CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2006(Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
751 CVE-2006-0867 DoS Overflow 2006-02-23 2018-10-18
5.0
None Remote Low Not required None None Partial
Buffer overflow in certain versions of South River (aka SRT) WebDrive, possibly version 6.08 build 1131 and version 8, allows remote attackers to cause a denial of service (application crash and persistent erratic behavior) via a long string in the name entry field.
752 CVE-2006-0865 DoS 2006-02-23 2018-10-18
5.0
None Remote Low Not required None None Partial
PunBB 1.2.10 and earlier allows remote attackers to cause a denial of service (resource consumption) by registering many user accounts quickly.
753 CVE-2006-0853 DoS Exec Code Overflow 2006-02-22 2018-10-18
6.5
User Remote Low Single system Partial Partial Partial
Buffer overflow in the IMAP service of TrueNorth Internet Anywhere (IA) eMailserver 5.3.4 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long SEARCH argument.
754 CVE-2006-0836 DoS 2006-02-21 2018-10-18
2.6
None Remote High Not required None None Partial
Mozilla Thunderbird 1.5 allows user-assisted attackers to cause an unspecified denial of service by tricking the user into importing an LDIF file with a long field into the address book, as demonstrated by a long homePhone field.
755 CVE-2006-0835 DoS Sql 2006-02-21 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
SQL injection vulnerability in dropbase.php in MitriDAT Web Calendar Pro allows remote attackers to modify internal SQL queries and cause a denial of service (inaccessible database) via the tabls parameter.
756 CVE-2006-0830 DoS Exec Code 2006-02-21 2018-10-18
7.5
User Remote Low Not required Partial Partial Partial
The scripting engine in Internet Explorer allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary code via a web page that contains a recurrent call to an infinite loop in Javascript or VBscript, which consumes the stack, as demonstrated by resetting the "location" variable within the loop.
757 CVE-2006-0826 DoS 2006-02-21 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to cause a denial of service via a crafted Postscript request.
758 CVE-2006-0822 DoS 2006-02-21 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in EmuLinker Kaillera Server before 0.99.17 allows remote attackers to cause a denial of service (probably resource consumption) via a crafted packet that causes a "ghost game" to be left on the server.
759 CVE-2006-0808 DoS +Info 2006-02-20 2017-07-19
6.4
None Remote Low Not required Partial None Partial
MUTE 0.4 allows remote attackers to cause a denial of service (messages not forwarded) and obtain sensitive information about a target by filling a client's mWebCache cache with malicious "zombie" nodes.
760 CVE-2006-0797 DoS Overflow 2006-02-19 2017-07-19
7.8
None Remote Low Not required None None Complete
Nokia N70 cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual length of the packet, possibly triggering a buffer overflow, as demonstrated using the Bluetooth Stack Smasher (BSS).
761 CVE-2006-0790 DoS 2006-02-19 2017-07-19
5.0
None Remote Low Not required None None Partial
Rockliffe MailSite 7.0 and earlier allows remote attackers to cause a denial of service by sending crafted LDAP packets to port 389/TCP, as demonstrated by the ProtoVer LDAP testsuite.
762 CVE-2006-0784 DoS 2006-02-19 2018-10-18
5.0
None Remote Low Not required None None Partial
D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the crash due to missing arguments.
763 CVE-2006-0771 134 DoS Exec Code 2006-02-18 2018-10-19
6.4
None Remote Low Not required None Partial Partial
Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and possibly other games, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in invalid cvar values, which are not properly handled when the server kicks the player and records the reason.
764 CVE-2006-0768 DoS 2006-02-18 2018-10-19
5.0
None Remote Low Not required None None Partial
Kadu 0.4.3 allows remote attackers to cause a denial of service (application crash) via a large number of image send requests.
765 CVE-2006-0753 DoS 2006-02-17 2018-10-19
2.6
None Remote High Not required None None Partial
Memory leak in Microsoft Internet Explorer 6 for Windows XP Service Pack 2 allows remote attackers to cause a denial of service (memory consumption) via JavaScript that uses setInterval to repeatedly call a function to set the value of window.status.
766 CVE-2006-0749 399 DoS Exec Code Mem. Corr. 2006-04-14 2018-10-19
9.3
Admin Remote Medium Not required Complete Complete Complete
nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a "particular sequence of HTML tags" that leads to memory corruption.
767 CVE-2006-0747 189 DoS 2006-05-23 2018-10-19
5.0
None Remote Low Not required None None Partial
Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values.
768 CVE-2006-0743 134 DoS Mem. Corr. 2006-03-09 2017-07-19
5.0
None Remote Low Not required None None Partial
Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors.
769 CVE-2006-0742 DoS 2006-03-09 2018-10-03
4.6
None Local Low Single system None None Complete
The die_if_kernel function in arch/ia64/kernel/unaligned.c in Linux kernel 2.6.x before 2.6.15.6, possibly when compiled with certain versions of gcc, has the "noreturn" attribute set, which allows local users to cause a denial of service by causing user faults on Itanium systems.
770 CVE-2006-0741 DoS 2006-03-06 2018-10-03
1.2
None Local High Not required None None Partial
Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address."
771 CVE-2006-0739 DoS 2006-02-16 2018-10-19
5.0
None Remote Low Not required None None Partial
eStara SIP softphone allows remote attackers to cause a denial of service (crash) via an INVITE request with a Content-Length field that has more than 9 digits.
772 CVE-2006-0738 DoS 2006-02-16 2018-10-19
5.0
None Remote Low Not required None None Partial
Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service (hang) via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using (1) the field name, (2) the o field (owner/creator and session identifier), or (3) the m field (media name and transport address).
773 CVE-2006-0737 DoS 2006-02-16 2018-10-19
5.0
None Remote Low Not required None None Partial
eStara SIP softphone allows remote attackers to cause a denial of service (crash) via a SIP OPTIONS request with a negative Expires field.
774 CVE-2006-0734 119 DoS Overflow 2006-02-16 2017-07-19
4.0
None Remote Low Single system None None Partial
The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.6 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a backslash character at the end of a connection string to UDP port 27015.
775 CVE-2006-0730 119 DoS Overflow 2006-02-16 2017-07-19
5.0
None Remote Low Not required None None Partial
Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
776 CVE-2006-0720 DoS Exec Code Overflow 2006-02-23 2018-10-19
7.6
Admin Remote High Not required Complete Complete Complete
Stack-based buffer overflow in Nullsoft Winamp 5.12 and 5.13 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .m3u file that causes an incorrect strncpy function call when the player pauses or stops the file.
777 CVE-2006-0718 DoS 2006-02-15 2008-09-05
5.0
None Remote Low Not required None None Partial
The Internet Key Exchange version 1 (IKEv1) implementation in Avaya VSU 100, 2000, 7500, 10000, and CSU 5000, when running IPSec, allows remote attackers to cause a denial of service (crash) via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
778 CVE-2006-0717 DoS 2006-02-15 2017-07-19
5.0
None Remote Low Not required None None Partial
IBM Tivoli Directory Server 6.0 allows remote attackers to cause a denial of service (crash) via a crafted LDAP request, as demonstrated by test 2532 in the ProtoVer Sample LDAP test suite.
779 CVE-2006-0709 DoS Exec Code Overflow 2006-02-15 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105.
780 CVE-2006-0678 DoS 2006-02-14 2018-10-19
1.5
None Local Medium Single system None None Partial
PostgreSQL 7.3.x before 7.3.14, 7.4.x before 7.4.12, 8.0.x before 8.0.7, and 8.1.x before 8.1.3, when compiled with Asserts enabled, allows local users to cause a denial of service (server crash) via a crafted SET SESSION AUTHORIZATION command, a different vulnerability than CVE-2006-0553.
781 CVE-2006-0677 DoS 2006-02-14 2018-10-19
7.8
None Remote Low Not required None None Complete
telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference.
782 CVE-2006-0674 DoS Overflow 2006-02-13 2017-07-19
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in the arp command of IBM AIX 5.3 L, 5.3, 5.2.2, 5.2 L, and 5.2 allows local users to cause a denial of service (crash) via a long iftype argument.
783 CVE-2006-0671 DoS Overflow 2006-02-13 2017-07-19
7.8
None Remote Low Not required None None Complete
Buffer overflow in Sony Ericsson K600i, V600i, W800i, and T68i cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual length of the packet.
784 CVE-2006-0670 DoS Overflow 2006-02-13 2018-10-19
5.0
None Remote Low Not required None None Partial
Buffer overflow in l2cap.c in hcidump 1.29 allows remote attackers to cause a denial of service (crash) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet.
785 CVE-2006-0666 DoS 2006-02-15 2017-07-19
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in the (1) unix_mp and (2) unix_64 kernels in IBM AIX 5.3 VRMF 5.3.0.30 through 5.3.0.33 allows local users to cause a denial of service (system crash) via unknown vectors related to EMULATE_VMX.
786 CVE-2006-0647 DoS 2006-02-13 2017-07-19
5.0
None Remote Low Not required None None Partial
LDAP service in Sun Java System Directory Server 5.2, running on Linux and possibly other platforms, allows remote attackers to cause a denial of service (memory allocation error) via an LDAP packet with a crafted subtree search request, as demonstrated using the ProtoVer LDAP test suite.
787 CVE-2006-0629 DoS Exec Code Overflow 2006-02-10 2018-10-19
5.1
User Remote High Not required Partial Partial Partial
Unspecified vulnerability in AOL Instant Messenger (AIM) 5.9.3861 allows user-assisted remote attackers to cause a denial of service (client crash) and possibly execute arbitrary code by tricking the user into requesting Buddy Info about a long screen name, which might cause a buffer overflow.
788 CVE-2006-0622 399 DoS 2006-02-08 2017-07-19
4.9
None Local Low Not required None None Complete
QNX Neutrino RTOS 6.3.0 allows local users to cause a denial of service (hang) by supplying a "break *0xb032d59f" command to gdb.
789 CVE-2006-0600 DoS 2006-02-13 2017-07-19
5.0
None Remote Low Not required None None Partial
elog before 2.5.7 r1558-4 allows remote attackers to cause a denial of service (infinite redirection) via a request with the fail parameter set to 1, which redirects to the same request.
790 CVE-2006-0597 DoS Exec Code Overflow 2006-02-13 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Multiple stack-based buffer overflows in elogd.c in elog before 2.5.7 r1558-4 allow attackers to cause a denial of service (application crash) and possibly execute code via long "revision attributes".
791 CVE-2006-0585 DoS 2006-02-07 2018-10-19
5.0
None Remote Low Not required None None Partial
jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a denial of service (application crash) via a Shockwave Flash object that contains ActionScript code that calls VBScript, which in turn calls the Javascript document.write function, which triggers a null dereference.
792 CVE-2006-0580 DoS 2006-02-07 2017-07-19
5.0
None Remote Low Not required None None Partial
IBM Lotus Domino Server 7.0 allows remote attackers to cause a denial of service (segmentation fault) via a crafted packet to the LDAP port (389/TCP).
793 CVE-2006-0566 DoS 2006-02-06 2018-10-19
5.0
None Remote Low Not required None None Partial
The LDAP component in CommuniGate Pro Core Server 5.0.7 allows remote attackers to cause a denial of service (application crash) via LDAP messages that contain Distinguished Names (DN) fields with a large number of elements.
794 CVE-2006-0558 DoS 2006-04-14 2017-10-10
4.9
None Local Low Not required None None Complete
perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function.
795 CVE-2006-0555 DoS 2006-03-06 2018-10-03
2.1
None Local Low Not required None None Partial
The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service (NFS client panic) via unknown attack vectors related to the use of O_DIRECT (direct I/O).
796 CVE-2006-0550 DoS Exec Code Overflow 2006-02-03 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in an unspecified Oracle Client utility might allow remote attackers to execute arbitrary code or cause a denial of service. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created since it cannot be conclusively proven that this issue has been addressed by Oracle. It is possible that this is the same issue as Oracle Vuln# DBC02 from the January 2006 CPU, in which case this would be a duplicate of CVE-2006-0283. However, there are enough inconsistencies that the mapping can not be made authoritatively.
797 CVE-2006-0544 DoS Exec Code 2006-02-03 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0) allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a BGSOUND element with its SRC attribute set to "file://" followed by a large number of "-" (dash of hyphen) characters.
798 CVE-2006-0543 DoS 2006-02-03 2008-09-05
5.0
None Remote Low Not required None None Partial
Cerulean Trillian 3.1.0.120 allows remote attackers to cause a denial of service (client crash) via an AIM message containing the Mac encoded Rich Text Format (RTF) escape sequences (1) \'d1, (2) \'d2, (3) \'d3, (4) \'d4, and (5) \'d5. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
799 CVE-2006-0538 DoS 2006-02-03 2018-10-19
2.6
None Remote High Not required None None Partial
CipherTrust IronMail 5.0.1, when "Denial of Service Protection" is enabled, allows remote attackers to cause a denial of service (possibly CPU consumption) via a SYN flood with malformed TCP packets from multiple connections.
800 CVE-2006-0530 DoS 2006-02-02 2018-10-19
5.0
None Remote Low Not required None None Partial
Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 Build 220_16 and 1.11 Build 29_20, as used in multiple CA products, allows remote attackers to cause a denial of service via spoofed CAM control messages.
Total number of vulnerabilities : 893   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 (This Page)17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.