Oracle : Security Vulnerabilities, CVEs, Published In 2002 (Denial of service)
Buffer overflows in PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allow remote attackers to cause a denial of service or execute arbitrary code via (1) a long help page request without a dadname, which overflows the resulting HTTP Location header, (2) a long HTTP request to the plsql module, (3) a long password in the HTTP Authorization, (4) a long Access Descriptor (DAD) password in the addadd form, or (5) a long cache directory name.
Max CVSS
7.5
EPSS Score
3.17%
Published
2002-07-03
Updated
2017-12-19
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code.
Max CVSS
7.5
EPSS Score
1.87%
Published
2002-08-12
Updated
2008-09-10
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
Max CVSS
7.5
EPSS Score
0.51%
Published
2002-10-11
Updated
2021-06-06
libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Max CVSS
7.5
EPSS Score
1.14%
Published
2002-12-23
Updated
2019-10-07
Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and (2) a request to TCP port 4000 with a large number of "." characters.
Max CVSS
5.0
EPSS Score
2.06%
Published
2002-03-25
Updated
2017-12-19
The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote attackers to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chunked Transfer-Encoding with missing data.
Max CVSS
5.0
EPSS Score
90.22%
Published
2002-11-04
Updated
2008-09-10
Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a single malformed TCP packet to port 1521.
Max CVSS
5.0
EPSS Score
2.61%
Published
2002-08-12
Updated
2008-09-05
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to cause a denial of service (crash) via an HTTP Authorization header without an authentication type.
Max CVSS
5.0
EPSS Score
1.39%
Published
2002-07-03
Updated
2018-05-03
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.
Max CVSS
5.0
EPSS Score
6.61%
Published
2002-08-12
Updated
2008-09-10
SQL*NET listener for Oracle Net Oracle9i 9.0.x and 9.2 allows remote attackers to cause a denial of service (crash) via certain debug requests that are not properly handled by the debugging feature.
Max CVSS
5.0
EPSS Score
0.52%
Published
2002-09-05
Updated
2008-09-10
TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and 9.0.x, and Oracle 8i 8.1.x, allows remote attackers to cause a denial of service (hang or crash) via a SERVICE_CURLOAD command.
Max CVSS
5.0
EPSS Score
10.70%
Published
2002-10-28
Updated
2008-09-11
Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.
Max CVSS
5.0
EPSS Score
4.04%
Published
2002-12-23
Updated
2019-10-07
12 vulnerabilities found