Security Vulnerabilities, CVEs, Published In November 2003 (Denial of service)
Unichat allows remote attackers to cause a denial of service (crash) by adding extra chat characters (avatars) and logging in to a chat room, as demonstrated using duplicate ACTOR entries in u2res000.rit.
Max CVSS
5.0
EPSS Score
1.66%
Published
2003-11-02
Updated
2017-07-11
Monit 1.4 to 4.1 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request with a negative Content-Length field.
Max CVSS
5.0
EPSS Score
6.47%
Published
2003-11-24
Updated
2017-07-11
Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbitrary code via a long command line argument (argv[]).
Max CVSS
4.6
EPSS Score
0.32%
Published
2003-11-03
Updated
2017-07-11
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
Max CVSS
5.0
EPSS Score
0.47%
Published
2003-11-17
Updated
2019-03-25
Buffer overflow in m_join in channel.c for IRCnet IRCD 2.10.x to 2.10.3p3 allows remote attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
5.08%
Published
2003-11-17
Updated
2017-07-11
Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post with a long author email address.
Max CVSS
7.8
EPSS Score
1.50%
Published
2003-11-03
Updated
2008-09-05
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.
Max CVSS
5.0
EPSS Score
0.65%
Published
2003-11-17
Updated
2008-09-10
Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service (crash) in sylpheed via format strings in an error message.
Max CVSS
5.0
EPSS Score
0.42%
Published
2003-11-17
Updated
2017-07-11
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities.
Max CVSS
5.1
EPSS Score
60.83%
Published
2003-11-17
Updated
2024-02-15
The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests.
Max CVSS
5.0
EPSS Score
1.12%
Published
2003-11-17
Updated
2008-09-10
GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows attackers to cause a denial of service (resource exhaustion) by sending commands and not reading the results.
Max CVSS
2.1
EPSS Score
0.06%
Published
2003-11-17
Updated
2017-07-11
GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not restrict the size of input, which allows attackers to cause a denial of service (memory consumption).
Max CVSS
2.1
EPSS Score
0.06%
Published
2003-11-17
Updated
2017-07-11
Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (crash) via a certain email.
Max CVSS
5.0
EPSS Score
3.55%
Published
2003-11-17
Updated
2017-07-11
CVE-2003-0714
Public exploit
The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000.
Max CVSS
7.5
EPSS Score
9.16%
Published
2003-11-17
Updated
2020-04-09
Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.
Max CVSS
10.0
EPSS Score
51.11%
Published
2003-11-17
Updated
2024-02-02
OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used.
Max CVSS
5.0
EPSS Score
37.85%
Published
2003-11-17
Updated
2018-05-03
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
Max CVSS
5.0
EPSS Score
95.93%
Published
2003-11-17
Updated
2018-05-03
Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
Max CVSS
7.2
EPSS Score
0.10%
Published
2003-11-03
Updated
2021-06-06
OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechanisms, which allows remote attackers to cause a denial of service (crash) via certain messages that cause OpenSSL to abort from a failed assertion, as demonstrated using SSLv2 CLIENT_MASTER_KEY messages, which are not properly handled in s2_srvr.c.
Max CVSS
5.0
EPSS Score
1.11%
Published
2003-11-17
Updated
2016-10-18
19 vulnerabilities found