Gabriel Maggiotti

6 exploits Active since Mar 2000
CVE-2000-0884 EXPLOITDB c WORKING POC
Internet Information Server 4.0-5.0 - Path Traversal and Remote Code Execution via Unicode-Encoded URL
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
CVE-2001-0876 EXPLOITDB c WORKING POC
Windows 98, 98SE, ME, and XP - Remote Code Execution via UPnP NOTIFY Location URL
Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL.
CVE-2000-0979 EXPLOITDB text WRITEUP
Windows 95 98 ME - Unauthenticated Share Access Bypass via Single-Character Password Match
File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.
CVE-2000-0236 EXPLOITDB c WORKING POC
Netscape Enterprise Server - Info Disclosure
Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump.
CVE-2001-0746 EXPLOITDB php WORKING POC
iPlanet Web Server Enterprise Edition <= 4.1 - Buffer Overflow via Long URI in Web Publisher
Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, or other methods.
CVE-2001-0406 EXPLOITDB c WORKING POC
Samba < 2.0.7 - Arbitrary File Write via Symlink Attack
Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient.