Juliano Rizzo

7 exploits Active since Oct 2000
CVE-2000-0740 EXPLOITDB perl WORKING POC
NAI Net Tools PKI Server 1.0 - Buffer Overflow via Long HTTPS URL
Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary commands via a long URL in the HTTPS port.
CVE-2000-0741 EXPLOITDB text WORKING POC
NAI Net Tools PKI server <1.0 - RCE
Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension.
CVE-2000-0739 EXPLOITDB text WRITEUP
NAI Net Tools PKI Server 1.0 - Directory Traversal via HTTPS Request
Directory traversal vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTPS request to the enrollment server.
CVE-2004-0574 EXPLOITDB perl WORKING POC
Microsoft Windows NT Server <4.0-2003 - RCE
The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
CVE-2002-1013 EXPLOITDB text WORKING POC
Inktomi Traffic Server 4.0.18-5.2.2, Traffic Edge 1.1.2-1.5.0, Media-IXT 3.0.4 - Local Buffer Overflow
Buffer overflow in traffic_manager for Inktomi Traffic Server 4.0.18 through 5.2.2, Traffic Edge 1.1.2 and 1.5.0, and Media-IXT 3.0.4 allows local users to gain root privileges via a long -path argument.
CVE-2003-0240 EXPLOITDB text WORKING POC
Axis Network Camera < 2.32 - Unauthenticated Configuration Modification via Double Slash Bypass
The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).
CVE-2000-1014 EXPLOITDB text WRITEUP
SCO Unixware 7 - Remote Code Execution via search97.cgi queryText Format String
Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter.