Expanders

18 exploits Active since May 2005
CVE-2005-3683 EXPLOITDB c WORKING POC
freeFTPd < 1.0.9 - Stack-Based Buffer Overflow via Long USER Command
Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a long USER command.
CVE-2006-6665 METASPLOIT ruby WORKING POC
Astonsoft DeepBurner Pro & Free <1.8.0 - RCE
Buffer overflow in Astonsoft DeepBurner Pro and Free 1.8.0 and earlier allows user-assisted remote attackers to execute arbitrary code via a long file name tag in a dbr file.
CVE-2006-6251 EXPLOITDB ruby WORKING POC
VUPlayer < 2.44 - Remote Code Execution via Long M3U File String
Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote attackers to execute arbitrary code via a long string in an M3U file, aka an "M3U UNC Name" attack.
CVE-2006-5551 EXPLOITDB c WORKING POC
qk_smtp < 3.0.1 - Remote Code Execution via RCPT TO Command
Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow remote attackers to execute arbitrary code via a long argument to the RCPT TO command.
EIP-2026-118969 EXPLOITDB c WORKING POC
Novell eDirectory 9.0 - 'DHost' Remote Buffer Overflow
CVE-2005-3684 EXPLOITDB c WORKING POC
freeFTPd 1.0.8 - Authenticated Buffer Overflow via MKD or DELE Command
Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, allow remote authenticated attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via long (1) MKD and (2) DELE commands.
CVE-2006-6063 EXPLOITDB c WORKING POC
XMPlay < 3.3.0.5 - Stack-Based Buffer Overflow via M3U File
Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier allows remote attackers to execute arbitrary code via a M3U file containing a long (1) FileName, and cause a crash via a long (2) DisplayName.
CVE-2006-6251 EXPLOITDB c WORKING POC
VUPlayer < 2.44 - Remote Code Execution via Long M3U File String
Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote attackers to execute arbitrary code via a long string in an M3U file, aka an "M3U UNC Name" attack.
CVE-2006-6665 EXPLOITDB c WORKING POC
Astonsoft DeepBurner Pro & Free <1.8.0 - RCE
Buffer overflow in Astonsoft DeepBurner Pro and Free 1.8.0 and earlier allows user-assisted remote attackers to execute arbitrary code via a long file name tag in a dbr file.
CVE-2006-6665 EXPLOITDB ruby WORKING POC
Astonsoft DeepBurner Pro & Free <1.8.0 - RCE
Buffer overflow in Astonsoft DeepBurner Pro and Free 1.8.0 and earlier allows user-assisted remote attackers to execute arbitrary code via a long file name tag in a dbr file.
CVE-2005-0575 EXPLOITDB c WORKING POC
Stormy Studios Knet <= 1.04c - Buffer Overflow via Long HTTP GET Request
Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP GET request.
CVE-2006-5478 EXPLOITDB c WORKING POC
Novell eDirectory 8.x-8.8.x - Remote Code Execution via Long HTTP Host Header or Dot in Username
Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (1) a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function; or vectors related to a username containing a . (dot) character in the (2) SMTP, (3) POP, (4) IMAP, (5) HTTP, or (6) Networked Messaging Application Protocol (NMAP) Netmail services.
EIP-2026-103662 EXPLOITDB c WORKING POC
Stormy Studios KNet 1.x - Remote Buffer Overflow
EIP-2026-103163 EXPLOITDB c WORKING POC
MailEnable Enterprise 1.x - IMAPd Remote Overflow
CVE-2006-3124 EXPLOITDB c WORKING POC
Streamripper - Buffer Overflow in HTTP Header Parsing
Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted HTTP headers.
CVE-2005-0199 EXPLOITDB CRITICAL c WORKING POC
ngIRCd < 0.8.2 - Remote Denial of Service and Possible Code Execution via MODE Line Integer Underflow
Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow.
CVSS 9.8
EIP-2026-102704 EXPLOITDB c WORKING POC
ngIRCd 0.8.1 - Remote Denial of Service (2)
CVE-2005-3475 EXPLOITDB c WORKING POC
Hasbani Web Server 2.0 - Denial of Service via Crafted HTTP GET Request
Hasbani Web Server (WindWeb) 2.0 allows remote attackers to cause a denial of service (infinite loop) via HTTP crafted GET requests.