Security Vulnerabilities, CVEs, Published In November 1999 (Denial of service)

Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.

Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word.

Cabletron SmartSwitch Router (SSR) 8000 firmware 2.x can only handle 200 ARP requests per second allowing a denial of service attack to succeed with a flood of ARP requests exceeding that limit.

Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions 4.2d and 4.3 and QVT/Net 4.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long (1) user name or (2) password.

Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause a denial of service (hang) via a long password argument to the login.htm file in its HTTP service.

Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password.

Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service (crash) and possibly execute arbitrary commands via (1) a long PASS command in the POP3 service, (2) a long HELO command in the SMTP service, or (3) a long user name in the Control Service.

Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.

Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 14238 while the manager is in network mode.

Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via several long CWD commands.

Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.

Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username.

Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request.

Denial of service in BIND named via naptr.

Denial of service in BIND named via maxdname.

Denial of service in BIND named via consuming more than "fdmax" file descriptors.

Denial of service in MDaemon WorldClient and WebConfig services via a long URL.

Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port.

Denial of service in BIND by improperly closing TCP sessions via so_linger.

Denial of service in BIND named via malformed SIG records.

Denial of service in Linux syslogd via a large number of connections.