Luigi Auriemma

568 exploits Active since Feb 2002
EIP-2026-103883 EXPLOITDB text SUSPICIOUS
Clever's Games Terminator 3: War of the Machines 1.16 Server - Remote Buffer Overflow
EIP-2026-103880 EXPLOITDB text SUSPICIOUS
Cafu 9.06 - Multiple Remote Vulnerabilities
CVE-2005-0671 EXPLOITDB text WRITEUP
Carsten's 3D Engine <March 2004 - RCE
Format string vulnerability in Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via format string specifiers in a command.
EIP-2026-103878 EXPLOITDB text SUSPICIOUS
C'Nedra 0.4 Network Plugin - 'Read_TCP_String' Remote Buffer Overflow
EIP-2026-103875 EXPLOITDB text WRITEUP
Bontago Game Server 1.1 - Remote Nickname Buffer Overrun
CVE-2005-2791 EXPLOITDB text WRITEUP
BFCommand & Control Server Manager <1.22_A - DoS
BFCommand & Control Server Manager BFCC 1.22_A and earlier, and BFVCC 2.14_B and earlier, allows remote attackers to cause a denial of service (refused new connections) via a series of connections and disconnections without sending the login command.
CVE-2008-0100 EXPLOITDB text WRITEUP
white_dune < 0.29beta791 - Remote Code Execution via Long String in .WRL File
Stack-based buffer overflow in the Scene::errorf function in Scene.cpp in White_Dune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via a long string in a .WRL file.
CVE-2007-4358 EXPLOITDB c WORKING POC
Zoidcom 0.6.7 - Denial of Service via Malformed JOIN Packet
Zoidcom 0.6.7 and earlier allows remote attackers to cause a denial of service (application crash) via a JOIN packet (aka connection packet) containing 0x69 in the ninth byte, which triggers a "double-delete" of trace data, a different vulnerability than CVE-2005-1643.
CVE-2008-5280 EXPLOITDB text WRITEUP
Zilab Chat and Instant Messaging (ZIM) Server <2.2 - DoS
The Local ZIM Server in Zilab Chat and Instant Messaging (ZIM) Server 2.0 and 2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted requests without required parameters.
CVE-2006-1593 EXPLOITDB text WRITEUP
Zdaemon < 1.08.01 and X-Doom - Denial of Service via Invalid Player Slot or Item Number
The (1) ZD_MissingPlayer, (2) ZD_UseItem, and (3) ZD_LoadNewClientLevel functions in sv_main.cpp for (a) Zdaemon 1.08.01 and (b) X-Doom allows remote attackers to cause a denial of service (crash) via an invalid player slot or item number, which causes an invalid memory access, possibly due to an invalid array index.
CVE-2008-3314 EXPLOITDB text WRITEUP
zdaemon < 1.08.07 - Denial of Service via Crafted Type 6 Command
ZDaemon 1.08.07 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted type 6 command, which triggers a NULL pointer dereference.
CVE-2008-6713 EXPLOITDB text WRITEUP
Massive Entertainment Wic < 1.008 - Resource Management Error
World in Conflict (WIC) 1.008 and earlier allows remote attackers to cause a denial of service (access violation and crash) via a zero-byte data block to TCP port 48000, which triggers a NULL pointer dereference.
EIP-2026-103752 EXPLOITDB text SUSPICIOUS
World in Conflict 1.0.1 - Typecheck Remote Denial of Service
CVE-2010-4557 EXPLOITDB text WORKING POC
Invensys Wonderware InBatch 8.1 and 9.0 - Buffer Overflow via Crafted Request to Port 9001
Buffer overflow in the lm_tcp service in Invensys Wonderware InBatch 8.1 and 9.0, as used in Invensys Foxboro I/A Series Batch 8.1 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted request to port 9001.
CVE-2007-6537 EXPLOITDB c WORKING POC
WinUAE <= 1.4.4 - Stack-based Buffer Overflow via Long Filename in Gzipped Archive
Stack-based buffer overflow in the zfile_gunzip function in zfile.c in WinUAE 1.4.4 and earlier allows user-assisted remote attackers to execute arbitrary code via a long filename in a gzipped archive, such as a (1) gz, (2) adz, (3) roz, or (4) hdz archive in a compressed floppy disk image.
CVE-2005-1703 EXPLOITDB text WRITEUP
Warrior Kings: Battles 1.23 - Denial of Service via Partial Join Packet
Warrior Kings: Battles 1.23 and earlier allows remote attackers to cause a denial of service (server crash) via a partial join packet that triggers a NULL pointer dereference.
EIP-2026-103700 EXPLOITDB text SUSPICIOUS
Vypress Tonecast 1.3 - Remote Denial of Service
CVE-2008-3680 EXPLOITDB text STUB
Flagship Industries Ventrilo <3.0.2 - DoS
The decryption function in Flagship Industries Ventrilo 3.0.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) by sending a type 0 packet with an invalid version followed by another packet to TCP port 3784.
CVE-2005-2719 EXPLOITDB c WORKING POC
Ventrilo 2.1.2-2.3.0 - Denial of Service via Malformed Status Packet
Ventrilo 2.1.2 through 2.3.0 allows remote attackers to cause a denial of service (application crash) via a status packet that contains less data than specified in the packet header sent to UDP port 3784.
CVE-2007-4533 EXPLOITDB text WRITEUP
Vavoom < 1.24 - Remote Code Execution via Say Command Format String
Format string vulnerability in the Say command in sv_main.cpp in Vavoom 1.24 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a chat message, related to a call to the BroadcastPrintf function.
CVE-2007-4535 EXPLOITDB text WRITEUP
Vavoom < 1.24 - Denial of Service via UDP Packet with Negative NewLen
The VStr::Resize function in str.cpp in Vavoom 1.24 and earlier allows remote attackers to cause a denial of service (daemon crash) via a string with a negative NewLen value within a certain UDP packet that triggers an assertion error.
CVE-2007-4534 EXPLOITDB text WRITEUP
Vavoom < 1.24 - Remote Code Execution via Long Chat Message
Buffer overflow in the VThinker::BroadcastPrintf function in p_thinker.cpp in Vavoom 1.24 and earlier allows remote attackers to execute arbitrary code via (1) a long string in a chat message and possibly (2) a long name field.
CVE-2008-3409 EXPLOITDB text WRITEUP
Unreal Tournament 3 <1.3beta4 - Buffer Overflow
Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a UDP packet containing a large value in a certain size field, followed by a data string of that size, aka attack 1 in ut3mendo.c.
CVE-2008-3396 EXPLOITDB text WRITEUP
Unreal Tournament 2004 <= 3369 - Denial of Service via Malformed Packet Sequence
Unreal Tournament 2004 (UT2004) 3369 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a certain sequence of malformed packets.
CVE-2008-7015 EXPLOITDB text WRITEUP
Unreal Engine 3 - Denial of Service via Large Packet Length
Unreal engine 3, as used in Unreal Tournament 3 1.3, Frontlines: Fuel of War 1.1.1, and other products, allows remote attackers to cause a denial of service (server exit) via a packet with a large length value that triggers a memory allocation failure.