Redhat : Security Vulnerabilities, CVEs, Published In 2007 (Denial of service) CVSS score >= 2
Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.
Max CVSS
4.9
EPSS Score
0.07%
Published
2007-12-18
Updated
2022-02-25
Memory leak in the Red Hat Content Accelerator kernel patch in Red Hat Enterprise Linux (RHEL) 4 and 5 allows local users to cause a denial of service (memory consumption) via a large number of open requests involving O_ATOMICLOOKUP.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-11-30
Updated
2017-09-29
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
Max CVSS
7.2
EPSS Score
93.25%
Published
2007-10-11
Updated
2018-10-15
Unspecified vulnerability in the "stack unwinder fixes" in kernel in Red Hat Enterprise Linux 5, when running on AMD64 and Intel 64, allows local users to cause a denial of service via unknown vectors.
Max CVSS
4.7
EPSS Score
0.04%
Published
2007-10-23
Updated
2017-09-29
The ricci daemon in Red Hat Conga 0.10.0 allows remote attackers to cause a denial of service (loss of new connections) by repeatedly sending data or attempting connections.
Max CVSS
5.0
EPSS Score
4.05%
Published
2007-11-14
Updated
2017-09-29
mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors.
Max CVSS
4.7
EPSS Score
0.04%
Published
2007-09-14
Updated
2017-09-29
Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command.
Max CVSS
2.1
EPSS Score
0.04%
Published
2007-09-17
Updated
2017-10-11
Buffer overflow in cluster/cman/daemon/daemon.c in cman (redhat-cluster-suite) before 20070622 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via long client messages.
Max CVSS
4.6
EPSS Score
0.04%
Published
2007-06-25
Updated
2017-10-11
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."
Max CVSS
4.7
EPSS Score
0.04%
Published
2007-06-20
Updated
2022-09-21
usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the semaphore.
Max CVSS
2.1
EPSS Score
0.04%
Published
2007-06-14
Updated
2017-10-11
usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss).
Max CVSS
2.1
EPSS Score
0.34%
Published
2007-06-14
Updated
2017-10-11
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.
Max CVSS
5.0
EPSS Score
0.58%
Published
2007-03-30
Updated
2022-02-03
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.
Max CVSS
7.5
EPSS Score
11.25%
Published
2007-03-06
Updated
2024-02-02
Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.
Max CVSS
10.0
EPSS Score
13.77%
Published
2007-02-20
Updated
2017-10-11
The Linux kernel before 2.6.9-42.0.8 in Red Hat 4.4 allows local users to cause a denial of service (kernel OOPS from null dereference) via fput in a 32-bit ioctl on 64-bit x86 systems, an incomplete fix of CVE-2005-3044.1.
Max CVSS
4.6
EPSS Score
0.04%
Published
2007-06-26
Updated
2017-10-11
The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to "MT exec + utrace_attach spin failure mode," as demonstrated by ptrace-thrash.c.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-05-02
Updated
2017-10-11
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.
Max CVSS
7.5
EPSS Score
5.12%
Published
2007-01-30
Updated
2022-07-21
The file watch implementation in the audit subsystem (auditctl -w) in the Red Hat Enterprise Linux (RHEL) 4 kernel 2.6.9 allows local users to cause a denial of service (kernel panic) by replacing a watched file, which does not cause the watch on the old inode to be dropped.
Max CVSS
4.7
EPSS Score
0.04%
Published
2007-03-02
Updated
2017-10-11
Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified "subpattern containing a named recursion or subroutine reference," which allows context-dependent attackers to cause a denial of service (error or crash).
Max CVSS
4.3
EPSS Score
1.45%
Published
2007-12-03
Updated
2017-10-11
Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.
Max CVSS
7.2
EPSS Score
0.09%
Published
2007-01-30
Updated
2023-02-13
20 vulnerabilities found