CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In February 2006(Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2006-0935 DoS 2006-02-28 2008-09-05
2.6
None Remote High Not required None None Partial
Microsoft Word 2003 allows remote attackers to cause a denial of service (application crash) via a crafted file, as demonstrated by 101_filefuzz.
2 CVE-2006-0925 DoS 2006-02-28 2017-07-19
5.0
None Remote Low Not required None None Partial
Format string vulnerability in the IMAP4rev1 server in Alt-N MDaemon 8.1.1 and possibly 8.1.4 allows remote attackers to cause a denial of service (CPU consumption) by creating and then listing folders whose names contain format string specifiers.
3 CVE-2006-0912 DoS 2006-02-28 2008-09-05
5.0
None Remote Low Not required None None Partial
Oreka before 0.5 allows remote attackers to cause a denial of service (application crash) via a "certain RTP sequence."
4 CVE-2006-0911 399 DoS 2006-02-28 2018-10-18
5.0
None Remote Low Not required None None Partial
NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service (CPU consumption) via crafted requests to Login.asp, possibly involving the (1) "In]" and (2) "b;tnLogIn" parameters, or (3) malformed btnLogIn parameters, possibly involving missing "[" (open bracket) or "[" (closing bracket) characters, as demonstrated by "&btnLogIn=[Log&In]=&" or "&b;tnLogIn=[Log&In]=&" in the URL. NOTE: due to the lack of diagnosis by the original researcher, the precise nature of the vulnerability is unclear.
5 CVE-2006-0901 DoS Exec Code 2006-02-27 2018-10-30
7.2
Admin Local Low Not required Complete Complete Complete
Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attackers to cause a denial of service (panic) or execute arbitrary code.
6 CVE-2006-0900 DoS 2006-02-27 2017-07-19
7.8
None Remote Low Not required None None Complete
nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial of service via a crafted NFS mount request, as demonstrated by the ProtoVer NFS test suite.
7 CVE-2006-0888 DoS 2006-02-25 2017-10-18
2.6
None Remote High Not required None None Partial
index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation disabled, allows remote attackers to cause an unspecified denial of service by registering a large number of users.
8 CVE-2006-0876 DoS 2006-02-24 2008-09-05
5.0
None Remote Low Not required None None Partial
POPFile before 0.22.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving character sets within e-mail messages.
9 CVE-2006-0867 DoS Overflow 2006-02-23 2018-10-18
5.0
None Remote Low Not required None None Partial
Buffer overflow in certain versions of South River (aka SRT) WebDrive, possibly version 6.08 build 1131 and version 8, allows remote attackers to cause a denial of service (application crash and persistent erratic behavior) via a long string in the name entry field.
10 CVE-2006-0865 DoS 2006-02-23 2018-10-18
5.0
None Remote Low Not required None None Partial
PunBB 1.2.10 and earlier allows remote attackers to cause a denial of service (resource consumption) by registering many user accounts quickly.
11 CVE-2006-0853 DoS Exec Code Overflow 2006-02-22 2018-10-18
6.5
User Remote Low Single system Partial Partial Partial
Buffer overflow in the IMAP service of TrueNorth Internet Anywhere (IA) eMailserver 5.3.4 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long SEARCH argument.
12 CVE-2006-0836 DoS 2006-02-21 2018-10-18
2.6
None Remote High Not required None None Partial
Mozilla Thunderbird 1.5 allows user-assisted attackers to cause an unspecified denial of service by tricking the user into importing an LDIF file with a long field into the address book, as demonstrated by a long homePhone field.
13 CVE-2006-0835 DoS Sql 2006-02-21 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in dropbase.php in MitriDAT Web Calendar Pro allows remote attackers to modify internal SQL queries and cause a denial of service (inaccessible database) via the tabls parameter.
14 CVE-2006-0830 DoS Exec Code 2006-02-21 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
The scripting engine in Internet Explorer allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary code via a web page that contains a recurrent call to an infinite loop in Javascript or VBscript, which consumes the stack, as demonstrated by resetting the "location" variable within the loop.
15 CVE-2006-0826 DoS 2006-02-21 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to cause a denial of service via a crafted Postscript request.
16 CVE-2006-0822 DoS 2006-02-21 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in EmuLinker Kaillera Server before 0.99.17 allows remote attackers to cause a denial of service (probably resource consumption) via a crafted packet that causes a "ghost game" to be left on the server.
17 CVE-2006-0808 DoS +Info 2006-02-20 2017-07-19
6.4
None Remote Low Not required Partial None Partial
MUTE 0.4 allows remote attackers to cause a denial of service (messages not forwarded) and obtain sensitive information about a target by filling a client's mWebCache cache with malicious "zombie" nodes.
18 CVE-2006-0797 DoS Overflow 2006-02-19 2017-07-19
7.8
None Remote Low Not required None None Complete
Nokia N70 cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual length of the packet, possibly triggering a buffer overflow, as demonstrated using the Bluetooth Stack Smasher (BSS).
19 CVE-2006-0790 DoS 2006-02-19 2017-07-19
5.0
None Remote Low Not required None None Partial
Rockliffe MailSite 7.0 and earlier allows remote attackers to cause a denial of service by sending crafted LDAP packets to port 389/TCP, as demonstrated by the ProtoVer LDAP testsuite.
20 CVE-2006-0784 DoS 2006-02-19 2018-10-18
5.0
None Remote Low Not required None None Partial
D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the crash due to missing arguments.
21 CVE-2006-0771 134 DoS Exec Code 2006-02-18 2018-10-19
6.4
None Remote Low Not required None Partial Partial
Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and possibly other games, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in invalid cvar values, which are not properly handled when the server kicks the player and records the reason.
22 CVE-2006-0768 DoS 2006-02-18 2018-10-19
5.0
None Remote Low Not required None None Partial
Kadu 0.4.3 allows remote attackers to cause a denial of service (application crash) via a large number of image send requests.
23 CVE-2006-0753 DoS 2006-02-17 2018-10-19
2.6
None Remote High Not required None None Partial
Memory leak in Microsoft Internet Explorer 6 for Windows XP Service Pack 2 allows remote attackers to cause a denial of service (memory consumption) via JavaScript that uses setInterval to repeatedly call a function to set the value of window.status.
24 CVE-2006-0739 DoS 2006-02-16 2018-10-19
5.0
None Remote Low Not required None None Partial
eStara SIP softphone allows remote attackers to cause a denial of service (crash) via an INVITE request with a Content-Length field that has more than 9 digits.
25 CVE-2006-0738 DoS 2006-02-16 2018-10-19
5.0
None Remote Low Not required None None Partial
Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service (hang) via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using (1) the field name, (2) the o field (owner/creator and session identifier), or (3) the m field (media name and transport address).
26 CVE-2006-0737 DoS 2006-02-16 2018-10-19
5.0
None Remote Low Not required None None Partial
eStara SIP softphone allows remote attackers to cause a denial of service (crash) via a SIP OPTIONS request with a negative Expires field.
27 CVE-2006-0734 119 DoS Overflow 2006-02-16 2017-07-19
4.0
None Remote Low Single system None None Partial
The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.6 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a backslash character at the end of a connection string to UDP port 27015.
28 CVE-2006-0730 119 DoS Overflow 2006-02-16 2017-07-19
5.0
None Remote Low Not required None None Partial
Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
29 CVE-2006-0720 DoS Exec Code Overflow 2006-02-23 2018-10-19
7.6
Admin Remote High Not required Complete Complete Complete
Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the player pauses or stops the file.
30 CVE-2006-0718 DoS 2006-02-15 2008-09-05
5.0
None Remote Low Not required None None Partial
The Internet Key Exchange version 1 (IKEv1) implementation in Avaya VSU 100, 2000, 7500, 10000, and CSU 5000, when running IPSec, allows remote attackers to cause a denial of service (crash) via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
31 CVE-2006-0717 DoS 2006-02-15 2017-07-19
5.0
None Remote Low Not required None None Partial
IBM Tivoli Directory Server 6.0 allows remote attackers to cause a denial of service (crash) via a crafted LDAP request, as demonstrated by test 2532 in the ProtoVer Sample LDAP test suite.
32 CVE-2006-0709 DoS Exec Code Overflow 2006-02-15 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105.
33 CVE-2006-0678 DoS 2006-02-14 2018-10-19
1.5
None Local Medium Single system None None Partial
PostgreSQL 7.3.x before 7.3.14, 7.4.x before 7.4.12, 8.0.x before 8.0.7, and 8.1.x before 8.1.3, when compiled with Asserts enabled, allows local users to cause a denial of service (server crash) via a crafted SET SESSION AUTHORIZATION command, a different vulnerability than CVE-2006-0553.
34 CVE-2006-0677 DoS 2006-02-14 2018-10-19
7.8
None Remote Low Not required None None Complete
telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference.
35 CVE-2006-0674 DoS Overflow 2006-02-13 2017-07-19
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in the arp command of IBM AIX 5.3 L, 5.3, 5.2.2, 5.2 L, and 5.2 allows local users to cause a denial of service (crash) via a long iftype argument.
36 CVE-2006-0671 DoS Overflow 2006-02-13 2017-07-19
7.8
None Remote Low Not required None None Complete
Buffer overflow in Sony Ericsson K600i, V600i, W800i, and T68i cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual length of the packet.
37 CVE-2006-0670 DoS Overflow 2006-02-13 2018-10-19
5.0
None Remote Low Not required None None Partial
Buffer overflow in l2cap.c in hcidump 1.29 allows remote attackers to cause a denial of service (crash) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet.
38 CVE-2006-0666 DoS 2006-02-15 2017-07-19
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in the (1) unix_mp and (2) unix_64 kernels in IBM AIX 5.3 VRMF 5.3.0.30 through 5.3.0.33 allows local users to cause a denial of service (system crash) via unknown vectors related to EMULATE_VMX.
39 CVE-2006-0647 DoS 2006-02-13 2017-07-19
5.0
None Remote Low Not required None None Partial
LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attackers to cause a denial of service (memory allocation error) via an LDAP packet with a crafted subtree search request, as demonstrated using the ProtoVer LDAP test suite.
40 CVE-2006-0629 DoS Exec Code Overflow 2006-02-10 2018-10-19
5.1
User Remote High Not required Partial Partial Partial
Unspecified vulnerability in AOL Instant Messenger (AIM) 5.9.3861 allows user-assisted remote attackers to cause a denial of service (client crash) and possibly execute arbitrary code by tricking the user into requesting Buddy Info about a long screen name, which might cause a buffer overflow.
41 CVE-2006-0622 399 DoS 2006-02-08 2017-07-19
4.9
None Local Low Not required None None Complete
QNX Neutrino RTOS 6.3.0 allows local users to cause a denial of service (hang) by supplying a "break *0xb032d59f" command to gdb.
42 CVE-2006-0600 DoS 2006-02-13 2017-07-19
5.0
None Remote Low Not required None None Partial
elog before 2.5.7 r1558-4 allows remote attackers to cause a denial of service (infinite redirection) via a request with the fail parameter set to 1, which redirects to the same request.
43 CVE-2006-0597 DoS Exec Code Overflow 2006-02-13 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Multiple stack-based buffer overflows in elogd.c in elog before 2.5.7 r1558-4 allow attackers to cause a denial of service (application crash) and possibly execute code via long "revision attributes".
44 CVE-2006-0585 DoS 2006-02-07 2018-10-19
5.0
None Remote Low Not required None None Partial
jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a denial of service (application crash) via a Shockwave Flash object that contains ActionScript code that calls VBScript, which in turn calls the Javascript document.write function, which triggers a null dereference.
45 CVE-2006-0580 DoS 2006-02-07 2017-07-19
5.0
None Remote Low Not required None None Partial
IBM Lotus Domino Server 7.0 allows remote attackers to cause a denial of service (segmentation fault) via a crafted packet to the LDAP port (389/TCP).
46 CVE-2006-0566 DoS 2006-02-06 2018-10-19
5.0
None Remote Low Not required None None Partial
The LDAP component in CommuniGate Pro Core Server 5.0.7 allows remote attackers to cause a denial of service (application crash) via LDAP messages that contain Distinguished Names (DN) fields with a large number of elements.
47 CVE-2006-0550 DoS Exec Code Overflow 2006-02-03 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in an unspecified Oracle Client utility might allow remote attackers to execute arbitrary code or cause a denial of service. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created since it cannot be conclusively proven that this issue has been addressed by Oracle. It is possible that this is the same issue as Oracle Vuln# DBC02 from the January 2006 CPU, in which case this would be a duplicate of CVE-2006-0283. However, there are enough inconsistencies that the mapping can not be made authoritatively.
48 CVE-2006-0544 DoS Exec Code 2006-02-03 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0) allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a BGSOUND element with its SRC attribute set to "file://" followed by a large number of "-" (dash of hyphen) characters.
49 CVE-2006-0543 DoS 2006-02-03 2008-09-05
5.0
None Remote Low Not required None None Partial
Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial of service (client crash) via an AIM message containing the Mac encoded Rich Text Format (RTF) escape sequences (1) \'d1, (2) \'d2, (3) \'d3, (4) \'d4, and (5) \'d5. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
50 CVE-2006-0538 DoS 2006-02-03 2018-10-19
2.6
None Remote High Not required None None Partial
CipherTrust IronMail 5.0.1, when "Denial of Service Protection" is enabled, allows remote attackers to cause a denial of service (possibly CPU consumption) via a SYN flood with malformed TCP packets from multiple connections.
Total number of vulnerabilities : 71   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.