score
10.39%
Published
2005-01-04
Updated
2017-07-11
Unknown vulnerability in HP-UX B.11.04 running Virtualvault 4.5 through 4.7, when running the TGA daemon, allows remote attackers to cause a denial of service via certain network traffic.
Max CVSS
5.0
EPSS Score
0.39%
Published
2005-01-31
Updated
2016-10-18
Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port.
Max CVSS
5.0
EPSS Score
1.79%
Published
2005-01-19
Updated
2017-10-11
Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument.
Max CVSS
5.0
EPSS Score
0.24%
Published
2005-01-11
Updated
2017-07-11
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.
Max CVSS
5.0
EPSS Score
90.57%
Published
2005-01-11
Updated
2017-10-11
Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption).
Max CVSS
5.0
EPSS Score
6.19%
Published
2005-01-25
Updated
2017-10-11
The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers.
Max CVSS
5.0
EPSS Score
96.98%
Published
2005-01-15
Updated
2017-10-11
Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.
Max CVSS
5.0
EPSS Score
92.93%
Published
2005-01-15
Updated
2017-10-11
A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecurity for Exchange 8, which causes emails to remain in IIS or Exchange mail queues.
Max CVSS
10.0
EPSS Score
0.79%
Published
2005-01-03
Updated
2008-09-05
Integer overflow in the real_setup_and_get_header function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 content-length field, which leads to a heap-based buffer overflow.
Max CVSS
10.0
EPSS Score
4.00%
Published
2005-01-10
Updated
2017-07-11
The slip_down function in slip.c for the uml_net program in uml-utilities 20030903, when uml_net is installed setuid root, does not verify whether the calling user has sufficient permission to disable an interface, which allows local users to cause a denial of service (network service disabled).
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-01-10
Updated
2017-07-11
Integer overflow in Gadu-Gadu allows remote attackers to cause a denial of service (disk consumption) via a user packet to the DCC file transfer capability with an invalid file length.
Max CVSS
5.0
EPSS Score
1.12%
Published
2005-01-10
Updated
2017-07-11
The install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not removed after installation, which allows attackers to obtain the MySQL administrative password in cleartext from an installation form, or to cause a denial of service by changing database settings to the default.
Max CVSS
6.4
EPSS Score
0.31%
Published
2005-01-10
Updated
2017-07-11
Battlefield 1942 1.6.19 and earlier, and Battlefield Vietnam 1.2 and earlier, allows a remote master server to cause a denial of service (client crash) via a server reply that contains a large numplayers value, which triggers a null dereference.
Max CVSS
5.0
EPSS Score
1.19%
Published
2005-01-10
Updated
2017-07-11
Remote Execute 2.30 allows remote attackers to cause a denial of service (application crash) by making 7 simultaneous connections.
Max CVSS
5.0
EPSS Score
1.18%
Published
2005-01-10
Updated
2017-07-11
The scripts that handle players in Kreed 1.05 and earlier allow remote attackers to cause a denial of service (server freeze) via a long (1) nickname or (2) model type, which generates dialog boxes on the server that must be manually handled before the server continues the game.
Max CVSS
5.0
EPSS Score
1.21%
Published
2005-01-10
Updated
2017-07-11
Kreed 1.05 and earlier allows remote attackers to cause a denial of service (server disconnect) via a long UDP packet, which causes a "message too long" socket error.
Max CVSS
5.0
EPSS Score
1.21%
Published
2005-01-10
Updated
2017-07-11

CVE-2004-1211

Public exploit
Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands.
Max CVSS
10.0
EPSS Score
96.37%
Published
2005-01-10
Updated
2017-07-11
Buffer overflow in Orbz 2.10 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long password field in a join request.
Max CVSS
10.0
EPSS Score
3.76%
Published
2005-01-10
Updated
2017-07-11
The Serious engine, as used in (1) Alpha Black Zero Intrepid Protocol 1.04 and earlier, (2) Nitro family, and (3) Serious Sam Second Encounter 1.07 allows remote attackers to cause a denial of service (server crash) via a large number of UDP join requests that exceeds the maximum player limit, as originally reported for Alpha Black Zero.
Max CVSS
5.0
EPSS Score
8.76%
Published
2005-01-10
Updated
2017-07-11
FluxBox 0.9.10 and earlier versions allows local users to cause a denial of service (application crash) by calling Xman with a long -title value, possibly triggering a buffer overflow.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-01-10
Updated
2017-07-11
Opera 7.54 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.
Max CVSS
5.0
EPSS Score
0.43%
Published
2005-01-10
Updated
2022-02-28
71 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!