Luigi Auriemma

568 exploits Active since Feb 2002
CVE-2004-1561 NOMISEC WORKING POC
Icecast <= 2.0.1 - Remote Code Execution via HTTP Header Overflow
Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers.
6 stars
CVE-2004-1561 NOMISEC WORKING POC
Icecast <= 2.0.1 - Remote Code Execution via HTTP Header Overflow
Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers.
CVE-2011-3175 EXPLOITDB ruby WORKING POC
Novell ZENworks Configuration Management 11.1 and 11.1a - Remote Code Execution via Preboot Service Opcode 0x6c
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request.
CVE-2007-6314 EXPLOITDB WORKING POC
BarracudaDrive Web Server <3.8 - Info Disclosure
BarracudaDrive Web Server before 3.8 allows remote attackers to read the source code for web scripts by appending a (1) + (plus), (2) . (dot), or (3) %80 and similar characters to the file name in the URL.
CVE-2007-6315 EXPLOITDB WORKING POC
BarracudaDrive Web Server <3.8 - DoS
Group Chat in BarracudaDrive Web Server before 3.8 allows remote authenticated users to cause a denial of service (crash) via a HTTP request to /eh/chat.ehintf/C. that does not contain a Connection ID, which results in a NULL pointer dereference.
CVE-2007-6316 EXPLOITDB WORKING POC
BarracudaDrive Web Server < 3.8 - Cross-Site Scripting via URI Path in Log Trace Page
Cross-site scripting (XSS) vulnerability in BarracudaDrive Web Server before 3.8 allows remote attackers to inject arbitrary web script or HTML via the URI path in an HTTP GET request, which is activated by administrators viewing log files via the Trace page.
CVE-2007-6377 EXPLOITDB WORKING POC
BadBlue < 2.72b - Remote Code Execution via PassThru Query String Overflow
Stack-based buffer overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and earlier allows remote attackers to execute arbitrary code via a long query string.
CVE-2007-6378 EXPLOITDB WORKING POC
BadBlue < 2.72b - Unauthenticated Path Traversal and Arbitrary File Write via Filename Parameter
Directory traversal vulnerability in upload.dll in BadBlue 2.72b and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the filename parameter.
CVE-2005-1164 EXPLOITDB c WORKING POC
Yager Game <= 5.24 - Denial of Service via Malformed Game Header Packet
Yager 5.24 and earlier allows remote attackers to cause a denial of service (application hang) via a packet with a game header that provides less data than indicated by the length.
CVE-2004-1194 EXPLOITDB c WORKING POC
Star Wars Battlefront 1.11 - Denial of Service via Long Nickname
Buffer overflow in Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a long nickname.
CVE-2011-4529 EXPLOITDB WRITEUP
Siemens Automation License Manager < 5.1 - Remote Code Execution via Long SerialID in License Key Command
Multiple buffer overflows in Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allow remote attackers to execute arbitrary code via a long serialid field in an _licensekey command, as demonstrated by the (1) check_licensekey or (2) read_licensekey command.
CVE-2011-4530 EXPLOITDB WRITEUP
Siemens Automation License Manager < 5.1 - Denial of Service via Long Field Input
Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 does not properly copy fields obtained from clients, which allows remote attackers to cause a denial of service (exception and daemon crash) via long fields, as demonstrated by fields to the (1) open_session->workstation->NAME or (2) grant->VERSION function.
CVE-2011-4531 EXPLOITDB WRITEUP
Siemens Automation License Manager < 5.1 - DoS via Crafted Commands
Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command.
CVE-2012-3815 EXPLOITDB WRITEUP
Winlog Lite < 2.07.18 - Remote Code Execution via Crafted TCP Packet
Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information.
CVE-2012-4353 EXPLOITDB WRITEUP
Winlog Pro < 2.07.17 - Remote Code Execution via Crafted TCP Packet
Stack-based buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a crafted port-46824 TCP packet that triggers an incorrect file-open attempt by the _TCPIPS_BinOpenFileFP function, a different vulnerability than CVE-2012-3815. NOTE: some of these details are obtained from third party information.
CVE-2012-4354 EXPLOITDB WRITEUP
Winlog Pro and Winlog Lite < 2.07.17 - Remote Code Execution via Crafted TCP Packet
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information.
CVE-2012-4355 EXPLOITDB WRITEUP
Winlog Pro and Winlog Lite < 2.07.18 - Remote Code Execution via Crafted TCP Packet
TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted negative integer after the opcode, triggering incorrect function-pointer processing that can lead to a buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4354.
CVE-2012-4356 EXPLOITDB WORKING POC
Winlog Pro < 2.07.17 - Unauthenticated Path Traversal via TCP Port 46824 File Operations
Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. (dot dot) in a pathname, followed by a file-read operation with opcode (1) 0x96, (2) 0x97, or (3) 0x98.
CVE-2005-3486 EXPLOITDB c WORKING POC
Scorched 3D 39.1 (bf) and earlier - Remote Code Execution via Format String Vulnerabilities
Multiple format string vulnerabilities in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, and possibly other unspecified vectors.
CVE-2005-3487 EXPLOITDB c WORKING POC
Scorched 3D 39.1 (bf) and earlier - Remote Code Execution via Multiple Buffer Overflows
Multiple buffer overflows in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, (4) a long command that is not properly handled in ComsMessageHandler.cpp when generating an error message, (5) a long UniqueID value in Logger.cpp, and possibly other unspecified vectors.
CVE-2006-1100 EXPLOITDB c WORKING POC
Sauerbraten Cube - Buffer Overflow via Long Input Streams
Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 2006_02_28 and earlier, as derived from the Cube engine, allows remote attackers to execute arbitrary code via long streams of input data.
CVE-2006-1101 EXPLOITDB c WORKING POC
Sauerbraten Cube - Denial of Service via Long Input Stream in sgetstr and getint Functions
The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine, allow remote attackers to cause a denial of service (segmentation fault) via long streams of input data that trigger an out-of-bounds read, as demonstrated using SV_EXT tag data in the Cube engine, which is not properly handled by getint.
CVE-2006-1102 EXPLOITDB c WORKING POC
Sauerbraten 2006_02_28 - Denial of Service via Map File Path Traversal
Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (client exit) by forcing the server to change to a map (ogz) file whose name contains ".." sequences and has a certain length that prevents the addition of the ".ogz" extension.
CVE-2012-4329 EXPLOITDB WRITEUP
Samsung D6000 Firmware - Denial of Service via Crafted Controller Name
The Samsung D6000 TV and possibly other products allow remote attackers to cause a denial of service (continuous restart) via a crafted controller name.
CVE-2012-4330 EXPLOITDB WRITEUP
Samsung D6000 Firmware - Denial of Service via Long MAC Address Field
The Samsung D6000 TV and possibly other products allows remote attackers to cause a denial of service (crash) via a long string in certain fields, as demonstrated by the MAC address field, possibly a buffer overflow.