Carl Livitt

13 exploits Active since Oct 2001
CVE-2004-1612 EXPLOITDB perl WORKING POC
SalesLogix 6.1 - Directory Traversal and Arbitrary File Upload via ProcessQueueFile Request
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot) in a ProcessQueueFile request.
CVE-2004-1612 EXPLOITDB perl WORKING POC
SalesLogix 6.1 - Directory Traversal and Arbitrary File Upload via ProcessQueueFile Request
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot) in a ProcessQueueFile request.
CVE-2007-3621 EXPLOITDB bash WORKING POC
AsteriDex < 3.0 - Remote Code Execution via CRLF Injection in callboth.php
Multiple CRLF injection vulnerabilities in callboth.php in AsteriDex 3.0 and earlier allow remote attackers to inject arbitrary shell commands via the (1) IN and (2) OUT parameters.
CVE-2003-0651 EXPLOITDB c WORKING POC
mod_mylo 0.2.1 - Buffer Overflow via Long HTTP GET Request
Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2003-0101 EXPLOITDB perl WORKING POC
Webmin/Usermin <1.070 - Auth Bypass
miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a session ID and gain root privileges.
CVE-2003-1247 EXPLOITDB c WORKING POC
H-Sphere WebShell 2.3 - Remote Code Execution via Buffer Overflow in CGI::readFile diskusage and flist
Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist.
EIP-2026-103072 EXPLOITDB c WORKING POC
AutomatedShops WebC 2.0/5.0 Script - Name Remote Buffer Overrun
EIP-2026-103089 EXPLOITDB c WORKING POC
Citadel/UX BBS 6.07 - Remote Overflow
CVE-2003-0826 EXPLOITDB c WORKING POC
GNU lsh - Remote Code Execution via Heap-Based Buffer Overflow in lshd
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack.
CVE-2002-1364 EXPLOITDB c WORKING POC
tracesroute - Buffer Overflow via Long WHOIS Response
Buffer overflow in the get_origin function in traceroute-nanog allows attackers to execute arbitrary code via long WHOIS responses.
CVE-2003-1247 EXPLOITDB c WORKING POC
H-Sphere WebShell 2.3 - Remote Code Execution via Buffer Overflow in CGI::readFile diskusage and flist
Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist.
EIP-2026-102785 EXPLOITDB text WORKING POC
AutomatedShops WebC 2.0/5.0 - Symbolic Link Following Configuration File
CVE-2001-0759 EXPLOITDB c WORKING POC
Jetico BestCrypt <= 0.8.1 - Local Buffer Overflow via Long Pathname
Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows local users to execute arbitrary code via a file or directory with a long pathname, which is processed during an unmount.