CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2006(Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
701 CVE-2006-1273 DoS 2006-03-19 2018-10-18
7.8
None Remote Low Not required None None Complete
** DISPUTED ** Mozilla Firefox 1.0.7 and 1.5.0.1 allows remote attackers to cause a denial of service (crash) via an HTML tag with a large number of script action handlers such as onload and onmouseover, which triggers the crash when the user views the page source. NOTE: Red Hat has disputed this issue, suggesting that "It is likely the reporter was running the IE Tab extension," and Mozilla also confirmed that this is not an issue in Firefox itself.
702 CVE-2006-1268 DoS Exec Code 2006-03-18 2008-09-05
7.8
None Remote Low Not required None None Complete
The Internet Key Exchange implementation in Funkwerk X2300 7.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
703 CVE-2006-1255 DoS Exec Code Overflow 2006-03-18 2017-07-19
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177.
704 CVE-2006-1218 DoS 2006-03-13 2008-09-05
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the HTTP proxy in Novell BorderManager 3.8 and earlier allows remote attackers to cause a denial of service (CPU consumption and ABEND) via unknown attack vectors related to "media streaming over HTTP 1.1".
705 CVE-2006-1214 DoS 2006-03-13 2018-10-18
5.0
None Remote Low Not required None None Partial
UnrealIRCd 3.2.3 allows remote attackers to cause an unspecified denial of service by causing a linked server to send malformed TKL Q:Line commands, as demonstrated by "TKL - q\x08Q *\x08PoC."
706 CVE-2006-1206 DoS 2006-03-13 2018-10-30
5.0
None Remote Low Not required None None Partial
Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating systems, allows remote attackers to cause a denial of service (connection slot exhaustion) via a large number of connection attempts that exceeds the MAX_UNAUTH_CLIENTS defined value of 30.
707 CVE-2006-1195 DoS 2006-03-13 2018-10-18
5.0
None Remote Low Not required None None Partial
The enet_protocol_handle_send_fragment function in protocol.c for ENet library CVS version Jul 2005 and earlier, as used in products including (1) Cube, (2) Sauerbraten, and (3) Duke3d_w32, allows remote attackers to cause a denial of service (application crash) via a packet fragment with a large total data size, which triggers an application abort when memory allocation fails.
708 CVE-2006-1194 DoS 2006-03-13 2018-10-18
5.0
None Remote Low Not required None None Partial
Integer signedness error in the enet_protocol_handle_incoming_commands function in protocol.c for ENet library CVS version Jul 2005 and earlier, as used in products including (1) Cube, (2) Sauerbraten, and (3) Duke3d_w32, allows remote attackers to cause a denial of service (application crash) via a packet with a large command length value, which leads to an invalid memory access.
709 CVE-2006-1184 DoS 2006-05-09 2019-04-30
5.0
None Remote Low Not required None None Partial
Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119.
710 CVE-2006-1178 DoS 2006-07-28 2017-07-19
5.0
None Remote Low Not required None None Partial
Tamarack MMSd before 7.992 allows remote attackers to cause a denial of service (crash) via malformed RFC1006 (OSI over TCP/IP) packets.
711 CVE-2006-1173 399 DoS 2006-06-07 2018-10-18
5.0
None Remote Low Not required None None Partial
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.
712 CVE-2006-1168 DoS Exec Code 2006-08-14 2017-10-10
7.5
User Remote Low Not required Partial Partial Partial
The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow.
713 CVE-2006-1159 DoS Exec Code 2006-03-12 2018-10-18
7.8
None Remote Low Not required None None Complete
Format string vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in the query string argument in an HTTP GET request.
714 CVE-2006-1158 DoS 2006-03-12 2018-10-18
7.8
None Remote Low Not required None None Complete
Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to cause a denial of service (application crash) via a crafted IMAP LOGIN command.
715 CVE-2006-1150 DoS Overflow 2006-03-10 2017-07-19
7.8
None Remote Low Not required None None Complete
Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, automatically appends an _ (underscore) to the end of duplicate nicknames, which allows remote attackers to cause a denial of service (application crash) by creating multiple users with long, identical nicknames, which triggers an off-by-one error.
716 CVE-2006-1147 DoS 2006-03-10 2018-10-18
4.0
None Remote Low Single system None None Partial
The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name.
717 CVE-2006-1138 DoS Mem. Corr. 2006-03-09 2018-10-04
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the web server code in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows remote attackers to cause a denial of service (memory corruption) via unknown vectors.
718 CVE-2006-1137 DoS 2006-03-09 2018-10-04
5.0
None Remote Low Not required None None Partial
Multiple unspecified vulnerabilities in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allow remote attackers to cause an unspecified denial of service via a crafted PostScript file that will (1) "navigate through the directory" or (2) a "file sent to expose TCP/IP ports".
719 CVE-2006-1136 DoS Overflow 2006-03-09 2018-09-27
5.0
None Remote Low Not required None None Partial
Buffer overflow in the PostScript file interpreter code for Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows attackers to cause a denial of service via unknown vectors.
720 CVE-2006-1103 DoS 2006-03-09 2018-10-18
5.0
None Remote Low Not required None None Partial
engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (segmentation fault) via a client that does not completely join the game and times out, which results in a null pointer dereference.
721 CVE-2006-1102 DoS 2006-03-09 2018-10-18
5.0
None Remote Low Not required None None Partial
Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (client exit) by forcing the server to change to a map (ogz) file whose name contains ".." sequences and has a certain length that prevents the addition of the ".ogz" extension.
722 CVE-2006-1101 DoS 2006-03-09 2018-10-18
5.0
None Remote Low Not required None None Partial
The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine, allow remote attackers to cause a denial of service (segmentation fault) via long streams of input data that trigger an out-of-bounds read, as demonstrated using SV_EXT tag data in the Cube engine, which is not properly handled by getint.
723 CVE-2006-1092 DoS 2006-03-09 2018-10-30
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in the pagedata subsystem of the process file system (/proc) in Solaris 8 through 10 allows local users to cause a denial of service (system hang or panic) via unknown attack vectors that cause cause the kmem_oversize arena to allocate a large amount of system memory that does not get freed.
724 CVE-2006-1091 DoS 2006-03-09 2017-07-19
7.8
None Remote Low Not required None None Complete
Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via unknown attack vectors.
725 CVE-2006-1090 DoS 2006-03-09 2017-07-19
7.8
None Remote Low Not required None None Complete
register.php in PunBB 1.2.10 allows remote attackers to cause an unspecified denial of service via a flood of new user registrations.
726 CVE-2006-1074 DoS 2006-03-08 2018-10-18
5.0
None Remote Low Not required None None Partial
Jason Boettcher Liero Xtreme 0.62b and earlier allow remote attackers to cause a denial of service (application crash or hang) via a long argument to the connect command.
727 CVE-2006-1068 DoS 2006-03-07 2018-10-18
4.9
None Local Low Not required None None Complete
Netgear 614 and 624 routers, possibly running VXWorks, allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value.
728 CVE-2006-1067 DoS 2006-03-07 2018-10-18
5.0
None Remote Low Not required None None Partial
Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value.
729 CVE-2006-1066 DoS 2006-03-26 2018-10-03
1.2
None Local High Not required None None Partial
Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call.
730 CVE-2006-1055 DoS 2006-04-05 2018-10-03
4.9
None Local Low Not required None None Complete
The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash) by causing an out-of-bounds read.
731 CVE-2006-1046 DoS 2006-03-07 2017-07-19
5.0
None Remote Low Not required None None Partial
server.cpp in Monopd 0.9.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via a string containing a large number of characters that are escaped when Monopd produces XML output.
732 CVE-2006-1029 DoS XSS 2006-03-06 2018-10-18
4.3
None Remote Medium Not required None None Partial
The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "<<>AAA<><>", possibly due to nested or empty tags.
733 CVE-2006-1028 DoS 2006-03-06 2018-10-18
7.8
None Remote Low Not required None None Complete
feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to cause a denial of service (stressed file cache) by creating many files via filenames in the feed parameter to index.php.
734 CVE-2006-1010 DoS Exec Code Overflow 2006-03-06 2017-07-19
6.4
None Remote Low Not required None Partial Partial
Buffer overflow in socket/request.c in CrossFire before 1.9.0, when oldsocketmode is enabled, allows remote attackers to cause a denial of service (segmentation fault) and possibly execute code by sending the server a large request.
735 CVE-2006-0995 DoS 2006-03-03 2017-07-19
5.0
None Remote Low Not required None None Partial
EMC Dantz Retrospect 7 backup client 7.0.107, and other versions before 7.0.109, and 6.5 before 6.5.138 allows remote attackers to cause a denial of service (client termination and loss of backup service) via a malformed packet to TCP port 497, which triggers an assert error.
736 CVE-2006-0988 DoS 2006-03-03 2018-10-18
7.8
None Remote Low Not required None None Complete
The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.
737 CVE-2006-0987 DoS 2006-03-03 2018-10-18
5.0
None Remote Low Not required None None Partial
The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.
738 CVE-2006-0967 399 DoS Overflow 2006-03-02 2018-10-18
2.1
None Local Low Not required None None Partial
NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to cause a denial of service (memory usage and cpu utilization) via a flood of arbitrary UDP datagrams to ports 0 to 65000. NOTE: this issue was reported as a buffer overflow, but that term usually does not apply in flooding attacks.
739 CVE-2006-0966 119 DoS Overflow 2006-03-02 2018-10-18
2.1
None Local Low Not required None None Partial
NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a large number of arguments to ncprwsnt.exe, possibly due to a buffer overflow.
740 CVE-2006-0960 DoS 2006-03-02 2017-07-19
5.0
None Remote Low Not required None None Partial
uConfig agent in Compex NetPassage WPE54G router allows remote attackers to cause a denial of service (unresposiveness) via crafted datagrams to UDP port 7778.
741 CVE-2006-0956 DoS 2006-03-02 2008-09-05
1.7
None Local Low Single system None None Partial
nuauth in NuFW before 1.0.21 does not properly handle blocking TLS sockets, which allows remote authenticated users to cause a denial of service (service hang) by flooding packets at the authentication server.
742 CVE-2006-0935 DoS 2006-02-28 2008-09-05
2.6
None Remote High Not required None None Partial
Microsoft Word 2003 allows remote attackers to cause a denial of service (application crash) via a crafted file, as demonstrated by 101_filefuzz.
743 CVE-2006-0925 DoS 2006-02-28 2017-07-19
5.0
None Remote Low Not required None None Partial
Format string vulnerability in the IMAP4rev1 server in Alt-N MDaemon 8.1.1 and possibly 8.1.4 allows remote attackers to cause a denial of service (CPU consumption) by creating and then listing folders whose names contain format string specifiers.
744 CVE-2006-0912 DoS 2006-02-28 2008-09-05
5.0
None Remote Low Not required None None Partial
Oreka before 0.5 allows remote attackers to cause a denial of service (application crash) via a "certain RTP sequence."
745 CVE-2006-0911 399 DoS 2006-02-28 2018-10-18
5.0
None Remote Low Not required None None Partial
NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service (CPU consumption) via crafted requests to Login.asp, possibly involving the (1) "In]" and (2) "b;tnLogIn" parameters, or (3) malformed btnLogIn parameters, possibly involving missing "[" (open bracket) or "[" (closing bracket) characters, as demonstrated by "&btnLogIn=[Log&In]=&" or "&b;tnLogIn=[Log&In]=&" in the URL. NOTE: due to the lack of diagnosis by the original researcher, the precise nature of the vulnerability is unclear.
746 CVE-2006-0901 DoS Exec Code 2006-02-27 2018-10-30
7.2
Admin Local Low Not required Complete Complete Complete
Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attackers to cause a denial of service (panic) or execute arbitrary code.
747 CVE-2006-0900 DoS 2006-02-27 2017-07-19
7.8
None Remote Low Not required None None Complete
nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial of service via a crafted NFS mount request, as demonstrated by the ProtoVer NFS test suite.
748 CVE-2006-0888 DoS 2006-02-25 2017-10-18
2.6
None Remote High Not required None None Partial
index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation disabled, allows remote attackers to cause an unspecified denial of service by registering a large number of users.
749 CVE-2006-0883 399 DoS 2006-03-06 2017-07-19
5.0
None Remote Low Not required None None Partial
OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting.
750 CVE-2006-0876 DoS 2006-02-24 2008-09-05
5.0
None Remote Low Not required None None Partial
POPFile before 0.22.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving character sets within e-mail messages.
Total number of vulnerabilities : 893   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 (This Page)16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.