CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2001(Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2001-1579 DoS 2001-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.
2 CVE-2001-1575 DoS Overflow 2001-12-31 2008-09-10
5.0
None Remote Low Not required None None Partial
Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing authentication is enabled, allows remote attackers to cause a denial of service via a long password, possibly due to a buffer overflow.
3 CVE-2001-1564 DoS 2001-12-31 2009-03-04
2.1
None Local Low Not required None None Partial
setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropeed, which could allow local users to cause a denial of service by exhausting available disk space.
4 CVE-2001-1560 DoS 2001-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and XP allows local users to cause a denial of service (system crash) by calling the ShowWindow function after receiving a WM_NCCREATE message.
5 CVE-2001-1559 DoS 2001-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.
6 CVE-2001-1558 DoS 2001-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Unknown vulnerability in IP defragmenter (frag2) in Snort before 1.8.3 allows attackers to cause a denial of service (crash).
7 CVE-2001-1554 DoS 2001-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets.
8 CVE-2001-1552 DoS 2001-12-31 2008-09-10
5.0
None Remote Low Not required None None Partial
ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message. NOTE: multiple replies to the original post state that the problem could not be reproduced.
9 CVE-2001-1540 DoS 2001-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a denial of service via fragmented IP packets that split the TCP header.
10 CVE-2001-1539 119 DoS Overflow 2001-12-31 2010-01-08
5.0
None Remote Low Not required None None Partial
Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet Explorer allows remote attackers to cause a denial of service (crash) via the JavaScript settimeout function. NOTE: the vendor could not reproduce the problem.
11 CVE-2001-1533 DoS 2001-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
** DISPUTED * Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service via a flood of fragmented UDP packets. NOTE: the vendor disputes this issue, saying that it requires high bandwidth to exploit, and the server does not experience any instability. Therefore this "laws of physics" issue might not be included in CVE.
12 CVE-2001-1531 DoS Exec Code Overflow 2001-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an email attachment with a long filename.
13 CVE-2001-1518 DoS 2001-12-31 2008-09-05
2.1
None Local Low Not required None None Partial
RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the vendor also presents a scenario in which other users could be affected if running on a Terminal Server. Therefore this is a vulnerability.
14 CVE-2001-1501 DoS 2001-12-31 2008-09-10
5.0
None Remote Low Not required None None Partial
The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls command with multiple (1) "*/..", (2) "*/.*", or (3) ".*./*?/" sequences in the argument.
15 CVE-2001-1496 DoS Exec Code Overflow 2001-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
16 CVE-2001-1491 DoS 2001-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Opera 5.11 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.
17 CVE-2001-1490 DoS 2001-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Mozilla 0.9.6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.
18 CVE-2001-1489 DoS 2001-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.
19 CVE-2001-1450 DoS 2001-05-11 2008-09-05
2.6
None Remote High Not required None None Partial
Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser crash) via a crafted FTP URL such as "/.#./".
20 CVE-2001-1439 DoS Overflow 2001-02-16 2008-09-05
2.1
None Local Low Not required None None Partial
Buffer overflow in the text editor functionality in HP-UX 10.01 through 11.04 on HP9000 Series 700 and Series 800 allows local users to cause a denial of service ("system availability") via text editors such as (1) e, (2) ex, (3) vi, (4) edit, (5) view, and (6) vedit.
21 CVE-2001-1438 DoS 2001-10-22 2008-09-05
5.0
None Remote Low Not required None None Partial
Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module installed allows remote attackers to cause a denial of service (PalmOS crash and VisorPhone database corruption) by sending a large or crafted SMS image.
22 CVE-2001-1435 DoS 2001-02-23 2008-09-05
5.0
None Remote Low Not required None None Partial
inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of service (network connection loss) by causing one of the services handled by inetd to core dump during startup, which causes inetd to stop accepting connections to all of its services.
23 CVE-2001-1429 DoS Exec Code Overflow 2001-11-12 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted text file.
24 CVE-2001-1421 DoS 2001-10-06 2008-09-05
5.0
None Remote Low Not required None None Partial
AOL Instant Messenger (AIM) 4.7 and earlier allows remote attackers to cause a denial of service (application crash) via a large number of different fonts followed by an HTML HR tag.
25 CVE-2001-1419 DoS 2001-10-02 2008-09-05
5.0
None Remote Low Not required None None Partial
AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of service (application crash) via an instant message that contains a large amount of "<!--" HTML comments.
26 CVE-2001-1418 DoS 2001-10-06 2008-09-05
5.0
None Remote Low Not required None None Partial
AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application crash) via a malformed WAV file.
27 CVE-2001-1417 DoS 2001-10-06 2008-09-05
5.0
None Remote Low Not required None None Partial
AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application hang or crash) via a buddy icon GIF file whose length and width values are larger than the actual image data.
28 CVE-2001-1405 DoS 2001-09-10 2008-09-05
2.1
None Local Low Not required None None Partial
Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, which allows local users to cause a denial of service (CPU consumption) via a flood of requests to sanitycheck.cgi.
29 CVE-2001-1400 DoS 2001-04-17 2008-09-05
2.1
None Local Low Not required None None Partial
Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock).
30 CVE-2001-1394 DoS 2001-04-17 2008-09-05
2.1
None Local Low Not required None None Partial
Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel before 2.2.19 allows local users to cause a denial of service.
31 CVE-2001-1393 DoS 2001-04-17 2008-09-05
2.1
None Local Low Not required None None Partial
Unknown vulnerability in classifier code for Linux kernel before 2.2.19 could result in denial of service (hang).
32 CVE-2001-1389 DoS Exec Code Overflow 2001-08-29 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional variants until 2.3.3, may allow remote attackers to cause a denial of service or execute arbitrary code, primarily via buffer overflows or improper NULL termination.
33 CVE-2001-1349 DoS +Priv 2001-05-28 2008-09-05
3.7
User Local High Not required Partial Partial Partial
Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.
34 CVE-2001-1347 DoS +Priv 2001-05-24 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Windows 2000 allows local users to cause a denial of service and possibly gain privileges by setting a hardware breakpoint that is handled using global debug registers, which could cause other processes to terminate due to an exception, and allow hijacking of resources such as named pipes.
35 CVE-2001-1342 DoS 2001-05-12 2008-09-10
5.0
None Remote Low Not required None None Partial
Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer.
36 CVE-2001-1337 DoS 2001-05-21 2008-09-05
5.0
None Remote Low Not required None None Partial
Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to cause a denial of service via a long HTTP request.
37 CVE-2001-1323 DoS Exec Code Overflow 2001-05-16 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output from the ftpglob function.
38 CVE-2001-1321 DoS Exec Code 2001-07-16 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid encodings of BER OBJECT-IDENTIFIER values, as demonstrated by the PROTOS LDAPv3 test suite.
39 CVE-2001-1320 DoS Exec Code Overflow 2001-07-16 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via exceptional BER encodings (possibly buffer overflows), as demonstrated by the PROTOS LDAPv3 test suite.
40 CVE-2001-1319 DoS 2001-07-16 2008-09-05
5.0
None Remote Low Not required None None Partial
Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial of service (hang) via exceptional BER encodings for the LDAP filter type field, as demonstrated by the PROTOS LDAPv3 test suite.
41 CVE-2001-1318 DoS Exec Code 2001-07-16 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
42 CVE-2001-1317 DoS Exec Code 2001-07-16 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Teamware Office Enterprise Directory allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, via invalid encodings for certain BER object types, as demonstrated by the PROTOS LDAPv3 test suite.
43 CVE-2001-1316 DoS Exec Code Overflow 2001-07-16 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflows in Teamware Office Enterprise Directory allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
44 CVE-2001-1315 DoS Exec Code 2001-07-16 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed BER encodings, as demonstrated by the PROTOS LDAPv3 test suite.
45 CVE-2001-1314 DoS Exec Code Overflow 2001-07-16 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflows in Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
46 CVE-2001-1313 DoS Exec Code 2001-07-16 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Lotus Domino R5 before R5.0.7a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via miscellaneous packets with semi-valid BER encodings, as demonstrated by the PROTOS LDAPv3 test suite.
47 CVE-2001-1312 DoS Exec Code 2001-07-16 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Format string vulnerabilities in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
48 CVE-2001-1311 DoS Exec Code Overflow 2001-07-16 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
49 CVE-2001-1310 DoS Exec Code 2001-07-16 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, via invalid encodings for the L field of a BER encoding, as demonstrated by the PROTOS LDAPv3 test suite.
50 CVE-2001-1309 DoS Exec Code Overflow 2001-07-16 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
Total number of vulnerabilities : 402   Page : 1 (This Page)2 3 4 5 6 7 8 9
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.