Angelo Rosiello

9 exploits Active since Jun 2003
CVE-2003-0276 EXPLOITDB c WORKING POC
Pi3Web 2.0.1 - Buffer Overflow via GET Request with Excessive Slashes
Buffer overflow in Pi3Web 2.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GET request with a large number of / characters.
EIP-2026-103159 EXPLOITDB c WORKING POC
Liquid War 5.4.5/5.5.6 - HOME Environment Variable Buffer Overflow
CVE-2004-0557 EXPLOITDB c WORKING POC
SoX 12.17.2-12.17.4 - Remote Code Execution via WAV File Header Fields
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
CVE-2004-1689 EXPLOITDB c WORKING POC
sudo 1.6.8 - Arbitrary File Read via sudoedit Symlink Attack
sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit.
EIP-2026-103042 EXPLOITDB c WORKING POC
XFree86 4.2 - 'XLOCALEDIR' Local Buffer Overflow (4)
EIP-2026-103008 EXPLOITDB c WORKING POC
Sudo 1.6.8 - Information Disclosure
CVE-2003-0396 EXPLOITDB c WORKING POC
linux-atm - Buffer Overflow via Long Command Line Argument
Buffer overflow in les for ATM on Linux (linux-atm) before 2.4.1, if used setuid, allows local users to gain privileges via a long -f command line argument.
CVE-2003-0854 EXPLOITDB c WORKING POC
fileutils - Denial of Service via Large -w Value
ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.
CVE-2005-2878 EXPLOITDB c WORKING POC
GNU Mailutils 0.6 - Authenticated Remote Code Execution via IMAP SEARCH Command Format String
Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.