Filtered by CWE-399
Filtered by vendor Subscriptions
Total 2704 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-4333 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2024-11-21 N/A
The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory.
CVE-2006-4257 1 Ibm 1 Db2 2024-11-21 N/A
IBM DB2 Universal Database (UDB) before 8.1 FixPak 13 allows remote authenticated users to cause a denial of service (crash) by (1) sending the first ACCSEC command without an RDBNAM parameter during the CONNECT process, or (2) sending crafted SQLJRA packet, which results in a null dereference.
CVE-2006-4145 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-21 N/A
The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command.
CVE-2006-3840 1 Iss 10 Blackice Pc Protection, Blackice Server Protection, Proventia A Series Xpu and 7 more 2024-11-21 N/A
The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.
CVE-2006-3631 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2024-11-21 N/A
Unspecified vulnerability in the SSH dissector in Wireshark (aka Ethereal) 0.9.10 to 0.99.0 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
CVE-2006-3627 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2024-11-21 N/A
Unspecified vulnerability in the GSM BSSMAP dissector in Wireshark (aka Ethereal) 0.10.11 to 0.99.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors.
CVE-2006-3277 1 Mailenable 2 Mailenable Enterprise, Mailenable Professional 2024-11-21 N/A
The SMTP service of MailEnable Standard 1.92 and earlier, Professional 2.0 and earlier, and Enterprise 2.0 and earlier before the MESMTPC hotfix, allows remote attackers to cause a denial of service (application crash) via a HELO command with a null byte in the argument, possibly triggering a length inconsistency or a missing argument.
CVE-2006-3127 1 Sun 2 Java Enterprise System, Java System Directory Server 2024-11-21 N/A
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations.
CVE-2006-3122 1 Isc 1 Dhcpd 2024-11-21 N/A
The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes the server to exit with "corrupt lease uid."
CVE-2006-3121 1 High Availability Linux Project 1 Heartbeat 2024-11-21 N/A
The peel_netstring function in cl_netstring.c in the heartbeat subsystem in High-Availability Linux before 1.2.5, and 2.0 before 2.0.7, allows remote attackers to cause a denial of service (crash) via the length parameter in a heartbeat message.
CVE-2006-3083 3 Heimdal, Mit, Redhat 3 Heimdal, Kerberos 5, Enterprise Linux 2024-11-21 N/A
The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, when running on Linux and AIX, and (b) Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which allows local users to gain privileges by causing setuid to fail to drop privileges using attacks such as resource exhaustion.
CVE-2006-3068 1 Ibm 1 Db2 Universal Database 2024-11-21 N/A
IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of service (application crash) by sending "incorrect information ... regarding the package name/creator," which leads to a "memory overwrite."
CVE-2006-2940 2 Openssl, Redhat 3 Openssl, Enterprise Linux, Network Satellite 2024-11-21 N/A
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification.
CVE-2006-2937 2 Openssl, Redhat 3 Openssl, Enterprise Linux, Network Satellite 2024-11-21 N/A
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition.
CVE-2006-2936 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-21 N/A
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued.
CVE-2006-2934 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-21 N/A
SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference a pointer.
CVE-2006-2451 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-21 N/A
The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions.
CVE-2006-2276 2 Quagga, Redhat 2 Quagga, Enterprise Linux 2024-11-21 N/A
bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface.
CVE-2006-2093 1 Nessus 1 Nessus 2024-11-21 N/A
Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of service (memory consumption) via a NASL script that calls split with an invalid sep parameter. NOTE: a design goal of the NASL language is to facilitate sharing of security tests by guaranteeing that a script "can not do anything nasty." This issue is appropriate for CVE only if Nessus users have an expectation that a split statement will not use excessive memory.
CVE-2006-2069 1 Powerdns 1 Powerdns 2024-11-21 N/A
The recursor in PowerDNS before 3.0.1 allows remote attackers to cause a denial of service (application crash) via malformed EDNS0 packets.