Security Vulnerabilities, CVEs, Published In May 2006 (Denial of service) CVSS score >= 7
libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is not properly handled during encoding.
Max CVSS
7.8
EPSS Score
8.57%
Published
2006-05-30
Updated
2018-10-03
Stack-based buffer overflow in PDF Form Filling and Flattening Tool before 3.1.0.12 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long field names.
Max CVSS
7.5
EPSS Score
9.05%
Published
2006-05-24
Updated
2018-10-18
Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors.
Max CVSS
10.0
EPSS Score
82.69%
Published
2006-05-20
Updated
2018-10-18
Integer overflow in CGI scripts in Nagios 1.x before 1.4.1 and 2.x before 2.3.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a content length (Content-Length) HTTP header. NOTE: this is a different vulnerability than CVE-2006-2162.
Max CVSS
7.5
EPSS Score
8.76%
Published
2006-05-19
Updated
2018-10-03
The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite.
Max CVSS
7.8
EPSS Score
88.89%
Published
2006-05-25
Updated
2023-02-13
The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (application crash) via packets with incorrect message sizes, which triggers a buffer over-read.
Max CVSS
7.8
EPSS Score
5.08%
Published
2006-05-16
Updated
2018-10-18
The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (game interruption) via large packets, which cause an exception to be thrown.
Max CVSS
7.8
EPSS Score
6.96%
Published
2006-05-16
Updated
2018-10-18
Stack-based buffer overflow in the ServerNetworking::incoming_client_data function in servnet.cpp in Outgun 1.0.3 bot 2 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a data_file_request command with a long (1) type or (2) name string.
Max CVSS
7.5
EPSS Score
9.98%
Published
2006-05-16
Updated
2018-10-18
Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497.
Max CVSS
7.5
EPSS Score
86.87%
Published
2006-05-16
Updated
2018-10-18
Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character.
Max CVSS
7.5
EPSS Score
1.14%
Published
2006-05-15
Updated
2023-12-22
Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer."
Max CVSS
7.5
EPSS Score
7.39%
Published
2006-05-09
Updated
2024-02-15
Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via incoming IP fragmented (1) COOKIE_ECHO and (2) HEARTBEAT SCTP control chunks.
Max CVSS
7.8
EPSS Score
22.36%
Published
2006-05-09
Updated
2017-10-11
The ECNE chunk handling in Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (kernel panic) via an unexpected chunk when the session is in CLOSED state.
Max CVSS
7.8
EPSS Score
22.13%
Published
2006-05-09
Updated
2017-10-11
Buffer overflow in Gene6 FTP Server 3.1.0 allows remote authenticated attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to (1) MKD or (2) XMKD, as demonstrated by the Infigo FTPStress Fuzzer.
Max CVSS
7.5
EPSS Score
4.81%
Published
2006-05-04
Updated
2018-10-18
Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493.
Max CVSS
7.5
EPSS Score
13.75%
Published
2006-05-23
Updated
2023-02-13
SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.
Max CVSS
7.8
EPSS Score
10.71%
Published
2006-05-22
Updated
2017-10-11
Buffer overflow in SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed HB-ACK chunk.
Max CVSS
9.0
EPSS Score
10.53%
Published
2006-05-22
Updated
2017-10-11
QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference.
Max CVSS
7.8
EPSS Score
8.67%
Published
2006-05-12
Updated
2017-07-20
Heap-based buffer overflow in the ISO Transport Service over TCP (RFC 1006) implementation of LiveData ICCP Server before 5.00.035 allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets.
Max CVSS
7.5
EPSS Score
23.98%
Published
2006-05-19
Updated
2017-07-20
19 vulnerabilities found