CoKi

9 exploits Active since Jul 2004
CVE-2005-0226 EXPLOITDB c WORKING POC
ngIRCd 0.8.2 - Remote Code Execution via Format String in Log_Resolver
Format string vulnerability in the Log_Resolver function in log.c for ngIRCd 0.8.2 and earlier, when compiled with IDENT, logging to SYSLOG, and with DEBUG enabled, allows remote attackers to execute arbitrary code.
EIP-2026-103087 EXPLOITDB c WORKING POC
Citadel/UX 5.9/6.x - 'Username' Remote Buffer Overflow (1)
CVE-2004-1192 EXPLOITDB c WORKING POC
Citadel/UX <= 6.27 - Remote Code Execution via lprintf Format String
Format string vulnerability in the lprintf function in Citadel/UX 6.27 and earlier allows remote attackers to execute arbitrary code via format string specifiers sent to the server.
CVE-2005-1523 EXPLOITDB c WORKING POC
GNU Mailutils < 0.6.90 - Remote Code Execution via IMAP Command Tag Format String
Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands.
CVE-2005-2409 EXPLOITDB c WORKING POC
nbsmtp < 0.99 - Remote Code Execution via Format String in Debug Mode
Format string vulnerability in util.c in nbsmtp 0.99 and earlier, while running in debug mode, allows remote attackers to execute arbitrary code via format string specifiers that are not properly handled in a syslog call.
EIP-2026-102848 EXPLOITDB c WORKING POC
glFTPd (Slackware 9.0/9.1/10.0) - Local Stack Overflow
CVE-2004-1484 EXPLOITDB c WORKING POC
socat 1.4.0.3 - Remote Code Execution via Format String in Syslog Message
Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message.
EIP-2026-103019 EXPLOITDB c WORKING POC
TipxD 1.1.1 - Not SETUID Local Format String
CVE-2004-1705 EXPLOITDB c WORKING POC
Citadel/UX <= 6.23 - Denial of Service via Long Username
Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers to cause a denial of service via a long username.