Craig Freyman

29 exploits Active since Dec 2006
CVE-2012-10060 EXPLOITDB CRITICAL ruby WORKING POC
Sysax Multi Server <5.55 - Buffer Overflow
Sysax Multi Server versions prior to 5.55 contains a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code execution under the context of the service.
CVSS 9.8
CVE-2012-10060 EXPLOITDB CRITICAL python WORKING POC
Sysax Multi Server <5.55 - Buffer Overflow
Sysax Multi Server versions prior to 5.55 contains a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code execution under the context of the service.
CVSS 9.8
CVE-2013-10064 EXPLOITDB CRITICAL ruby WORKING POC
ActFax Server <5.01 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in ActFax Server version 5.01. The server's RAW protocol interface fails to safely process user-supplied data in @F506 fax header fields due to insecure usage of strcpy. Remote attackers can exploit this vulnerability by sending specially crafted @F506 fields, potentially leading to arbitrary code execution. Successful exploitation requires network access to TCP port 4559 and does not require authentication.
CVE-2012-10043 EXPLOITDB CRITICAL python WORKING POC
ActFax Server <4.32 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in the "Import Users from File" functionality of the client interface. The application fails to properly validate the length of tab-delimited fields in .exp files, leading to unsafe usage of strcpy() during CSV parsing. An attacker can exploit this vulnerability by crafting a malicious .exp file and importing it using the default character set "ECMA-94 / Latin 1 (ISO 8859)". Successful exploitation may result in arbitrary code execution, leading to full system compromise. User interaction is required to trigger the vulnerability.
CVE-2012-6530 METASPLOIT ruby WORKING POC
Sysax Multi Server < 5.50 - Memory Corruption
Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request.
CVE-2013-10064 METASPLOIT CRITICAL ruby WORKING POC
ActFax Server <5.01 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in ActFax Server version 5.01. The server's RAW protocol interface fails to safely process user-supplied data in @F506 fax header fields due to insecure usage of strcpy. Remote attackers can exploit this vulnerability by sending specially crafted @F506 fields, potentially leading to arbitrary code execution. Successful exploitation requires network access to TCP port 4559 and does not require authentication.
CVE-2006-6576 METASPLOIT ruby WORKING POC
Golden FTP Server <1.92 - Buffer Overflow
Heap-based buffer overflow in Golden FTP Server (goldenftpd) 1.92 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long PASS command. NOTE: it was later reported that 4.70 is also affected. NOTE: the USER vector is already covered by CVE-2005-0634.
CVE-2012-10060 METASPLOIT CRITICAL ruby WORKING POC
Sysax Multi Server <5.55 - Buffer Overflow
Sysax Multi Server versions prior to 5.55 contains a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code execution under the context of the service.
CVSS 9.8
CVE-2012-10043 METASPLOIT CRITICAL ruby WORKING POC
ActFax Server <4.32 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in the "Import Users from File" functionality of the client interface. The application fails to properly validate the length of tab-delimited fields in .exp files, leading to unsafe usage of strcpy() during CSV parsing. An attacker can exploit this vulnerability by crafting a malicious .exp file and importing it using the default character set "ECMA-94 / Latin 1 (ISO 8859)". Successful exploitation may result in arbitrary code execution, leading to full system compromise. User interaction is required to trigger the vulnerability.
EIP-2026-119157 EXPLOITDB python WORKING POC
Solar FTP Server 2.1.1 - PASV Buffer Overflow
EIP-2026-119197 EXPLOITDB python WORKING POC
Sysax 5.57 - Directory Traversal
CVE-2012-6530 EXPLOITDB python WORKING POC
Sysax Multi Server < 5.50 - Memory Corruption
Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request.
CVE-2012-6530 EXPLOITDB ruby WORKING POC
Sysax Multi Server < 5.50 - Memory Corruption
Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request.
EIP-2026-119198 EXPLOITDB python WORKING POC
Sysax Multi Server 5.52 - File Rename Buffer Overflow Remote Code Execution (Egghunter)
EIP-2026-119199 EXPLOITDB python WORKING POC
Sysax Multi Server 5.53 - SFTP (Authenticated) (SEH)
EIP-2026-117986 EXPLOITDB python WORKING POC
Sysax 5.62 - Admin Interface Local Buffer Overflow
EIP-2026-118320 EXPLOITDB python WORKING POC
BigAnt Server 2.97 - DDNF 'Username' Remote Buffer Overflow
EIP-2026-118229 EXPLOITDB ruby WORKING POC
ActFax 5.01 - RAW Server Buffer Overflow (Metasploit)
EIP-2026-117988 EXPLOITDB text WRITEUP
Sysax FTP Automation Server 5.33 - Local Privilege Escalation
EIP-2026-117985 EXPLOITDB text WORKING POC
Sysax 5.60 - Create SSL Certificate Buffer Overflow
CVE-2006-6199 EXPLOITDB ruby WORKING POC
Blazevideo Blaze Dvd - Memory Corruption
Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.
EIP-2026-116718 EXPLOITDB ruby WORKING POC
ActiveFax (ActFax) 4.3 - Client Importer Buffer Overflow (Metasploit)
EIP-2026-115989 EXPLOITDB python WORKING POC
Omnicom Alpha 4.0e LPD Server - Denial of Service
EIP-2026-115558 EXPLOITDB python WORKING POC
LiteServe 2.81 - 'PASV' Denial of Service
EIP-2026-115334 EXPLOITDB python WORKING POC
Golden FTP Server 4.70 - Malformed Message Denial of Service