Luigi Auriemma

568 exploits Active since Feb 2002
EIP-2026-103689 EXPLOITDB text WORKING POC
Unreal Engine 2.5 - 'UpdateConnectingMessage()' Remote Stack Buffer Overflow (PoC)
CVE-2008-7011 EXPLOITDB text WRITEUP
Digital Extreme Pariah - Resource Management Error
The Unreal engine, as used in Unreal Tournament 3 1.3, Unreal Tournament 2003 and 2004, Dead Man's Hand, Pariah, WarPath, Postal2, and Shadow Ops, allows remote authenticated users to cause a denial of service (server exit) via multiple file downloads from the server, which triggers an assertion failure when the Closing flag in UnChan.cpp is set.
EIP-2026-103688 EXPLOITDB text WRITEUP
Unreal Engine - 'ReceivedRawBunch()' Denial of Service
EIP-2026-103686 EXPLOITDB text WRITEUP
Ubisoft Ghost Recon Advanced Warfighter - Integer Overflow / Array Indexing Overflow
EIP-2026-103681 EXPLOITDB text WRITEUP
TrackMania 2.11.11 - Multiple Remote Vulnerabilities
CVE-2004-2360 EXPLOITDB text WRITEUP
Targem Battle Mages 1.0 - Denial of Service via Incomplete UDP Packet
Targem Battle Mages 1.0 allows remote attackers to cause a denial of service (infinite loop) via a UDP packet with incomplete data, which causes the server to enter an infinite loop while waiting to read the rest of the data that is not sent.
CVE-2008-0912 EXPLOITDB text WRITEUP
Sybase MobiLink < 10.0.1.3629 - Remote Code Execution via Long Username, Version, or Remote ID
Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer Edition 10.0.1.3415 and probably other products, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a long (1) username, (2) version, or (3) remote ID. NOTE: some of these details are obtained from third party information.
CVE-2008-3286 EXPLOITDB c WORKING POC
SWAT 4 < 1.1 - Denial of Service via VERIFYCONTENT or GAMECONFIG Command
SWAT 4 1.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) VERIFYCONTENT or (2) GAMECONFIG command sent to the server before user session initialization, which triggers a NULL pointer dereference; or (3) a GAMESPYRESPONSE command followed by a long RS string.
CVE-2008-6670 EXPLOITDB text WRITEUP
Vertex4 SunAge < 1.08.1 - Denial of Service via Crafted UDP Packet
Integer overflow in Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet to UDP port 27960.
EIP-2026-103660 EXPLOITDB text SUSPICIOUS
Star Wars Battlefront II 1.1 - Remote Denial of Service
CVE-2007-4531 EXPLOITDB text WRITEUP
Soldat game server <1.4.2 & dedicated server <2.6.2 - DoS
Soldat game server 1.4.2 and earlier, and dedicated server 2.6.2 and earlier, allows remote attackers to cause a client denial of service (crash) via (1) a long string to the file transfer port or (2) a long chat message, or (3) a server denial of service (continuous beep and slowdown) via a string containing many 0x07 or other control characters to the file transfer port.
EIP-2026-103654 EXPLOITDB text WRITEUP
Sniper Elite 1.0 - Null Pointer Dereference Denial of Service
CVE-2008-2748 EXPLOITDB text WRITEUP
Skulltag <= 0.97d2-RC2 - Denial of Service via Malformed Connect Packets
Skulltag 0.97d2-RC2 and earlier allows remote attackers to cause a denial of service (daemon hang) via a series of long, malformed connect packets, related to these packets being "parsed multiple times."
CVE-2003-1143 EXPLOITDB c WORKING POC
Croteam Serioussam - Denial of Service
Croteam Serious Sam demo test 2 2.1a, Serious Sam: the First Encounter 1.05, and Serious Sam: the Second Encounter 1.05 allow remote attackers to cause a denial of service (crash or freeze) via a TCP packet with an invalid first parameter.
EIP-2026-103648 EXPLOITDB text WRITEUP
S.T.A.L.K.E.R. Clear Sky 1.0010 - Remote Denial of Service
CVE-2008-6702 EXPLOITDB c WORKING POC
Stalker-game S.t.a.l.k.e.r. < 1.0006 - Improper Input Validation
S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (crash) via a long nickname, which triggers an exception.
CVE-2008-6703 EXPLOITDB text WRITEUP
Stalker-game S.t.a.l.k.e.r. < 1.0006 - Memory Corruption
Stack-based buffer overflow in the IPureServer::_Recieve function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to execute arbitrary code via a compressed 0x39 packet, which is decompressed by the NET_Compressor::Decompress function.
EIP-2026-103646 EXPLOITDB text SUSPICIOUS
RPM Remote Print Manager 4.5.1 - Service Remote Buffer Overflow
CVE-2004-2451 EXPLOITDB text WRITEUP
Roger Wilco 1.4.1.6 and earlier - Unauthenticated Audio Channel Injection
Roger Wilco 1.4.1.6 and earlier, or Roger Wilco Base Station 0.30a or earlier, allows remote attackers to send audio to arbitrary channels, aka the "Voices from the deep" bug.
CVE-2004-2449 EXPLOITDB text WRITEUP
Roger Wilco Dedicated and Graphical Server - Denial of Service via Malformed UDP Datagram
Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier allows remote attackers to cause a denial of service (application crash) via a long, malformed UDP datagram.
CVE-2012-0221 EXPLOITDB text WRITEUP
Rockwell Automation FactoryTalk CPR9-SR5 and RSLogix 5000 17-20 - Denial of Service via RNADiagReceiver Service
The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 does not properly handle the return value from an unspecified function, which allows remote attackers to cause a denial of service (service outage) via a crafted packet.
CVE-2008-1278 EXPLOITDB text WORKING POC
Remotely Anywhere Server/Workstation <8.0.668 - DoS
The RemotelyAnywhere.exe service in the Remotely Anywhere Server and Workstation 8.0.668 and earlier allows remote attackers to cause a denial of service (crash) via an invalid Accept-Charset header, which triggers a NULL pointer dereference. NOTE: the service is automatically restarted.
CVE-2004-2371 EXPLOITDB text WRITEUP
Red Storm web-based games - DoS
Multiple Red Storm web-based games, including Ghost Recon 1.4 and earlier, Desert Siege, and The Sum of all Fears 1.1.1.0 and earlier, do not properly check return values from certain functions, which allows remote attackers to cause a denial of service (hang) via packets that contain text strings with incorrect size values.
CVE-2005-1899 EXPLOITDB text WRITEUP
Rakkarsoft RakNet < 2.33 - Denial of Service via Zero-Byte UDP Packet
Rakkarsoft RakNet network library 2.33 and earlier, when released before 30 May 2005, and as used in multiple products including nFusion Elite Warriors: Vietnam, allows remote attackers to cause a denial of service (infinite loop) via a zero-byte UDP packet.
CVE-2006-2875 EXPLOITDB c WORKING POC
Quake 3 Engine <1.32c - Buffer Overflow
Stack-based buffer overflow in the CL_ParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svc_download command with compressed data that triggers the overflow during expansion.