Carl Livitt

13 exploits Active since Oct 2001
CVE-2004-1612 EXPLOITDB perl WORKING POC
Saleslogix - Path Traversal
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot) in a ProcessQueueFile request.
CVE-2004-1612 EXPLOITDB perl WORKING POC
Saleslogix - Path Traversal
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot) in a ProcessQueueFile request.
CVE-2007-3621 EXPLOITDB bash WORKING POC
AsteriDex <3.0 - RCE
Multiple CRLF injection vulnerabilities in callboth.php in AsteriDex 3.0 and earlier allow remote attackers to inject arbitrary shell commands via the (1) IN and (2) OUT parameters.
CVE-2003-0651 EXPLOITDB c WORKING POC
mod_mylo <0.2.1 - RCE
Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2003-0101 EXPLOITDB perl WORKING POC
Webmin/Usermin <1.070 - Auth Bypass
miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a session ID and gain root privileges.
CVE-2003-1247 EXPLOITDB c WORKING POC
Positive Software H-sphere - Buffer Overflow
Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist.
EIP-2026-103072 EXPLOITDB c WORKING POC
AutomatedShops WebC 2.0/5.0 Script - Name Remote Buffer Overrun
EIP-2026-103089 EXPLOITDB c WORKING POC
Citadel/UX BBS 6.07 - Remote Overflow
CVE-2003-0826 EXPLOITDB c WORKING POC
lsh daemon - Buffer Overflow
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack.
CVE-2002-1364 EXPLOITDB c WORKING POC
Traceroute-nanog - Buffer Overflow
Buffer overflow in the get_origin function in traceroute-nanog allows attackers to execute arbitrary code via long WHOIS responses.
CVE-2003-1247 EXPLOITDB c WORKING POC
Positive Software H-sphere - Buffer Overflow
Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist.
EIP-2026-102785 EXPLOITDB text WORKING POC
AutomatedShops WebC 2.0/5.0 - Symbolic Link Following Configuration File
CVE-2001-0759 EXPLOITDB c WORKING POC
Jetico Bestcrypt - Buffer Overflow
Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows local users to execute arbitrary code via a file or directory with a long pathname, which is processed during an unmount.