GNU : Security Vulnerabilities, CVEs, Published In 2004 (Denial of service) CVSS score >= 5
X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys.
Max CVSS
7.8
EPSS Score
1.88%
Published
2004-12-31
Updated
2017-07-11
Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code.
Max CVSS
7.5
EPSS Score
0.86%
Published
2004-12-31
Updated
2017-07-11
Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an "infinite" Unique IDentification Listing (UIDL) list.
Max CVSS
5.0
EPSS Score
1.57%
Published
2004-12-31
Updated
2017-07-11
Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a vulnerability unless there are plausible scenarios under which privilege boundaries could be crossed
Max CVSS
6.4
EPSS Score
0.17%
Published
2004-12-31
Updated
2024-04-11
The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash).
Max CVSS
5.0
EPSS Score
1.45%
Published
2004-08-09
Updated
2017-07-11
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).
Max CVSS
5.0
EPSS Score
2.33%
Published
2004-12-31
Updated
2018-10-19
Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests.
Max CVSS
5.0
EPSS Score
0.75%
Published
2004-12-23
Updated
2017-07-11
The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service (server crash) via malformed SNMP messages containing an invalid OID.
Max CVSS
5.0
EPSS Score
0.93%
Published
2004-12-06
Updated
2017-07-11
Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field.
Max CVSS
5.0
EPSS Score
0.22%
Published
2004-06-01
Updated
2008-09-05
The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference.
Max CVSS
5.0
EPSS Score
2.52%
Published
2004-03-03
Updated
2017-10-10
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
Max CVSS
5.0
EPSS Score
1.51%
Published
2004-03-03
Updated
2017-10-10
Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitrary code during key retrieval.
Max CVSS
7.5
EPSS Score
3.47%
Published
2004-01-05
Updated
2017-07-11
12 vulnerabilities found