Luigi Auriemma

568 exploits Active since Feb 2002
CVE-2010-2621 EXPLOITDB text WRITEUP
Digia QT < 4.6.3 - Improper Input Validation
The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed request.
CVE-2006-2587 EXPLOITDB text WORKING POC
PunkBuster < 1.229 - Buffer Overflow via WebTool HTTP Server Webkey Parameter
Buffer overflow in the WebTool HTTP server component in (1) PunkBuster before 1.229, as used by multiple products including (2) America's Army 1.228 and earlier, (3) Battlefield 1942 1.158 and earlier, (4) Battlefield 2 1.184 and earlier, (5) Battlefield Vietnam 1.150 and earlier, (6) Call of Duty 1.173 and earlier, (7) Call of Duty 2 1.108 and earlier, (8) DOOM 3 1.159 and earlier, (9) Enemy Territory 1.167 and earlier, (10) Far Cry 1.150 and earlier, (11) F.E.A.R. 1.093 and earlier, (12) Joint Operations 1.187 and earlier, (13) Quake III Arena 1.150 and earlier, (14) Quake 4 1.181 and earlier, (15) Rainbow Six 3: Raven Shield 1.169 and earlier, (16) Rainbow Six 4: Lockdown 1.093 and earlier, (17) Return to Castle Wolfenstein 1.175 and earlier, and (18) Soldier of Fortune II 1.183 and earlier allows remote attackers to cause a denial of service (application crash) via a long webkey parameter.
CVE-2007-6510 EXPLOITDB c WORKING POC
ProWizard 4 PC < 1.62 - Remote Code Execution via Crafted File in Multiple Rippers
Multiple stack-based buffer overflows in ProWizard 4 PC (prowiz) 1.62 and earlier allow remote attackers to execute arbitrary code via a crafted file to the (1) AMOS-MusicBank, (2) FuzzacPacker, and (3) QuadraComposer rippers; and (4) have an unknown impact via a crafted file to the SkytPacker ripper.
EIP-2026-103637 EXPLOITDB text WORKING POC
presto! pagemanager 9.01 - Multiple Vulnerabilities
CVE-2008-0153 EXPLOITDB text WRITEUP
Pragma TelnetServer 7.0.4.589 - Denial of Service via Crafted TELOPT PRAGMA LOGON Telnet Option
telnetd.exe in Pragma TelnetServer 7.0.4.589 allows remote attackers to cause a denial of service (process crash and resource exhaustion) via a crafted TELOPT PRAGMA LOGON telnet option, which triggers a NULL pointer dereference.
CVE-2008-0132 EXPLOITDB text WRITEUP
Pragma FortressSSH < 5.0 - Denial of Service via Long SSH Input
Pragma FortressSSH 5.0 Build 4 Revision 293 and earlier handles long input to sshd.exe by creating an error-message window and waiting for the administrator to click in this window before terminating the sshd.exe process, which allows remote attackers to cause a denial of service (connection slot exhaustion) via a flood of SSH connections with long data objects, as demonstrated by (1) a long list of keys and (2) a long username.
CVE-2008-0755 EXPLOITDB text WRITEUP
cyanPrintIP and Opium4 OPI Server < 4.10.1030 - Remote Code Execution via Format String in LPD Queue Name
Format string vulnerability in the ReportSysLogEvent function in the LPD server in cyan soft Opium OPI Server 4.10.1028 and earlier; cyanPrintIP Easy OPI, Professional, and Basic 4.10.1030 and earlier; Workstation 4.10.836 and earlier; and Standard 4.10.940 and earlier; might allow remote attackers to execute arbitrary code via format string specifiers in the queue name in a request.
CVE-2007-6103 EXPLOITDB text WRITEUP
I Hear U < 0.5.6 - Denial of Service via Malformed Packet Handling
I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) a denial of service (infinite loop) via a packet that contains zero in the size field in its header, which is improperly handled by the Receiver::processPacket function; and (2) a denial of service (daemon crash) via an (a) IHU_INFO_INIT or a (b) IHU_INFO_RING packet that does not specify the mode, which is improperly handled by the Player::ring function in Player.cpp.
CVE-2006-1999 EXPLOITDB text WRITEUP
OpenTTD 0.4.7 - Denial of Service via Malformed UDP Packet
The multiplayer menu in OpenTTD 0.4.7 allows remote attackers to cause a denial of service via a UDP packet with an incorrect size, which causes the client to return to the main menu.
EIP-2026-103601 EXPLOITDB text WORKING POC
NullLogic Null HTTPd 0.5 - Remote Denial of Service
CVE-2006-2575 EXPLOITDB text STUB
NetPanzer 0.8 and earlier - Denial of Service via setFrame Function
The setFrame function in Lib/2D/Surface.hpp for NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service (crash) via a client flag (frameNum) that is greater than 41, which triggers an assert error.
CVE-2005-1402 EXPLOITDB text WRITEUP
mtp-target < 1.2.2 - Denial of Service via Negative STLport Call Value
Integer signedness error in certain older versions of the NeL library, as used in Mtp-Target 1.2.2 and earlier, and possibly other products, allows remote attackers to cause a denial of service (memory consumption or server crash) via a negative value in a STLport call, which is not caught by a signed comparison.
CVE-2006-1046 EXPLOITDB text WRITEUP
monopd 0.9.3 - Denial of Service via XML Output Escaping
server.cpp in Monopd 0.9.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via a string containing a large number of characters that are escaped when Monopd produces XML output.
EIP-2026-103552 EXPLOITDB text SUSPICIOUS
Monolith Lithtech Game Engine - Memory Corruption
EIP-2026-103545 EXPLOITDB text WRITEUP
MercurySteam Scrapland Game Server 1.0 - Remote Denial of Service
EIP-2026-103544 EXPLOITDB text WRITEUP
Medieval Total War 1.0/1.1 - nickname Denial of Service
EIP-2026-103536 EXPLOITDB text WRITEUP
Live For Speed S2 - Duplicate Join Packet Remote Denial of Service
EIP-2026-103535 EXPLOITDB text SUSPICIOUS
Live For Speed S1/S2 - Multiple Vulnerabilities
CVE-2007-6631 EXPLOITDB text WRITEUP
LScube libnemesi < 0.6.4-rc1 - Remote Code Execution via Long RTSP Headers
Multiple buffer overflows in LScube libnemesi 0.6.4-rc1 and earlier allow remote attackers to execute arbitrary code via (1) a reply that begins with a long version string, which triggers an overflow in handle_rtsp_pkt in rtsp_handlers.c; long headers that trigger overflows in (2) send_pause_request, (3) send_play_request, (4) send_setup_request, or (5) send_teardown_request in rtsp_send.c, as demonstrated by the Content-Base header; or a long Transport header, which triggers an overflow in (6) get_transport_str_sctp, (7) get_transport_str_tcp, or (8) get_transport_str_udp in rtsp_transport.c.
CVE-2006-3879 EXPLOITDB c WORKING POC
Mikmod Sound System 3.2.2 - Denial of Service via GT2 Module XCOM Chunk Comment Length
Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in Mikmod Sound System 3.2.2 allows remote attackers to cause a denial of service via a GRAOUMF TRACKER (GT2) module file with a large (0xffffffff) comment length value in an XCOM chunk.
CVE-2006-2458 EXPLOITDB text WORKING POC
libextractor <= 0.5.13 - Remote Code Execution via ASF and QT Plugin Buffer Overflow
Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via (1) the asf_read_header function in the ASF plugin (plugins/asfextractor.c), and (2) the parse_trak_atom function in the QT plugin (plugins/qtextractor.c).
EIP-2026-103524 EXPLOITDB text SUSPICIOUS
Jera Technology Flash Messaging Server 5.2 - Remote Denial of Service
EIP-2026-103522 EXPLOITDB text WRITEUP
JanaServer 2 - Multiple Remote Denial of Service Vulnerabilities
CVE-2008-5284 EXPLOITDB text WORKING POC
IEA Software RadiusNT/RadX <5.1.44 - DoS
The web server in IEA Software RadiusNT and RadiusX 5.1.38 and other versions before 5.1.44, Emerald 5.0.49 and other versions before 5.0.52, Air Marshal 2.0.4 and other versions before 2.0.8, and Radius test client (aka Radlogin) 4.0.20 and earlier, allows remote attackers to cause a denial of service (crash) via an HTTP Content-Length header with a negative value, which triggers a single byte overwrite of memory using a NULL terminator. NOTE: some of these details are obtained from third party information.
EIP-2026-103516 EXPLOITDB c WORKING POC
id3lib ID3 Tags - Buffer Overflow