If this is your first time visiting the DoS DB, please take a minute to read the following ABOUT the database. For more information on Denial of Service, visit the DoS Help Desk. [Firewalls] [Routers] [Browser/Web] [Windows] [Netware] [MacOS] [AIX] [BSD] [HPUX] [Irix] [Linux] [Sun/Solaris] [OSF/DGUX] [Misc Unix] [TCP/IP] [Mail] [IRC] [DNS] [X-Windows] [Apache] [Oracle/SQL] [Quake] [Everything Else]
New Additions ------------- 2100-228.dos L* S O 2.1.00 - 2.2.8 IP Options 2189-223.dos L* N O 2.1.89 - 2.2.3 IP Fragment crash 2200-229.dos L* N O 2.2.x ICMP Kernel Panic bayn1000.dos Ro N O Bay Networks c1000 login crash e4direct.dos W* N O IE4 "DirectDraw" Bug ftpsrv25.dos WT N O FTP Serv-U 2.5 FTP command crash Firewalls OS A T // Cisco PIX, Firewall 1, etc. --------- wfirebox.dos * N O Watchguard Firebox - internal spoofed scan drops pix-intr.dos FW N O Cisco PIX FW - DoS internal IPs via fragmented packets consl-12.dos FW N O Conseal FW pre-1.2 flood 'learning' mode or logging Routers OS A T // 3com, Ascend, Cisco, Livingston, etc ------- isscisco.dos Ro N O Several Cisco - reset switch remotely breezcm1.dos Ro N O BreezeCOM tftp firmware crash breezcm2.dos Ro N O BreezeCOM remotely reboot router iosyslog.dos Ro N O Cisco IOS - invalid udp packet crash syslog osi-rmat.dos Ro N O OSICom Routermate TCP crash ms-sms12.dos * N O W*/Cisco - System Management Service 1.2 DoS xylg-64p.dos Ro N O Xylogics 64 character ping crashes router 3com-ip0.dos Ro N O 3com routers/bridges/hubs IP/TCP to management port ap75pass.dos Ro N O Ascend Pipeline 75 - passwd prompt denial asc-nzlt.dos Ro S O Ascend Router - remote crash via non-zero length tcp offset ascsni26.dos Ro N O Ascend Router - remote reboot via UDP port 9 [SNI 26] ascm-50a.dos Ro N O Ascend Max 5.0A port 150 reboot router cisc2500.dos Ro N O Cisco 2500 (IOS 10.2) denial via port 7 cisc-7xx.dos Ro N O Cisco 7xx (IOS 4.1(x)) passwd overflow cisc1005.dos Ro S O Cisco 1005 MTU=15k - crash cistron.dos Ro N O Cistron Radius - remote crash liv-dos1.dos Ro N O Livingston 1.16 + 2.0.1 Framed-Filter-Id crash liv-dos2.dos Ro N O Livingston x.x (all) portmaster crash via remote overflow liv-os37.dos Ro N O Lvingston pre 3.7 portmasters - telnet reboot bgp-quer.dos Ro N O GBP Routing protocol - query saturation flood route-7.dos Ro N O General Overview of crashing routers via port 7 cisco12.dos Ro N O IOS 11.x login access allows crash/reload cpqmic6k.dos Ro N O Microcom 4.0.1x - deny access to admin control, brute force not hindered flowpt2k.dos Ro N O Flowpoint DSL 2000 1.2.3 deny login, no auth Browsers/Web OS A T // Netscape, MSIE (not OS specific) ------------ htmlfram.dos W* N O MSIE/NT crash via bad frames msie-40x.dos * N O MSIE 4.x long "width=000..." in an <img> tag mse4-ciu.dos W* N O MSIE 4/5 - hostile applet crash browser and OS nsc-mail.dos * N O Netscape - crash with various headers wwwboard.dos Ht N O CGI wwwboard - overwrite files on remote server ns4x-cgi.dos Ht N O content-type of "internal/parser" crashes Netscape 4.x ns4x-all.dos Ht N O Netscape 4.x - crash with 'table' and 'td' tags ns4-bmrk.dos Ht N O Netscape 4.x - crash via long bookmarks br-frame.dos Ht N O Crash Web Browsers via recursive frames (IE4/NS) moz-kill.dos Ht N O Netscape 2.0/3.0 - link to this CGI to crash java-awt.dos Ht - O javascript - open many unclosable windows (recursive) ie40-lb.dos Ht N O IE 4.0 single # infinite recursion opera.dos Ht C O Opera Browser crashes with extra / iisj102.dos Ht N O IIS/Java 1.0.2 varying length URL Windows OS A T // 3.11, Win95, WinNT ------- icq-1700.dos W* N O ICQ99a build #1700 - malformed URL denial iis-nlst.dos W* N O IIS Remote FTP denial iisexair.dos W* N O IIS sample 'ExAir' denial ipartybo.dos W* N O iParty port 6004 - overflow and crash netbus11.dos W* N O Netbus 1.1 remote overflow crash ntmaxpth.dos WT S O NT MAX_PATH - click on file crash machine wiis-get.dos W* N O GET Requests consume resources win-icmp.dos W* N O ICMP/Redirect-host message storm freeze Win9x/NT(sp4) winservu.dos W* N O Serve-U FTP - crash wsftp10x.dos W* N O WS_FTP Server - cwd buffer overflow iis40ftp.dos W* N O MS IIS 4.0 FTP - multiple connects nt-irqln.dos WT S O IRQL_NOT_LESS_OR_EQUAL exception crashes box novic300.dos W* N O Novell Intranetware Client 3.0.0.0 - port 427 nobo-udp.dos W* N O Nobo 1.2 - udp packets crash prog aim-warn.dos W* N O AOL Instant Messenger - force disconnect nukenabr.dos WT N O Nukenabber - consume CPU resources taskman.dos WT C O Windows Task Manager - consume resources wingate.dos W* N O Remotely crash wingate qw-win32.dos W* N O QuakeWorld win32 perl attack proxy-20.dos W* N O MS Proxy 2.0 - ftp URL pcanyw-8.dos W* N O PC Anywhere 8.0 - port 5631 crash ntapplet.dos WT N O Applet can kill almost any NT box nt-hinst.dos WT S O WINAPI WinMain(HINSTANCE hinstExe script crashes box nt-iishd.dos WT N O NT & IIS - consume CPU/HD via sample guestbook wn-tcprs.dos WT N O NT - PSH ACK will reset NT TCP/IP connection nt-nativ.dos WT S O NT - undocumented function NtDeviceIoControlFile crashes system nt-tdrp2.dos WT N O NT - 'teardrop2' UDP packet with crafted header crashes system ntfloppy.dos WT C O NT - 'redhat rescue' floppy causes BS instantaly nmd27sp4.dos WT N O Alt-N MDaemon 2.7 SP4 RCPT-TO string BO w95-prox.dos W9 N O Wingate/Startech proxy - crash via POP or telnet slmail31.dos W* N O SLMail 3.1 slsmtp.exe remote SMTP command DoS ntvintra.dos W* N O Vintra Mailserver remote SMTP command DoS ol-47221.dos W* N O Outlook v4.72.2106 filename attachment DoS ie4-otag.dos W* N O IE 4.x OBJECT tag - crash browser wn-snork.dos W* N O 'snork' attack - consume resources via UDP packets mircport.dos W* I O MIRC msg com port freeze ln11-45x.dos W* N O Lotus Notes SMTP MTA 1.1 on Server 4.5x MIME DoS eud-time.dos W* N O Mail with date set to pre 1970 will crash Eudora opennt21.dos W* N O OpenNT 2.1 telnet/memory abuse (requires account) outlook.dos W* N O Outlook Express 4.7x - fragment attachment nt-winsd.dos Wt S O NT WINS consume resources via error logging ntaddatm.dos Wt C O NtAddAtom bug causes BSOD (SP3) timeserv.dos Wt N O NT timeserv.exe consume 100% resources netxray.dos W* N O NetXray 2.6 crash software, force reboot dnskillr.dos Wn N O Linux script: DOS against WinNT DNS port (cpu = 100%) nt-raspp.dos Wn N O NT RAS PPTP - fragment causes coredump nt-telnt.dos Wn N O NT telnetd - portscan freezes service nt-memll.dos Wn N O NT memory leak by filling fragment queue nt-53.dos Wn N O Modify AnswerCount in packet to stop data to NT machine nt-135.dos Wn N O DOS via NT port 135 - overflow (CPU = 100%) nt-137.dos Wn N O Port 137 (wins) - WINS Server shut down nt-139.dos Wn N O Sending OOB data to port 139 will crash NT (even SP3) nt-1031.dos Wn N O Port 1031 (inetinfo.exe) - overflow (CPU = 100%) nt-at.dos Wn C O NT scheduler - submit bad job, create thousands of jobs nt-dns19.dos Wn N O redirect chargen to NT DNS to cause access violation nt-dos-1.dos Wn N O Take down NT Server by assuming IP nt-pdcgr.dos Wn - O 3.51 non-priv user can create local groups on PDC nt-pqid.dos Wn N O 4.0 DNS server will cache and pass incorrect IPs nt-procs.dos Wn - O info on unpriv user getting max cpu time nt-shar.dos Wn - O NT Shared network drive/ftp (CPU = 100%) nt-sn-bp.dos Wn N O Modify Sequence Number in packet to stop data to NT machine nt-udp.dos Wn N O UDP Flood NT Box via port 19, spoofing, create flood ntcrash2.dos Wn N O NT Crash via 40 different APIs ntfilelk.dos Wn S O Program to lock any file on NT - no one can use file ntfilec.dos Wn Nx O NT File caching algorithm problem ntlogin.dos Wn N O NT deny login ability via malformed packets ntrofail.dos Wn N O 4.0 remotely crashed with r/o access from linux system 311-att.dos W3 - O Win311 AT&T Dialup Networking DOS w95-ping.dos W9 N O emulate w95 - ping with large packets to kill unix boxes w139-oob.dos W* N O OOB data sent to port 139 on Win machines crashes it jolt.dos W9 N O Ping-of-Death II - freeze via oversized packet latierra.dos W* N O spoof IP + port as source + randomize (land.c) java-95.dos W9 N O reboot Win95 via java applet (fl00d.class) iis-crsh.dos W* N O IIS Crash/hang (msbomb.c) iisnewds.dos W* N O newdsn.exe allows creation of *.mdb files anywhere aim17466.dos W* N O AOL Instant Messenger 1.7.466 crash client icq-1.dos W* N O Crash ICQ (and Windows) with unexpected data bonk.dos W* N O frag offset > hader length (bonk.c + boink.c) hanson.dos W* - O MIRC client - force parse string of data - crash boff-qr.dos W* N O MS BackOffice - query overflow - halt server win-nk02.dos W* N O large ping variation - locks nt/95 boxes (not bluescreen) wingate.dos W* N O WinGate - connect to localhost - exhaust resources winsk20.dos W* N O Winsock 2.0 13 char crash eudpro40.dos W* N O long file name kills IE40 and EudoraPro 4.0 iis-asp.dos W* N O IIS/ASP - remotely crash via malformed URL im402pop.dos W* N O Imail 4.02 pop3d32.exe CPU 100% im470115.dos W* N O Internet Mail 4.70.1155 - crash via e-mail imail403.dos W* N O Imail 4.03 - remotely crash SMTP daemon nt-smtp2.dos W* N O MDaemon 2.71/Exchange 5.0 - remotely crash SMTP/POP newtear.dos W* N O smaller padding, faked UDP total length mapisp32.dos W* N O MAPISP32 CPU 100% via attachment in POP mail netstatw.dos W* C? O netstat.exe memory leak ms-tcpip.dos W* N O bad packet ceases tcp/ip activity (FW, NT FWs, etc) servuftp.dos W9 N O Serv-U FTP overflow + crash slmail26.dos Wn N O SLMail 2.6 remote overflow + crash syndrop.dos W* N O SYN Sequence bug + teardrop frag sping.dos W* N O mimic Ping-of-Death via fragmented packet iis20dos.dos Wn N O NT/IIS command overflow (spike CPU usage to 100%) mspws202.dos W* N O MS Personal Web Server - remotely crash via BO Netware OS A T // Novell Netware ------- nw-pwc42.dos NW - O APCs Powerchute Plus v4.2 for Netware - SAP DOS MacOS OS A T // MacOS (Apple) ----- mactcpip.dos MO N O MacOS 7.1/8.0 TCP/IP Based DoS mac-smtp.dos MO N O Crash various MacOS SMTP daemons mo-eims.dos Mo N O EIMS 1.x/2.01 - crash daemon/machine mo-web80.dos Mo N O Web Sharing in MacOS 8.x - kill web services 8x-synk.dos MO N O MacOS 8.x 'synk' command consume bandwidth
AIX OS A T // AIX by IBM --- 414-conn.dos A S O 4.1.4 TCP/IP Local DOS 415-1025.dos A N O AIX ttdbserver n-1 flood aix-pod.dos A S O AIX and the ping of death BSD OS A T // FreeBSD, BSDi, NetBSD, OpenBSD --- bsd-zero.dos B* S O grep /dev/zero in tight loop freezes Free/OpenBSD 226-nlnk.dos fB S O freeBSD 2.2.6-STABLE NFS + link /dev/null freeze 23pctr-c.dos oB S O 2.3 pctr driver crash machine bsd-ftpd.dos B N O BSDI/FreeBSD wu-ftpd remote nlist DoS bsd-ping.dos B S O BSD ping -s2955 causes kernel panic bsd-pkga.dos B S O bsd package add aborted at right time removes files bsd-me.dos B* S O Force kernel panic by exhausting map entries bsdinet.dos B* N O portscanners panic BSD based inetd netapp.dos B* S O NetApp NFS panics with readdirplus call fb-purep.dos Fb S O 2.2.x-stable - reboot via /bot in ircII w/ purepak HPUX OS A T // HPUX ---- 1020recs.dos HP N O HPUX 10.20 (recserv) remote/local kill service 1020rexe.dos HP N O HPUX 10.20 rexecd - lockout user hp-fork.dos HP S O Fork call locallys causes complete shutdown of all service hp-rplay.dos HP S O hp 10.01 rplay with no options causes crash IRIX OS A T // IRIX (Silicon Graphics) ---- irixfing.dos Ir N O Irix 6.4/6.5 finger @@@@ denial sgio2-63.dos Ir S O freeware prog 'crashme' crashes up to 6.5 53-cvpcs.dos Ir S O 5.3 /usr/etc/cvpcsd potential DoS 62-open.dos Ir S O open() will open any NFS file, block access to it 63-ncp.dos Ir S O Irix 6.3 unkillable frozen processes xprop.dos Ir S d xprop will kill x users Linux OS A T // Slackware, RedHat, Debian, etc ----- rh5alpha.dos Lr S O Redhat for Alpha - force reboot ipfwadm1.dos L* N O ipfwadm pseudo-DoS - IP Masquerading bug 2036-lin.dos L* S O Various 2.0.36 kernel DoS concerns rh-lpr03.dos Lr N O lpr lpr-0.31-1 and lpr-0.33-1 remote denial socksys.dos L S O /dev/socksys + head causes panic/reboot rh51-mem.dos Lr S O 'dumpreg' utility causes kernel crash 20-pte.dos L* S O Linux 2.0 PTE memory/virtual page DoS 20xpanic.dos L S O 2.0.x MAX_STACK overflow - force panic 20xsigpi.dos L N O 2.0.x SIGPIPE - crash inetd via half open scan dis_dma.dos L S O disable_dma() 2.1.x kernel - lock computer kerneld.dos Lr S O Any user can load kernel modules lin-long.dos L* S O longpath/MAXPATHLEN attack, create unremovable dirs linlog.dos L S O Linux login denial (local) mktemp.dos L S O mktemp() open max - DOS to pop3 and like apps [dave_m] overdrop.dos L N O 2.0.33 printk abuse (overdrop.c) rh-x11.dos Lr S O stop x-server - /tmp/X11 dir not 1777 rh-misc.dos Lr S O various attacks against RH: serial, console flood rh-pass.dos Lr S O resource starvation on setuid passwd(1) rpc-all.dos L* N O Remotely stop all RPC Services from answering s33-psdv.dos Ls S O lock up keyboard on slack 3.2,3.3 system sigurg.dos L S O kill any process, regardless of user sr-crash.dos L S O Source Route exploit (DOS) 1.0.x - 1.3.x Sun/Solaris OS A T // SunOS, Solaris, SolarisX86 ----------- 26dtmail.dos So S O Solaris 2.6 dtmail - reboot securnfs.dos Su N O SecureNFS mbuf denial (SunOS 4.x) 23-ndd.dos So S O 2.3 ndd causes kernel panic 24-cdrom.dos So S O 2.4 /vol/dev/aliases/cdrom0 ioctl() denial 251-ifcf.dos So S O unpriv user can take down entire LAN via ifconfig 251-loc.dos So S O 2.5.1 perl/escape sequence fries Ultra 25x-ping.dos So S O 2.5.x ping can reboot machine 25udprum.dos So ? O UDP cause host to answer/request itself (info) 251-kill.dos So S O 2.5.1 bad telnet and ^D overflow 414-tcx0.dos Su S O 4.1.4 /dev/tcx0 sparc20 denial 41x-dev.dos Su S O 4.1.x device -> crash 41x-kp-1.dos Su S O 4.1.x panic kernel if HSFS cdrom is mounted [8lgm-18] 41x-kp-2.dos Su S O 4.1.x panic kernel if a TMPFS is mounted [8lgm-8] 41x-kp-3.dos Su S O 4.1.x panic kernel via locore [8lgm-25] s-socket.dos So S O Crash Solaris with connect() 24-inetd.dos So S O 2.4 inetd DOS possible sol-ping.dos So S O 2.x ping with bad options crash sun 2x-syslg.dos So N O remotely kill syslog.dos via DNS error handling 251-ftpd.dos So S O 2.x FTP read(2) zero bytes from network abook2.dos So N O 2.6 Answerbook2 dwhttpd/3.1a4 drop server talk-dos.dos S S O nfo on DOS attack using talk killsun.dos Su S O Reboot or simply hang Sun's and a few other systems pinesun.dos Su S O pine w/ bad rc file causes system crash on suns sparcdev.dos Su S O 4.1.4 /dev/zero redirect denial (sparc5/20) sun-nis.dos Su S O info on Sun NIS overflow DOS sunaudio.dos Su S O rsh & /dev/audio can reboot a sun sunbash.dos Su S O Bash variables allow user to lockout other users x86icebp.dos S* S O ICEBP Unexpected INT 1 - flood console sparccpu.dos S* S O hang various sparc models OSF, DGUX OS A T // OSF1, OSF2, DGUX --------- du-xcd40.dos DU S O DU 4.0D cdfs bug : xcd eject FS Panic osf1-dt1.dos DO S O OSF1 CDE bad perms - fill quota dgux-1.dos Dg N O DGUX - remotely drop box (info/rumor) 2199ultr.dos Du N O Sending SACK packet kills Ultrix boxes Misc Unix OS A T // Non-Unix Flavor Specific --------- omnihttp.dos * N O OmniHTTPD fill HD force crash proftpd1.dos * N O ProFTPD multiple dir kills rainbow6.dos * S O Rainbow Six Multiplayer - crash server webramp2.dos * N O WebRamp dialup: crash or change IP r-bootpd.dos U* N O bootpd daemon - remotely crash eyscript.dos U* S O January SysAdmin EY script DoS bug iplogr11.dos U* N O IPLogger 1.1 remote forkbomb attack serialpp.dos U* N O SerialPOP - long SMTP name crashes rsh-zero.dos U* S O linking .rhosts to /dev/zero + IMAP/POP ra-5teln.dos U* N O 30 lines input to RA5 server crashes qs-spoof.dos U* N O Qmail/Sendmail spoofed packet attack osf-dce.dos U* N O secd buffer overflow - shutdown service irc-74p4.dos U* I O ircii-pana/BitchX 74p4 crash client dhcp1020.dos U* N O DHCP 1.0/2.0 crash server boom.dos - S O getsockopt() bug to crash Sun and AT&T machines ecash-1.dos * N O prevent ecash account use until arbitrary future date fing-rec.dos * N O uses finger with @@@ arguments to lag system edquota.dos U* S O edquota(8) - various DoS attacks gen-dir.dos U* S O general recursive dir attack gen-file.dos U* S O general file create attack - files have no inode info gen-mem.dos U* S O general malloc/fork attacks gen-serv.dos U* S O general remote denial of service/port intelkil.dos * S O Lock up Intel Pentium CPU on most platforms incomsat.dos * N O in.comsat remote forge udp packets, local fork bomb inetd.dos * N O multiple requests to inetd will cause it to hang listserv.dos * N O due to many overflows, remote user can shut down listserv libc-fd.dos U* S O libc 5.4.33/glibc 2.0 block fd use perl-den.dos * S O Use perl to crash system pgp263-1.dos * - O pgp 2.6.3ia generate key with dupe keyid - overwrite existing pmap408.dos U* N O portmap 4.0-8 random junk - slow machine to crawl poweratx.dos * S O Power ATX 233mhz board/chip - force power off radius1.dos U* N O append space to username, crash radiusd radius2.dos U* N O any passwd length over 128 chars crashes radiusd radiusd.dos U* N O info on possible radiusd DOS attack rout-ras.dos * N O Routing and RAS service ruleset allows remote DoS scrn371a.dos * S O Screen-3.7.1 deny other users access to screen ssh-1217.dos * N O ssh 1.2.17/linux 2.0.x remote ssh connects cause DOS udpinetd.dos * S O local inetd will hang with correctly forged UDP packets xtacacs.dos * N O XTACACS - crash via ICMP messages spiffit.dos U* N O in.comsat + 'biff y' denial/flood rwhokill.dos U* S O kill RWHO service locally pppdrop.dos * N O PPP drop causes DOS attack against ssh pwd-wait.dos * N O Password wait DOS attack against ssh sco-htfs.dos Uw S O SCO Openserver unlink FS crash TCP/IP OS A T // TCP/IP, ICMP, Generic Floods ------ nestea.dos * N O "off by one ip header" in ip frag code synflood.dos * N O SYN Flood - spoof IP so ACK isn't received fraggle.dos * N O UDP broadcast - spoof broadcast addresses smurf.dos * N O TCP/IP broadcast - spoof broadcast addresses icmp-dos.dos * N O ICMP Echo Reply Flood info icmpecho.dos - N O ICMP Echo - broadcast address amplification ethicmpf.dos * N O fake an ICMP unreachable message teardrop.dos * N O IP Frag Overlap Bug (teardrop.c) locktcp.dos * N O lock machine via any service displaying banner (pop/login/etc) Mail OS A T // Qmail, Sendmail, Pine, Elm, etc ---- smail892.dos U* N O Sendmail 8.9.2 redirect & header attack qmail-an.dos U* S O qmail anonymous file system denial qmail-1.dos * S O qmail-smtd doesn't check bounds on data field qmail-2.dos * S O qmail-smtd doesn't check bounds on RCPT field pinelock.dos U* S O log user out/kill pid, via pine /tmp file pine-pid.dos * S O pine can be used to lock out user from reading mail 885-l1.dos * S O Sendmail 8.8.5 recipient no limit exmh-bo.dos U* N O exmh 2.0.2 long 'from' string hangs reader pine-rem.dos U* N O Remotely crash PINE sessions with long From string IRC OS A T // Unix based IRC Client/Servers --- bx-crakr.dos * I O bitch/xcrackrock - cause segfault via irc channel topic ircd2821.dos * S O ircd2.8.21 buffer overflow - force segfault ircd29a6.dos * S O ircii-2.9alphta6 buffer overflow - CPU consume libc-irc.dos * I O /dcc option to crash ircII server bx-joinc.dos * I O BitchX pre 7.4 - force disconnect via chan mode bx-ircii.dos U* I O ircII/BitchX remote buffer overflow crashes client ircnn13.dos U* I O ircnn-1.3devel (newnet) /quote option crashes server mirc54.dos Ir N O MIRC 5.4 remote resume dcc crash DNS OS A T // Domain Name Service --- bind495p.dos * N O Bind 4.9.5-P1 Max CPU usage via port 53 named.dos * N O info on crashing bind via multiple updates in one packet dns-deny.dos * N O info on hitting DNS server with requests X-Windows OS A T // Any/All X-Windows systems --------- xkill.dos U* X O xkill param to kill other window - no id checking xfmchoos.dos U* N O Xfree 3.3 - stop local display remotely xfree86.dos U* S O Xfree86 unpriv user can block any (priv) port xterm-c.dos U* X O escape sequence will crash xterm Apache OS A T // Apache Web Server ------ mimeflod.dos U* N O Apache 1.2.5 Mime header flood ya-apach.dos U* N O "sioux" attack - apache memory leak ap-12x-3.dos U* N O apache < 1.2.x multiple long slash URLs - CPU Hit ap-12x-5.dos U* N O apache < 1.2.x mod_proxy - force core dumps beck1.dos U* N O Apache 1.2.x - load average spike via malformed URL beck2.dos U* N O Apache 1.2.x - load average spike via malformed URL Oracle/SQL OS A T // Oracle, SQL and related apps. ------ oracnerp.dos * N O Oracle 8 'nerp' attack (port 1521/1526) msql-lib.dos * N O MSQL libmsql denial o8-tnsls.dos * N O Oracle 8.0.4.0.0-Production telnet 1521 consume resources orasqlv1.dos U* N O Oracle Sql*Net v1/Dynix rapid connect orac-w21.dos * N O oracle web server 2.1 DOS via perl/netcat mysql11.dos U* N O MYSQL dist >= 3.22.00 rapid connect msql-201.dos * N O mSQL 2.0.1 remotely kill service msql-tel.dos * N O mSQL 1.0.16/MySQL 3.20.20 remotely deny query ability Quake OS A T // Quake and ID Software ----- quakecli.dos * N O Quake client killer - udp flood nquake-s.dos U* N O Netquake protocol - spoof to sim smurf attack qw-210.dos U* N O QuakeWorld 2.10 segfault via connect q2-127.dos U* N O Quake2 - spoof 127.0.0.1 packet - recursive q2-27910.dos U* N O Quake2 - spoof source port - recursive q2-xff.dos U* N O Quake2 - bad connect string - crash server q1-reli.dos U* N O Quake1 - overflow client socket Other OS A T // Everything Else ----- pnservr.dos - N O Progressive Networks Real Video Server - crash den-list.dos - - O denial list - ISS checks for these aol-4x.dos - N O AOL 4.x background image name e-mail crash mod-ath.dos * N O Ping with embedded "+++" can remotely hang up modem users hp5-snmp.dos - N O Remotely disable 5M/5N printers with valid SNMP command