Luigi Auriemma

568 exploits Active since Feb 2002
EIP-2026-116233 EXPLOITDB text SUSPICIOUS
Serv-U FTP Server 11.1.0.3 - Denial of Service / Security Bypass
CVE-2005-0621 EXPLOITDB c WORKING POC
Scrapland 1.0 and earlier - Denial of Service via Error Handling
Scrapland 1.0 and earlier allows remote attackers to cause a denial of service (server termination) by triggering an error, which is treated as a fatal error by the server, as demonstrated using (1) signed integers for size values, (2) an invalid model, (3) a "newpos" value that is less than or equal to a size value, or (4) partial packets.
CVE-2005-0568 EXPLOITDB c WORKING POC
Soldier of Fortune II 1.03 gold - Denial of Service via Large cl_guid Value
Soldier of Fortune II 1.03 gold allows remote attackers to cause a denial of service (application crash) via a large cl_guid value, which results in an invalid pointer dereference.
CVE-2005-3488 EXPLOITDB c WORKING POC
Scorched 3D 39.1 (bf) and earlier - Denial of Service via Negative numplayers Value
Scorched 3D 39.1 (bf) and earlier allows remote attackers to cause a denial of service (long loop and server hang) via a negative numplayers value that bypasses a signed check in ServerConnectHandler.cpp.
CVE-2011-0517 EXPLOITDB text WORKING POC
Sielco Sistemi Winlog Pro < 2.07.00 - Remote Code Execution via Crafted 0x02 Opcode
Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823.
CVE-2011-3489 EXPLOITDB text WORKING POC
Rockwell RSLogix < 19 - Denial of Service via Crafted RNA Packet
RnaUtility.dll in RsvcHost.exe 2.30.0.23 in Rockwell RSLogix 19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted rna packet with a long string to TCP port 4446 that triggers (1) "a memset zero overflow" or (2) an out-of-bounds read, related to improper handling of a 32-bit size field.
EIP-2026-116211 EXPLOITDB text WORKING POC
Samsung AllShare 2.1.1.0 - Null Pointer Dereference
EIP-2026-116193 EXPLOITDB text WRITEUP
Rocket Software UniData 7.2.7.3806 - Denial of Service
CVE-2004-0345 EXPLOITDB c WORKING POC
Red Faction <= 1.20 - Remote Code Execution via Long Server Name
Buffer overflow in Red Faction client 1.20 and earlier allows remote servers to execute arbitrary code via a long server name.
CVE-2012-4335 EXPLOITDB text WRITEUP
Samsung NET-i viewer 1.37.120316 - Denial of Service via Negative Size Value in TCP Request
Samsung NET-i viewer 1.37.120316 allows remote attackers to cause a denial of service (infinite loop) via a negative size value in a TCP request to (1) NiwMasterService or (2) NiwStorageService. NOTE: some of these details are obtained from third party information.
CVE-2006-1103 EXPLOITDB c WORKING POC
Sauerbraten 2006_02_28 - Denial of Service via Incomplete Client Join Timeout
engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (segmentation fault) via a client that does not completely join the game and times out, which results in a null pointer dereference.
CVE-2004-1542 EXPLOITDB c WORKING POC
Soldier of Fortune II <= 1.03 Gold - Denial of Service via Long Query or Reply
Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows remote attackers to cause a denial of service (server or client crash) via a long (1) query or (2) reply.
CVE-2005-3135 EXPLOITDB c WORKING POC
Virtools Web Player <3.0.0.100 - RCE
Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to execute arbitrary code via a long filename.
EIP-2026-116087 EXPLOITDB text WORKING POC
PowerDVD 11.0.0.2114 - Remote Denial of Service
EIP-2026-116090 EXPLOITDB text WRITEUP
PowerNet Twin Client 8.9 - 'RFSync 1.0.0.1' Crash (PoC)
CVE-2004-1698 EXPLOITDB c WORKING POC
PopMessenger 1.60 - Denial of Service via Invalid Base64 Characters
The Base64 function in PopMessenger 1.60 (before 20 Sep 2004) and earlier allows remote attackers to cause a denial of service (application crash) via invalid characters in a message, which causes several alert dialogs to be displayed and leads to a crash.
EIP-2026-116122 EXPLOITDB text WRITEUP
Qt 4.6.3 - Remote Denial of Service
CVE-2005-0430 EXPLOITDB c WORKING POC
Quake 3 Engine - Denial of Service via Long Infostring
The Quake 3 engine, as used in multiple game packages, allows remote attackers to cause a denial of service (shutdown game server) and possibly crash the server via a long infostring, possibly triggering a buffer overflow.
EIP-2026-115966 EXPLOITDB text WRITEUP
Novell Groupwise Messenger Client 2.1.0 - Unicode Stack Overflow
CVE-2008-0234 EXPLOITDB text WORKING POC
Apple Quicktime < 7.4.1 - Remote Code Execution via RTSP Reason-Phrase Buffer Overflow
Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions before 7.4.1, when RTSP tunneling is enabled, allows remote attackers to execute arbitrary code via a long Reason-Phrase response to an rtsp:// request, as demonstrated using a 404 error message.
CVE-2004-1688 EXPLOITDB c WORKING POC
Pigeon Server <= 3.02.0143 - Denial of Service via Long Login Name
Pigeon Server 3.02.0143 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a long login name sent to port 3103.
CVE-2012-3797 EXPLOITDB text WRITEUP
Pro-face Pro-Server EX < 1.30.000 and WinGP PC Runtime < 3.1.00 - Heap Memory Corruption via Crafted Packet
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, does not properly check packet sizes before reusing packet memory buffers, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a short crafted packet with a certain opcode.
EIP-2026-116136 EXPLOITDB text SUSPICIOUS
Quicksilver Master of Orion III 1.2.5 - Multiple Remote Denial of Service Vulnerabilities
EIP-2026-115965 EXPLOITDB text WRITEUP
Novell Groupwise Messenger 2.1.0 - Memory Corruption
CVE-2011-4045 EXPLOITDB text WRITEUP
ARC Informatique PcVue <10.0 - Buffer Overflow
Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to cause a denial of service via a crafted HTML document.