CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2008(Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
301 CVE-2008-3614 189 DoS Exec Code Overflow 2008-09-10 2018-10-30
6.8
User Remote Medium Not required Partial Partial Partial
Integer overflow in Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image, which triggers heap corruption.
302 CVE-2008-3613 399 DoS 2008-09-16 2017-08-07
6.1
None Local Network Low Not required None None Complete
Finder in Apple Mac OS X 10.5.2 through 10.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving a search for a remote disk on the local network.
303 CVE-2008-3608 399 DoS Exec Code Mem. Corr. 2008-09-16 2017-08-07
9.3
Admin Remote Medium Not required Complete Complete Complete
ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted JPEG image with an embedded ICC profile.
304 CVE-2008-3607 20 DoS 2008-08-12 2018-10-11
5.0
None Remote Low Not required None None Partial
The IMAP server in NoticeWare Email Server NG 4.6.3 and earlier allows remote attackers to cause a denial of service (daemon crash) via multiple long LOGIN commands.
305 CVE-2008-3606 119 DoS Exec Code Overflow 2008-08-12 2018-10-11
6.5
None Remote Low Single system Partial Partial Partial
Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command. NOTE: some of these details are obtained from third party information.
306 CVE-2008-3597 20 DoS 2008-08-12 2017-08-07
5.0
None Remote Low Not required None None Partial
Skulltag before 0.97d2-RC6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by sending a "command 29" packet when the player is not in the game.
307 CVE-2008-3584 20 DoS 2008-09-11 2017-08-07
9.3
Admin Remote Medium Not required Complete Complete Complete
NetBSD 3.0, 3.1, and 4.0, when a pppoe instance exists, does not properly check the length of a PPPoE packet tag, which allows remote attackers to cause a denial of service (system crash) via a crafted PPPoE packet.
308 CVE-2008-3578 20 DoS 2008-08-10 2017-09-28
5.0
None Remote Low Not required None None Partial
HydraIRC 0.3.164 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a long irc:// URI.
309 CVE-2008-3576 119 DoS Exec Code Overflow 2008-08-10 2017-08-07
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the TruncateString function in src/gfx.cpp in OpenTTD before 0.6.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string. NOTE: some of these details are obtained from third party information.
310 CVE-2008-3571 20 DoS 2008-08-10 2017-09-28
7.8
None Remote Low Not required None None Complete
The Xerox Phaser 8400 allows remote attackers to cause a denial of service (reboot) via an empty UDP packet to port 1900.
311 CVE-2008-3549 399 DoS 2008-08-07 2017-09-28
4.7
None Local Medium Not required None None Complete
Unspecified vulnerability in the pthread_mutex_reltimedlock_np API in Sun Solaris 10 and OpenSolaris before snv_90 allows local users to cause a denial of service (system hang or panic) via unknown vectors.
312 CVE-2008-3548 DoS 2008-08-07 2017-08-07
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in the Sun Netra T5220 Server with firmware 7.1.3 allows local users to cause a denial of service (panic) via unknown vectors.
313 CVE-2008-3545 DoS 2008-10-13 2017-08-07
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in ovtopmd in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3536, CVE-2008-3537, and CVE-2008-3544. NOTE: due to insufficient details from the vendor, it is not clear whether this is the same as CVE-2008-1853.
314 CVE-2008-3543 DoS 2008-10-07 2017-08-07
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in NFS / ONCplus B.11.31_04 and earlier on HP-UX B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors.
315 CVE-2008-3537 DoS 2008-09-03 2009-01-29
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3536.
316 CVE-2008-3536 DoS 2008-09-03 2009-01-29
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3537.
317 CVE-2008-3535 189 DoS 2008-08-08 2018-10-30
4.9
None Local Low Not required None None Complete
Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the Linux Test Project.
318 CVE-2008-3534 399 DoS 2008-08-08 2018-10-30
4.9
None Local Low Not required None None Complete
The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to allocation of "useless pages" and improper maintenance of the i_blocks count.
319 CVE-2008-3530 20 DoS 2008-09-05 2017-08-07
7.1
None Remote Medium Not required None None Complete
sys/netinet6/icmp6.c in the kernel in FreeBSD 6.3 through 7.1, NetBSD 3.0 through 4.0, and possibly other operating systems does not properly check the proposed new MTU in an ICMPv6 Packet Too Big Message, which allows remote attackers to cause a denial of service (panic) via a crafted Packet Too Big Message.
320 CVE-2008-3529 119 DoS Exec Code Overflow 2008-09-12 2018-10-03
10.0
Admin Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.
321 CVE-2008-3528 264 DoS 2008-09-27 2018-10-11
2.1
None Local Low Not required None None Partial
The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries.
322 CVE-2008-3527 264 DoS +Priv 2008-11-05 2017-09-28
4.6
User Local Low Not required Partial Partial Partial
arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the install_special_mapping, syscall, and syscall32_nopage functions.
323 CVE-2008-3526 189 DoS Overflow 2008-08-27 2017-08-07
7.8
None Remote Low Not required None None Complete
Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option.
324 CVE-2008-3521 59 DoS File Inclusion 2008-10-02 2017-08-07
7.2
Admin Local Low Not required Complete Complete Complete
Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to cause a denial of service (program exit) by creating the appropriate tmp.XXXXXXXXXX temporary file, which causes Jasper to exit. NOTE: this was originally reported as a symlink issue, but this was incorrect. NOTE: some vendors dispute the severity of this issue, but it satisfies CVE's requirements for inclusion.
325 CVE-2008-3502 DoS 2008-08-06 2017-08-07
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 allows remote authenticated users to cause a denial of service (CPU or memory consumption) via unspecified vectors related to the Devel::StackTrace module for Perl.
326 CVE-2008-3493 20 DoS 2008-08-06 2017-09-28
5.0
None Remote Low Not required None None Partial
vncviewer.exe in RealVNC Windows Client 4.1.2.0 allows remote VNC servers to cause a denial of service (application crash) via a crafted frame buffer update packet.
327 CVE-2008-3492 20 DoS 2008-08-06 2018-10-11
5.0
None Remote Low Not required None None Partial
America's Army (aka AA or Army Game Project) 2.8.3.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted UDP packet, probably involving a VoiceIndex value that is outside of the range specified by VOICE_MAX_CHATTERS.
328 CVE-2008-3465 119 DoS Exec Code Overflow 2008-12-10 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows context-dependent attackers to cause a denial of service or execute arbitrary code via a WMF file with a malformed file-size parameter, which would not be properly handled by a third-party application that uses this API for a copy operation, aka "GDI Heap Overflow Vulnerability."
329 CVE-2008-3450 264 DoS +Priv 2008-08-04 2018-10-30
7.2
Admin Local Low Not required Complete Complete Complete
Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 through 10 allows local users to gain privileges or cause a denial of service (panic) via unspecified vectors.
330 CVE-2008-3449 399 DoS 2008-08-04 2017-08-07
5.0
None Remote Low Not required None None Partial
MailEnable Professional 3.5.2 and Enterprise 3.52 allow remote attackers to cause a denial of service (crash) via multiple IMAP connection requests to the same folder.
331 CVE-2008-3447 399 DoS 2008-08-04 2017-09-28
5.0
None Remote Low Not required None None Partial
The scanning engine in F-Prot Antivirus 6.2.1 4252 allows remote attackers to cause a denial of service (infinite loop) via a malformed ZIP archive, probably related to invalid offsets.
332 CVE-2008-3444 20 DoS 2008-08-04 2017-08-07
4.3
None Remote Medium Not required None None Partial
The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted but well-formed web page that contains "a simple set of legitimate HTML tags."
333 CVE-2008-3443 399 DoS 2008-08-14 2018-10-03
5.0
None Remote Low Not required None None Partial
The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash) via multiple long requests to a Ruby socket, related to memory allocation failure, and as demonstrated against Webrick.
334 CVE-2008-3429 119 DoS Exec Code Overflow 2008-07-31 2017-08-07
6.8
User Remote Medium Not required Partial Partial Partial
Buffer overflow in URI processing in HTTrack and WinHTTrack before 3.42-3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL.
335 CVE-2008-3426 DoS 2008-07-31 2018-10-30
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld) in Sun Solaris 8 through 10, and OpenSolaris builds snv_01 through snv_95, allows local users to cause a denial of service via unknown vectors that prevent operation of utilities such as prtdiag, prtpicl, and prtfru.
336 CVE-2008-3410 20 DoS 2008-07-31 2018-10-11
5.0
None Remote Low Not required None None Partial
Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a UDP packet in which the value of a certain size field is greater than the total packet length, aka attack 2 in ut3mendo.c.
337 CVE-2008-3409 119 DoS Exec Code Overflow Mem. Corr. 2008-07-31 2018-10-11
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a UDP packet containing a large value in a certain size field, followed by a data string of that size, aka attack 1 in ut3mendo.c.
338 CVE-2008-3396 20 DoS 2008-07-31 2018-10-11
5.0
None Remote Low Not required None None Partial
Unreal Tournament 2004 (UT2004) 3369 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a certain sequence of malformed packets.
339 CVE-2008-3373 189 DoS 2008-07-30 2018-10-11
5.0
None Remote Low Not required None None Partial
The files parsing engine in Grisoft AVG Anti-Virus before 8.0.156 allows remote attackers to cause a denial of service (engine crash) via a crafted UPX compressed file, which triggers a divide-by-zero error.
340 CVE-2008-3350 DoS 2008-07-28 2017-08-07
5.0
None Remote Low Not required None None Partial
dnsmasq 2.43 allows remote attackers to cause a denial of service (daemon crash) by (1) sending a DHCPINFORM while lacking a DHCP lease, or (2) attempting to renew a nonexistent DHCP lease for an invalid subnet as an "unknown client," a different vulnerability than CVE-2008-3214.
341 CVE-2008-3349 264 DoS Exec Code +Info 2008-07-28 2017-08-07
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. NOTE: this may overlap CVE-2008-3160.
342 CVE-2008-3314 20 DoS 2008-07-25 2018-10-11
5.0
None Remote Low Not required None None Partial
ZDaemon 1.08.07 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted type 6 command, which triggers a NULL pointer dereference.
343 CVE-2008-3290 399 DoS Mem. Corr. 2008-07-24 2018-10-11
5.0
None Remote Low Not required None None Partial
retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows remote attackers to cause a denial of service (daemon crash) via a series of long packets containing 0x00 characters to TCP port 497 that trigger memory corruption, probably involving an English product version on a Chinese OS version.
344 CVE-2008-3287 20 DoS 2008-07-24 2018-10-11
5.0
None Remote Low Not required None None Partial
retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows remote attackers to cause a denial of service (daemon crash) via malformed packets to TCP port 497, which trigger a NULL pointer dereference.
345 CVE-2008-3286 20 DoS 2008-07-24 2017-08-07
5.0
None Remote Low Not required None None Partial
SWAT 4 1.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) VERIFYCONTENT or (2) GAMECONFIG command sent to the server before user session initialization, which triggers a NULL pointer dereference; or (3) a GAMESPYRESPONSE command followed by a long RS string.
346 CVE-2008-3283 399 DoS 2008-08-29 2017-09-28
7.8
None Remote Low Not required None None Complete
Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authentication / bind phase and (2) anonymous LDAP search requests.
347 CVE-2008-3282 189 DoS Exec Code Overflow 2008-08-29 2017-09-28
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document, related to a "numeric truncation error," a different vulnerability than CVE-2008-2152.
348 CVE-2008-3281 399 DoS 2008-08-27 2018-10-11
4.3
None Remote Medium Not required None None Partial
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.
349 CVE-2008-3276 189 DoS Overflow 2008-08-18 2018-10-30
7.1
None Remote Medium Not required None None Complete
Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and Change R options without at least one byte in the dccpsf_val field.
350 CVE-2008-3275 399 DoS Overflow 2008-08-12 2018-10-30
4.9
None Local Low Not required None None Complete
The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories.
Total number of vulnerabilities : 894   Page : 1 2 3 4 5 6 7 (This Page)8 9 10 11 12 13 14 15 16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.