JohnH - Security Researcher - Exploit Intelligence Platform

CVE-2004-1211 EXPLOITDB c WORKING POC

Mercury/32 4.01a - Authenticated Buffer Overflow via IMAP Command Arguments

Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands.

View Code

CVE-2004-1211 EXPLOITDB c WORKING POC

Mercury/32 4.01a - Authenticated Buffer Overflow via IMAP Command Arguments

Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands.

View Code

CVE-2005-2715 EXPLOITDB perl WORKING POC

VERITAS NetBackup 4.5FP/4.5MP/5.0-6.0 - Remote Code Execution via Java UI Format String

Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command.

View Code

CVE-2004-2513 EXPLOITDB c WORKING POC

Mercury (Pegasus) Mail 4.01 - Remote Code Execution via IMAP SELECT Command

Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote attackers to execute arbitrary code via a long SELECT command.

View Code

CVE-2004-2513 EXPLOITDB c WORKING POC

Mercury (Pegasus) Mail 4.01 - Remote Code Execution via IMAP SELECT Command

Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote attackers to execute arbitrary code via a long SELECT command.

View Code

CVE-2005-2715 EXPLOITDB perl WORKING POC

VERITAS NetBackup 4.5FP/4.5MP/5.0-6.0 - Remote Code Execution via Java UI Format String

Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command.

View Code

CVE-2005-2715 EXPLOITDB perl WORKING POC

VERITAS NetBackup 4.5FP/4.5MP/5.0-6.0 - Remote Code Execution via Java UI Format String

Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command.

View Code

CVE-2004-1388 EXPLOITDB c WORKING POC

BerliOS GPD daemon 1.9.0-2.7 - Remote Code Execution via Format String in GPS Request

Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls.

View Code