Florian Heinz

3 exploits Active since Jun 2000
CVE-2003-0143 EXPLOITDB c WORKING POC
qpopper 4.0.x < 4.0.5fc2 - Authenticated Buffer Overflow via Long Macro Name in mdef Command
The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.
CVE-2000-0506 EXPLOITDB c WORKING POC
Linux Kernel - Privilege Escalation via Setuid/Setcap Capabilities Bypass
The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability."
CVE-2004-1074 EXPLOITDB text WORKING POC
Linux kernel - Denial of Service via Malformed a.out Binary
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.