Redhat : Security Vulnerabilities, CVEs, Published In 2008 (Denial of service) CVSS score >= 6
Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authentication / bind phase and (2) anonymous LDAP search requests.
Max CVSS
7.8
EPSS Score
10.89%
Published
2008-08-29
Updated
2017-09-29
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.
Max CVSS
6.5
EPSS Score
0.69%
Published
2008-08-27
Updated
2024-02-02
Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via % (percent) encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-2929.
Max CVSS
7.5
EPSS Score
8.41%
Published
2008-09-12
Updated
2023-02-13
Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service (CPU consumption and search outage) via crafted LDAP search requests with patterns, related to a single-threaded regular-expression subsystem.
Max CVSS
7.1
EPSS Score
9.72%
Published
2008-08-29
Updated
2017-09-29
Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header.
Max CVSS
10.0
EPSS Score
59.37%
Published
2008-08-29
Updated
2017-09-29
Memory leak in a certain Red Hat deployment of vsftpd before 2.0.5 on Red Hat Enterprise Linux (RHEL) 3 and 4, when PAM is used, allows remote attackers to cause a denial of service (memory consumption) via a large number of invalid authentication attempts within the same session, a different vulnerability than CVE-2007-5962.
Max CVSS
7.1
EPSS Score
8.65%
Published
2008-07-09
Updated
2023-02-13
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
Max CVSS
7.5
EPSS Score
1.47%
Published
2008-05-23
Updated
2017-09-29
Buffer overflow in the regular expression handler in Red Hat Directory Server 8.0 and 7.1 before SP6 allows remote attackers to cause a denial of service (slapd crash) and possibly execute arbitrary code via a crafted LDAP query that triggers the overflow during translation to a regular expression.
Max CVSS
7.5
EPSS Score
6.26%
Published
2008-05-12
Updated
2022-02-03
The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.
Max CVSS
7.1
EPSS Score
0.31%
Published
2008-05-08
Updated
2017-09-29
Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.
Max CVSS
7.1
EPSS Score
5.69%
Published
2008-05-22
Updated
2023-02-13
The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service (panic) via invalid arguments to set_mempolicy in an MPOL_BIND operation.
Max CVSS
7.2
EPSS Score
0.04%
Published
2008-02-05
Updated
2017-09-29
11 vulnerabilities found