Kevin Finisterre

64 exploits Active since Dec 2000
EIP-2026-103401 EXPLOITDB text WORKING POC
AmbiCom Blue Neighbors 2.50 build 2500 - BlueTooth Stack Object Push Buffer Overflow
CVE-2005-3995 EXPLOITDB perl WORKING POC
sobexsrv < 1.0.0_pre3 - Remote Code Execution via Format String in OBEX File Name
Format string vulnerability in the dosyslog function in the OBEX server (obexsrv.c) for Sobexsrv before 1.0.0-pre4, when the syslog (-S) function is enabled, allows remote attackers to execute arbitrary code via format string specifiers in file name arguments to OBEX commands.
EIP-2026-103250 EXPLOITDB perl WORKING POC
Xine 0.99.4 - '.m3u' Remote Format String
CVE-2005-2041 EXPLOITDB perl WORKING POC
HAURI ViRobot Linux Server 2.0 - Buffer Overflow via ViRobot_ID Cookie
Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly other products, allows remote attackers to execute arbitrary code via a long ViRobot_ID cookie (HTTP_COOKIE).
CVE-2005-3523 EXPLOITDB perl WORKING POC
gpsdrive < 2.09 - Remote Code Execution via Format String in Friendsd2 Direction Field
Format string vulnerability in friendsd2 in GpsDrive allows remote attackers to execute arbitrary code via the dir (direction) field.
CVE-2005-0385 EXPLOITDB perl WORKING POC
luxman < 0.41 - Buffer Overflow via Long Command Line Argument
Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local users to execute arbitrary code via a long -f command line argument.
CVE-2005-3566 EXPLOITDB perl WORKING POC
VERITAS Cluster Server for UNIX < 4.0MP2 - Local Buffer Overflow via VCSI18N_LANG Environment Variable
Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew.
CVE-2005-0155 EXPLOITDB c WORKING POC
Perl 5.8.0 - Arbitrary File Creation via PERLIO_DEBUG Variable
The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to create arbitrary files via the PERLIO_DEBUG variable.
CVE-2005-0156 EXPLOITDB c WORKING POC
Perl 5.8.0 - Local Buffer Overflow via PERLIO_DEBUG Environment Variable
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
CVE-2000-0998 EXPLOITDB perl WORKING POC
top <unknown> - Privilege Escalation
Format string vulnerability in top program allows local attackers to gain root privileges via the "kill" or "renice" function.
CVE-2005-1396 EXPLOITDB perl WORKING POC
Ce/Ceterm <2.5.4 - Local Privilege Escalation
Race condition in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier allows local users to write to arbitrary files via a symlink attack on the ce_edit_log temporary file.
CVE-2005-1396 EXPLOITDB c WORKING POC
Ce/Ceterm <2.5.4 - Local Privilege Escalation
Race condition in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier allows local users to write to arbitrary files via a symlink attack on the ce_edit_log temporary file.
CVE-2005-2250 EXPLOITDB c WORKING POC
Nokia Affix 2.1.2 and 3.2.0 - Buffer Overflow via Long Filename in OBEX File Share
Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code via a long filename in an OBEX file share.
CVE-2005-2277 EXPLOITDB text WORKING POC
Nokia Affix <3.2.0 - Command Injection
Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename argument of a PUT command.