Luigi Auriemma

568 exploits Active since Feb 2002
CVE-2005-0382 EXPLOITDB c WORKING POC
Breed patch 1 - Denial of Service via Empty UDP Packet
Breed patch 1 and earlier allows remote attackers to cause a denial of service (application crash) via an empty UDP packet, which triggers a null dereference.
EIP-2026-114991 EXPLOITDB c WORKING POC
Blitzkrieg 2 < 1.21 - 'Server/Client' Denial of Service
CVE-2011-3486 EXPLOITDB text WORKING POC
Beckhoff TwinCAT <2.11.0.2004 - DoS
Beckhoff TwinCAT 2.11.0.2004 and earlier allows remote attackers to cause a denial of service via a crafted request to UDP port 48899, which triggers an out-of-bounds read.
CVE-2004-1220 EXPLOITDB c WORKING POC
Battlefield 1942 and Vietnam - Denial of Service via Large numplayers Server Reply
Battlefield 1942 1.6.19 and earlier, and Battlefield Vietnam 1.2 and earlier, allows a remote master server to cause a denial of service (client crash) via a server reply that contains a large numplayers value, which triggers a null dereference.
CVE-2005-3493 EXPLOITDB c WORKING POC
Battle Carry <= .005 - Denial of Service via Large UDP Packet
Battle Carry .005 and earlier allows remote attackers to cause a denial of service (inaccessible port) via a large packet, which triggers a socket error and terminates the socket that is listening on the server's UDP port.
CVE-2011-4883 EXPLOITDB text WORKING POC
atvise webMI2ADS < 2.0.2 - Denial of Service via HTTP Request Validation Bypass
The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly validate values in HTTP requests, which allows remote attackers to cause a denial of service (resource consumption) via a crafted request.
CVE-2005-0370 EXPLOITDB c WORKING POC
Armagetron < 0.2.6.0 and Armagetron Advanced < 0.2.7.0 - Denial of Service via Empty UDP Packet
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and earlier allow remote attackers to cause a denial of service (network disconnection) via an empty UDP packet, which is not properly distinguished from the "no new packets" state of the associated socket.
CVE-2004-1207 EXPLOITDB c WORKING POC
Serioussam Seriousengine - Denial of Service
The Serious engine, as used in (1) Alpha Black Zero Intrepid Protocol 1.04 and earlier, (2) Nitro family, and (3) Serious Sam Second Encounter 1.07 allows remote attackers to cause a denial of service (server crash) via a large number of UDP join requests that exceeds the maximum player limit, as originally reported for Alpha Black Zero.
CVE-2006-1147 EXPLOITDB c WORKING POC
Alien Arena 2006 Gold Edition 5.00 - DoS
The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name.
CVE-2004-1619 EXPLOITDB c WORKING POC
Privateer's Bounty: Age of Sail II - Buffer Overflow via Long Nickname
Buffer overflow in Privateer's Bounty: Age of Sail II allows remote attackers to execute arbitrary code via a long nickname.
CVE-2005-0479 EXPLOITDB text WORKING POC
trackercam < 5.12 - Directory Traversal via ComGetLogFile.php3 fn Parameter
Directory traversal vulnerability in ComGetLogFile.php3 for TrackerCam 5.12 and earlier allows remote attackers to read arbitrary files via ".." sequences and (1) "/" slash), (2) "\" (backslash), or (3) hex-encoded characters in the fn parameter.
CVE-2008-5674 EXPLOITDB text WRITEUP
Darkwet webcamXP < 3.72.440.0 - Denial of Service and Memory Read via Invalid camnum and id Parameters
Multiple array index errors in the HTTP server in Darkwet Network webcamXP 3.72.440.0 and earlier and beta 4.05.280 and earlier allow remote attackers to cause a denial of service (device crash) and read portions of memory via (1) an invalid camnum parameter to the pocketpc component and (2) an invalid id parameter to the show_gallery_pic component.
CVE-2008-5674 EXPLOITDB text WRITEUP
Darkwet webcamXP < 3.72.440.0 - Denial of Service and Memory Read via Invalid camnum and id Parameters
Multiple array index errors in the HTTP server in Darkwet Network webcamXP 3.72.440.0 and earlier and beta 4.05.280 and earlier allow remote attackers to cause a denial of service (device crash) and read portions of memory via (1) an invalid camnum parameter to the pocketpc component and (2) an invalid id parameter to the show_gallery_pic component.
CVE-2008-5159 EXPLOITDB text WRITEUP
Client Software WinCom LPD Total < 3.0.2.623 - Denial of Service via Large String Length Argument
Integer overflow in the remote administration protocol processing in Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to cause a denial of service (crash) via a large string length argument, which triggers memory corruption.
CVE-2005-1702 EXPLOITDB text WRITEUP
Warrior Kings < 1.3 and Warrior Kings: Battles < 1.23 - Remote Code Execution via Format String in Nickname
Format string vulnerability in Warrior Kings: Battles 1.23 and earlier and Warrior Kings 1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a nickname.
CVE-2007-4446 EXPLOITDB text WRITEUP
Toribash < 2.71 - Remote Code Execution via NICK Command Format String
Format string vulnerability in the server in Toribash 2.71 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the NICK command (client nickname) when entering a game.
CVE-2008-0671 EXPLOITDB text WRITEUP
TinTin++ 1.97.9 - Stack-based Buffer Overflow via Long Chat Message
Stack-based buffer overflow in the add_line_buffer function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to execute arbitrary code via a long chat message, related to conversion from LF to CRLF.
CVE-2005-0906 EXPLOITDB text WRITEUP
Tincat 2.x < 2.0.28 - Buffer Overflow in Player Logging Function
Buffer overflow in a player logging function in the Tincat network library 2.x before 2.0.28, as used in games such as Sacred and The Settlers: Heritage of Kings, allows remote attackers to execute arbitrary code.
EIP-2026-104105 EXPLOITDB text SUSPICIOUS
Techland XPand Rally 1.0/1.1 - Remote Format String
CVE-2007-4537 EXPLOITDB text WRITEUP
Skulltag <0.97d-beta4.1 - Buffer Overflow
Heap-based buffer overflow in the Huffman decompression algorithm implemented in Skulltag 0.97d-beta4.1 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet.
CVE-2008-0244 EXPLOITDB text WRITEUP
SAP MaxDB < 7.6.3_build_007 - Remote Command Execution via Shell Metacharacters in exec_sdbinfo
SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to execute arbitrary commands via "&&" and other shell metacharacters in exec_sdbinfo and other unspecified commands, which are executed when MaxDB invokes cons.exe.
CVE-2003-0767 EXPLOITDB c WORKING POC
RogerWilco graphical server <1.4.1.6 - Buffer Overflow
Buffer overflow in RogerWilco graphical server 1.4.1.6 and earlier, dedicated server 0.32a and earlier for Windows, and 0.27 and earlier for Linux and BSD, allows remote attackers to cause a denial of service and execute arbitrary code via a client request with a large length value.
EIP-2026-104063 EXPLOITDB text SUSPICIOUS
RndLabs Babo Violent 2 - Multiple Vulnerabilities
EIP-2026-104062 EXPLOITDB text SUSPICIOUS
Rejetto HTTP File Server (HFS) 2.2/2.3 - Arbitrary File Upload
EIP-2026-104059 EXPLOITDB text WRITEUP
realnetworks realarcade 1.2.0.994 - Multiple Vulnerabilities