CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2006(Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
201 CVE-2006-5405 DoS Exec Code 2006-10-18 2018-10-17
6.2
None Local High Not required Complete Complete Complete
Unspecified vulnerability in Toshiba Bluetooth wireless device driver 3.x and 4 through 4.00.35, as used in multiple products, allows physically proximate attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via crafted Bluetooth packets.
202 CVE-2006-5403 DoS Exec Code Overflow 2006-10-18 2017-07-19
5.1
User Remote High Not required Partial Partial Partial
Stack-based buffer overflow in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
203 CVE-2006-5396 DoS 2006-10-18 2017-10-10
4.9
None Local Low Not required None None Complete
The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel before 20061017, when TCP Fusion is enabled, allows local users to cause a denial of service (system crash) via a TCP loopback connection with both endpoints on the same system.
204 CVE-2006-5391 DoS 2006-10-18 2017-10-18
5.0
None Remote Low Not required None None Partial
Xfire 1.64 and earlier allows remote attackers to cause a denial of service (client application crash) via a long string to UDP port 25777.
205 CVE-2006-5296 DoS Exec Code 2006-10-16 2017-10-18
4.3
None Remote Medium Not required None None Partial
PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted PowerPoint (.PPT) file, as demonstrated by Nanika.ppt, and a different vulnerability than CVE-2006-3435, CVE-2006-3876, CVE-2006-3877, and CVE-2006-4694. NOTE: the impact of this issue was originally claimed to be arbitrary code execution, but later analysis demonstrated that this was erroneous.
206 CVE-2006-5295 DoS 2006-10-16 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location."
207 CVE-2006-5286 DoS 2006-10-13 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in IKE.NLM in Novell BorderManager 3.8 allows attackers to cause a denial of service (crash) via unknown attack vectors related to "VPN issues" for certain "IKE and IPsec settings."
208 CVE-2006-5265 20 DoS 2006-12-31 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allows remote attackers to cause a denial of service (crash) via an invalid magic number in a Distributed Process Server (DPS) message.
209 CVE-2006-5233 DoS 2006-10-10 2017-07-19
7.8
None Remote Low Not required None None Complete
Polycom SoundPoint IP 301 VoIP Desktop Phone, firmware version 1.4.1.0040, allows remote attackers to cause a denial of service (reboot) via (1) a long URL sent to the HTTP daemon and (2) unspecified manipulations as demonstrated by the Nessus http_fingerprinting_hmap.nasl script.
210 CVE-2006-5231 DoS 2006-10-10 2017-07-19
7.8
None Remote Low Not required None None Complete
Grandstream GXP-2000 VoIP Desktop Phone, firmware version 1.1.0.5, allows remote attackers to cause a denial of service (hang or reboot) via a large amount of ASCII data sent to port (1) 5060/UDP, (2) 5062/UDP, (3) 5064/UDP, (4) 5066/UDP, (5) 9876/UDP, or (6) 26789/UDP.
211 CVE-2006-5218 DoS Overflow +Priv 2006-10-10 2017-07-19
4.6
User Local Low Not required Partial Partial Partial
Integer overflow in the systrace_preprepl function (STRIOCREPLACE) in systrace in OpenBSD 3.9 and NetBSD 3 allows local users to cause a denial of service (crash), gain privileges, or read arbitrary kernel memory via large numeric arguments to the systrace ioctl.
212 CVE-2006-5196 DoS 2006-10-10 2017-07-19
7.8
None Remote Low Not required None None Complete
The HTTP interface in the Motorola SURFboard SB4200 Cable Modem allows remote attackers to cause a denial of service (device crash) via a request with MfcISAPICommand set to SecretProc and a long string in the Secret parameter.
213 CVE-2006-5179 DoS 2006-10-10 2008-09-05
5.4
None Remote High Not required None None Complete
Intoto iGateway VPN and iGateway SSL-VPN allow context-dependent attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification, a related issue to CVE-2006-2940.
214 CVE-2006-5177 119 DoS Exec Code Overflow 2006-10-10 2017-07-19
9.3
Admin Remote Medium Not required Complete Complete Complete
The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted base64 encoded NTLM Type 1 messages, which trigger a buffer over-read.
215 CVE-2006-5173 DoS 2006-10-17 2018-10-30
2.1
None Local Low Not required None None Partial
Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a SIGBUS in other processes that have an unaligned access.
216 CVE-2006-5162 DoS Overflow 2006-10-05 2017-10-18
5.0
None Remote Low Not required None None Partial
wininet.dll in Microsoft Internet Explorer 6.0 SP2 and earlier allows remote attackers to cause a denial of service (unhandled exception and crash) via a long Content-Type header, which triggers a stack overflow.
217 CVE-2006-5158 DoS 2006-10-05 2017-10-10
3.3
None Local Network Low Not required None None Partial
The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock.
218 CVE-2006-5153 DoS 2006-10-05 2018-10-17
5.0
None Remote Low Not required None None Partial
The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors.
219 CVE-2006-5134 DoS 2006-10-03 2018-10-17
4.0
None Remote Low Single system None None Partial
Mercury SiteScope 8.2 (8.1.2.0) allows remote authenticated users to cause a denial of service (loss of connectivity to the classic interface) via attempted HTML injection into the "new monitor description" field.
220 CVE-2006-5111 DoS 2006-10-03 2017-07-19
5.0
None Remote Low Not required None None Partial
The libksba library 0.9.12 and possibly other versions, as used by gpgsm in the newpg package on SUSE LINUX, allows attackers to cause a denial of service (application crash) via a malformed X.509 certificate in a signature.
221 CVE-2006-5098 DoS 2006-09-29 2008-09-05
5.0
None Remote Low Not required None None Partial
lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote attackers to cause a denial of service (CPU consumption) via large w and h parameters, when resizing an image.
222 CVE-2006-5084 20 DoS Exec Code 2006-09-28 2016-12-07
7.5
User Remote Low Not required Partial Partial Partial
Format string vulnerability in the NSRunAlertPanel function in eBay Skype for Mac 1.5.*.79 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed Skype URL, as originally reported to involve a null dereference.
223 CVE-2006-5075 DoS 2006-09-28 2017-07-19
7.8
None Remote Low Not required None None Complete
The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris 10 before 20060926 allows remote attackers to cause a denial of service (system crash) via unspecified vectors related to an SSL client.
224 CVE-2006-5073 DoS 2006-09-28 2018-10-30
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets, a different vulnerability than CVE-2006-5013.
225 CVE-2006-5051 362 DoS Exec Code 2006-09-27 2017-10-10
9.3
Admin Remote Medium Not required Complete Complete Complete
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
226 CVE-2006-5033 DoS 2006-09-27 2017-07-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in StoresAndCalendarsList.cgi in Paul Smith Computer Services vCAP 1.9.0 Beta and earlier allows remote attackers to cause a denial of service via the session parameter, possibly related to format string specifiers or malformed URL encoding.
227 CVE-2006-5013 DoS 2006-09-26 2017-10-10
7.8
None Remote Low Not required None None Complete
Sun Solaris 10 before patch 118855-16 (20060925), when run on x64 systems using IPv6, allows remote attackers to cause a denial of service (kernel panic) via crafted IPv6 packets.
228 CVE-2006-5012 DoS 2006-09-26 2018-10-30
6.6
None Local Low Not required None Complete Complete
Unspecified vulnerability in Sun Solaris 8, 9, and 10 before 20060925 allows local users to cause a denial of service (disable syslog) and prevent security messages from being logged via unspecified vectors.
229 CVE-2006-4997 DoS 2006-10-10 2018-10-30
7.1
None Remote Medium Not required None None Complete
The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).
230 CVE-2006-4980 DoS Exec Code Overflow 2006-10-10 2018-10-17
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.
231 CVE-2006-4948 DoS Exec Code Overflow 2006-09-22 2017-07-19
7.5
User Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a long file name. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
232 CVE-2006-4925 DoS 2006-09-28 2018-10-17
5.0
None Remote Low Not required None None Partial
packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service (crash) by sending an invalid protocol sequence with USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL.
233 CVE-2006-4924 399 DoS 2006-09-26 2018-10-17
7.8
None Remote Low Not required None None Complete
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
234 CVE-2006-4910 DoS 2006-09-20 2018-10-30
5.0
None Remote Low Not required None None Partial
The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet.
235 CVE-2006-4888 DoS 2006-09-19 2008-09-05
5.0
None Remote Low Not required None None Partial
Microsoft Internet Explorer 6 and earlier allows remote attackers to cause a denial of service (application hang) via a CSS-formatted HTML INPUT element within a DIV element that has a larger size than the INPUT.
236 CVE-2006-4855 399 DoS 2006-09-19 2018-10-17
4.9
None Local Low Not required None None Complete
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.
237 CVE-2006-4839 DoS 2006-11-01 2017-07-19
5.0
None Remote Low Not required None None Partial
Sophos Anti-Virus 5.1 allows remote attackers to cause a denial of service (memory consumption) via a file that is compressed with Petite and contains a large number of sections.
238 CVE-2006-4833 DoS 2006-09-15 2018-10-17
7.8
None Remote Low Not required None None Complete
Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SDM-92xx 9.x.x (R1) and earlier allow remote attackers to cause a denial of service (hang or reboot) via an ICMP packet with the same destination and source address and port, aka the "Land" vulnerability.
239 CVE-2006-4832 DoS Exec Code Overflow 2006-09-15 2018-10-17
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the telnet service in Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SDM-92xx 9.x.x (R1) and earlier allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via a long username.
240 CVE-2006-4820 DoS 2006-09-15 2018-10-17
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
241 CVE-2006-4811 189 DoS Exec Code Overflow 2006-10-18 2018-10-17
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image.
242 CVE-2006-4809 DoS Exec Code Overflow 2006-11-06 2017-07-19
5.1
User Remote High Not required Partial Partial Partial
Stack-based buffer overflow in loader_pnm.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM image.
243 CVE-2006-4808 DoS Exec Code Overflow 2006-11-06 2017-07-19
2.6
None Remote High Not required None None Partial
Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TGA image.
244 CVE-2006-4807 DoS 2006-11-06 2017-07-19
2.6
None Remote High Not required None None Partial
loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted TGA image that triggers an out-of-bounds memory read, a different issue than CVE-2006-4808.
245 CVE-2006-4806 DoS Exec Code Overflow 2006-11-06 2017-07-19
5.1
User Remote High Not required Partial Partial Partial
Multiple integer overflows in imlib2 allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) ARGB (loader_argb.c), (2) PNG (loader_png.c), (3) LBM (loader_lbm.c), (4) JPEG (loader_jpeg.c), or (5) TIFF (loader_tiff.c) images.
246 CVE-2006-4805 DoS 2006-10-27 2018-10-17
5.0
None Remote Low Not required None None Partial
epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal) 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service (memory consumption and crash) via an encoded XOT packet that produces a zero length value when it is decoded.
247 CVE-2006-4800 DoS Exec Code Overflow 2006-09-14 2018-10-30
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802.
248 CVE-2006-4795 DoS 2006-09-14 2018-10-17
4.6
None Local Low Single system None None Complete
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.11 and B.11.23 before 20060912 allows local users to cause a denial of service via unspecified vectors.
249 CVE-2006-4789 DoS Exec Code Overflow 2006-09-14 2017-10-18
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in Open Movie Editor 0.0.20060901 allows local users to cause a denial of service (system crash) or execute arbitrary code via a long project name in an open_movie_editor_project XML tag.
250 CVE-2006-4781 DoS Exec Code Overflow 2006-09-14 2017-10-18
7.5
User Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in FutureSoft TFTP Server Multithreaded (MT) 1.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code by sending a crafted packet to port 69/UDP, which triggers the overflow when constructing an absolute path name. NOTE: Some details are obtained from third party information.
Total number of vulnerabilities : 893   Page : 1 2 3 4 5 (This Page)6 7 8 9 10 11 12 13 14 15 16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.