CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In April 2006(Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2006-2108 119 DoS Overflow 2006-04-29 2019-10-10
7.8
None Remote Low Not required None None Complete
parser.exe in Oc? (OCE) 3121/3122 Printer allows remote attackers to cause a denial of service (crash or reboot) via a long request, possibly triggering a buffer overflow.
2 CVE-2006-2107 DoS Exec Code Overflow 2006-04-29 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in BL4 SMTP Server 0.1.4 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the (1) EHLO, (2) MAIL FROM, and (3) RCPT TO commands.
3 CVE-2006-2095 264 DoS 2006-04-29 2017-07-19
5.0
None Remote Low Not required None None Partial
Phex before 2.8.6 allows remote attackers to cause a denial of service (application hang) by initiating multiple chat requests to a single user and then logging off.
4 CVE-2006-2093 399 DoS 2006-04-29 2018-10-18
2.6
None Remote High Not required None None Partial
Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of service (memory consumption) via a NASL script that calls split with an invalid sep parameter. NOTE: a design goal of the NASL language is to facilitate sharing of security tests by guaranteeing that a script "can not do anything nasty." This issue is appropriate for CVE only if Nessus users have an expectation that a split statement will not use excessive memory.
5 CVE-2006-2092 DoS 2006-04-29 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in HP StorageWorks Secure Path for Windows 4.0C-SP2 before 20060419 allows remote attackers to cause an unspecified denial of service via unknown vectors.
6 CVE-2006-2087 DoS 2006-04-29 2017-07-19
5.0
None Remote Low Not required None None Partial
The Gmax Mail client in Hitachi Groupmax before 20060426 allows remote attackers to cause a denial of service (application hang or erroneous behavior) via an attachment with an MS-DOS device filename.
7 CVE-2006-2078 DoS 2006-04-27 2017-07-19
7.8
None Remote Low Not required None None Complete
Multiple unspecified vulnerabilities in multiple FITELnet products, including FITELnet-F40, F80, F100, F120, F1000, and E20/E30, allow remote attackers to cause a denial of service via crafted DNS messages that trigger errors in (1) ProxyDNS or (2) PKI-Resolver, as demonstrated by the OUSPG PROTOS DNS test suite.
8 CVE-2006-2076 DoS 2006-04-27 2017-07-19
5.0
None Remote Low Not required None None Partial
Memory leak in Paul Rombouts pdnsd before 1.2.4 allows remote attackers to cause a denial of service (memory consumption) via a DNS query with an unsupported (1) QTYPE or (2) QCLASS, as demonstrated by the OUSPG PROTOS DNS test suite.
9 CVE-2006-2075 DoS 2006-04-27 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers to cause a denial of service via a crafted DNS message, aka "Query-of-death," as demonstrated by the OUSPG PROTOS DNS test suite.
10 CVE-2006-2073 DoS 2006-04-27 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite.
11 CVE-2006-2072 DoS 2006-04-27 2017-07-19
5.0
None Remote Low Not required None None Partial
Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer over-read or (2) infinite recursion, which can trigger a segmentation fault or invalid memory access, as demonstrated by the OUSPG PROTOS DNS test suite.
12 CVE-2006-2069 399 DoS 2006-04-27 2017-07-19
5.0
None Remote Low Not required None None Partial
The recursor in PowerDNS before 3.0.1 allows remote attackers to cause a denial of service (application crash) via malformed EDNS0 packets.
13 CVE-2006-2068 DoS 2006-04-27 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Hitachi JP1 products allow remote attackers to cause a denial of service (application stop or fail) via unexpected requests or data.
14 CVE-2006-2064 DoS +Priv 2006-04-27 2017-07-19
4.6
User Local Low Not required Partial Partial Partial
Unspecified vulnerability in the libpkcs11 library in Sun Solaris 10 might allow local users to gain privileges or cause a denial of service (application failure) via unknown attack vectors that involve the getpwnam family of non-reentrant functions.
15 CVE-2006-2054 DoS 2006-04-26 2017-07-19
5.0
None Remote Low Not required None None Partial
3Com Baseline Switch 2848-SFP Plus Model #3C16486 with firmware before 1.0.2.0 allows remote attackers to cause a denial of service (unstable operation) via long DHCP packets.
16 CVE-2006-2030 DoS 2006-04-25 2018-10-18
5.0
None Remote Low Not required None None Partial
The Allied Telesyn AT-9724TS switch allows remote attackers to cause a denial of service via a large amount of UDP data to the switch, which leads to unstable operation and possibly failure of the management interface or routing.
17 CVE-2006-2026 119 DoS Exec Code Overflow 2006-04-25 2018-10-03
6.5
User Remote Low Single system Partial Partial Partial
Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions."
18 CVE-2006-2025 DoS Exec Code Overflow 2006-04-25 2018-10-03
6.5
User Remote Low Single system Partial Partial Partial
Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image.
19 CVE-2006-2024 DoS 2006-04-25 2018-10-03
4.0
None Remote Low Single system None None Partial
Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (b) tif_lzw.c, (c) tif_pixarlog.c, and (d) tif_zip.c; (3) and improper restoration of setfield and getfield methods in cleanup functions within (e) tif_jpeg.c, tif_pixarlog.c, (f) tif_fax3.c, and tif_zip.c.
20 CVE-2006-2023 DoS Overflow 2006-04-25 2018-10-18
5.0
None Remote Low Not required None None Partial
Integer overflow in the RTSP_msg_len function in rtsp/RTSP_msg_len.c in Fenice 1.10 and earlier allows remote attackers to cause a denial of service (application crash) via a large HTTP Content-Length value, which leads to an invalid memory access.
21 CVE-2006-2019 DoS 2006-04-25 2018-10-18
5.0
None Remote Low Not required None None Partial
Apple Mac OS X Safari 2.0.3, 1.3.1, and possibly other versions allows remote attackers to cause a denial of service (CPU consumption and crash) via a TD element with a large number in the rowspan attribute.
22 CVE-2006-2017 DoS 2006-04-25 2017-07-19
5.0
None Remote Low Not required None None Partial
Dnsmasq 2.29 allows remote attackers to cause a denial of service (application crash) via a DHCP client broadcast reply request.
23 CVE-2006-2012 DoS 2006-04-25 2018-10-18
5.0
None Remote Low Not required None None Partial
Format string vulnerability in Skulltag 0.96f and earlier allows remote attackers to cause a denial of service via the version string.
24 CVE-2006-1999 DoS 2006-04-25 2018-10-18
5.0
None Remote Low Not required None None Partial
The multiplayer menu in OpenTTD 0.4.7 allows remote attackers to cause a denial of service via a UDP packet with an incorrect size, which causes the client to return to the main menu.
25 CVE-2006-1998 DoS 2006-04-25 2018-10-18
2.1
None Local Low Not required None None Partial
OpenTTD 0.4.7 and earlier allows local users to cause a denial of service (application exit) via a large invalid error number, which triggers an error.
26 CVE-2006-1993 399 DoS Exec Code Overflow 2006-04-25 2018-10-18
5.1
User Remote High Not required Partial Partial Partial
Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim.
27 CVE-2006-1992 399 DoS Exec Code 2006-04-24 2018-10-18
2.6
None Remote High Not required None None Partial
mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of code execution was originally theorized, but Microsoft has stated that this issue is non-exploitable.
28 CVE-2006-1991 399 DoS 2006-04-24 2017-07-19
6.4
None Remote Low Not required None Partial Partial
The substr_compare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service (memory access violation) via an out-of-bounds offset argument.
29 CVE-2006-1988 DoS 2006-04-21 2017-07-19
5.0
None Remote Low Not required None None Partial
The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function in Apple Safari 2.0.3 allows remote attackers to cause a denial of service (application crash) via an HTML LI tag with a large VALUE attribute (list item number), which triggers a null dereference in QPainter::drawText, probably due to a failed memory allocation that uses the VALUE.
30 CVE-2006-1987 DoS Exec Code 2006-04-21 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag, possibly due to (1) multiple SCROLLING attributes with no values, or (2) a SRC attribute with no value. NOTE: due to lack of diagnosis by the researcher, it is unclear which vector is responsible.
31 CVE-2006-1986 DoS Exec Code 2006-04-21 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via a large CELLSPACING attribute in a TABLE tag, which triggers an error in KWQListIteratorImpl::KWQListIteratorImpl.
32 CVE-2006-1984 DoS 2006-04-21 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X 10.4.6 and earlier, as used in applications that use ImageIO or AppKit, allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a null dereference.
33 CVE-2006-1983 119 DoS Exec Code Overflow 2006-04-21 2017-07-19
6.4
None Remote Low Not required None Partial Partial
Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family.
34 CVE-2006-1973 DoS 2006-04-21 2017-07-19
5.0
None Remote Low Not required None None Partial
Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router allow remote attackers to cause a denial of service via malformed Session Initiation Protocol (SIP) messages.
35 CVE-2006-1966 DoS 2006-04-21 2018-10-18
5.0
None Remote Low Not required None None Partial
An unspecified Fortinet product, possibly Fortinet28, allows remote attackers to cause a denial of service via a "small synflood" to the SMTP port (TCP port 25), as demonstrated by a 10-microsecond wait between sending packets. NOTE: this issue has been disputed in followup posts that suggest that a protection feature is triggering a RST.
36 CVE-2006-1957 20 DoS 2006-04-21 2018-10-18
5.0
None Remote Low Not required None None Partial
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to cause a denial of service (disk consumption and possibly web-server outage) via multiple requests with different values of the feed parameter.
37 CVE-2006-1941 DoS 2006-04-20 2018-10-18
5.0
None Remote Low Not required None None Partial
Neon Responder 5.4 for LANsurveyor allows remote attackers to cause a denial of service (application outage) via a crafted Clock Synchronisation packet that triggers an access violation.
38 CVE-2006-1940 DoS 2006-04-25 2017-10-10
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Ethereal 0.10.4 up to 0.10.14 allows remote attackers to cause a denial of service (abort) via the SNDCP dissector.
39 CVE-2006-1939 DoS 2006-04-25 2017-10-10
5.0
None Remote Low Not required None None Partial
Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) an invalid display filter, or the (2) GSM SMS, (3) ASN.1-based, (4) DCERPC NT, (5) PER, (6) RPC, (7) DCERPC, and (8) ASN.1 dissectors.
40 CVE-2006-1938 DoS 2006-04-25 2017-10-10
5.0
None Remote Low Not required None None Partial
Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via the (1) Sniffer capture or (2) SMB PIPE dissector.
41 CVE-2006-1937 DoS 2006-04-25 2017-10-10
5.0
None Remote Low Not required None None Partial
Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) multiple vectors in H.248, and the (2) X.509if, (3) SRVLOC, (4) H.245, (5) AIM, and (6) general packet dissectors; and (7) the statistics counter.
42 CVE-2006-1935 DoS Exec Code Overflow 2006-04-25 2017-10-10
5.0
None Remote Low Not required None None Partial
Buffer overflow in Ethereal 0.9.15 up to 0.10.14 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the COPS dissector.
43 CVE-2006-1934 DoS Exec Code Overflow 2006-04-25 2017-10-10
5.0
None Remote Low Not required None None Partial
Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Instruments file code, or (3) NetXray/Windows Sniffer file code.
44 CVE-2006-1933 DoS 2006-04-25 2017-10-10
5.0
None Remote Low Not required None None Partial
Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (large or infinite loops) viarafted packets to the (1) UMA and (2) BER dissectors.
45 CVE-2006-1931 DoS 2006-04-20 2018-10-03
5.0
None Remote Low Not required None None Partial
The HTTP/XMLRPC server in Ruby before 1.8.2 uses blocking sockets, which allows attackers to cause a denial of service (blocked connections) via a large amount of data.
46 CVE-2006-1928 DoS 2006-04-20 2017-07-19
5.0
None Remote Low Not required None None Partial
Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 routers, allows remote attackers to cause a denial of service (Modular Services Cards (MSC) crash or "MPLS packet handling problems") via certain MPLS packets, as identified by Cisco bug IDs (1) CSCsd15970 and (2) CSCsd55531.
47 CVE-2006-1927 DoS 2006-04-20 2017-07-19
5.0
None Remote Low Not required None None Partial
Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 or Cisco 12000 series routers, allows remote attackers to cause a denial of service (Line card crash) via certain MPLS packets, as identified by Cisco bug ID CSCsc77475.
48 CVE-2006-1901 DoS 2006-04-20 2018-10-18
5.0
None Remote Low Not required None None Partial
Mozilla Camino 1.0 and earlier allow remote attackers to cause a denial of service (null dereference and application crash or hang) via HTML with certain improperly nested elements. NOTE: this might be the same issue as CVE-2006-1724.
49 CVE-2006-1840 134 DoS 2006-04-19 2017-07-19
6.4
None Remote Low Not required None Partial Partial
Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a denial of service (crash) via the (1) load, (2) spy and (3) bomb functions.
50 CVE-2006-1814 DoS 2006-04-18 2017-07-19
2.1
None Local Low Not required None None Partial
NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory.
Total number of vulnerabilities : 85   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.