Luigi Auriemma

568 exploits Active since Feb 2002
CVE-2006-4089 EXPLOITDB text WRITEUP
Andy Lo-a-foe Alsaplayer < 0.99.76 - Buffer Overflow
Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service (application crash), or have other unknown impact, via (1) a long Location field sent by a web server, which triggers an overflow in the reconnect function in reader/http/http.c; (2) a long URL sent by a web server when AlsaPlayer is seeking a media file for the playlist, which triggers overflows in new_list_item and CbUpdated in interface/gtk/PlaylistWindow.cpp; and (3) a long response sent by a CDDB server, which triggers an overflow in cddb_lookup in input/ccda/cdda_engine.c.
EIP-2026-102602 EXPLOITDB text SUSPICIOUS
Gamespy Software Development Kit - Remote Denial of Service
EIP-2026-102601 EXPLOITDB text WRITEUP
Gamespy Software Development Kit - CD-Key Validation Buffer Overflow
CVE-2006-4197 EXPLOITDB text WRITEUP
Libmusicbrainz < 2.1.2 - Buffer Overflow
Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a long Location header by the HTTP server, which triggers an overflow in the MBHttp::Download function in lib/http.cpp; and (2) a long URL in RDF data, as demonstrated by a URL in an rdf:resource field in an RDF XML document, which triggers overflows in many functions in lib/rdfparse.c.
EIP-2026-102600 EXPLOITDB text WRITEUP
Gamespy 3d 2.62/2.63 - IRC Client Remote Buffer Overflow
CVE-2007-1371 EXPLOITDB text WORKING POC
Radscan Conquest < 8.2a - Buffer Overflow
Multiple buffer overflows in Conquest 8.2a and earlier (1) allow local users to gain privileges by querying a metaserver that sends a long server entry processed by metaGetServerList and allow remote metaservers to execute arbitrary code via a long server entry processed by metaGetServerList; (2) allow attackers to have an unknown impact by exceeding the configured number of metaservers; and allow remote attackers to corrupt memory via a SP_CLIENTSTAT packet with certain values of (3) unum or (4) snum, different vulnerabilities than CVE-2003-0933.
CVE-2008-0225 EXPLOITDB text WORKING POC
Xine-lib < 1.1.9 - Memory Corruption
Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmff_dump_header function and related to disregarding the max field. NOTE: some of these details are obtained from third party information.
CVE-2007-1804 EXPLOITDB text WRITEUP
Pulseaudio - Denial of Service
PulseAudio 0.9.5 allows remote attackers to cause a denial of service (daemon crash) via (1) a PA_PSTREAM_DESCRIPTOR_LENGTH value of FRAME_SIZE_MAX_ALLOW sent on TCP port 9875, which triggers a p->export assertion failure in do_read; (2) a PA_PSTREAM_DESCRIPTOR_LENGTH value of 0 sent on TCP port 9875, which triggers a length assertion failure in pa_memblock_new; or (3) an empty packet on UDP port 9875, which triggers a t assertion failure in pa_sdp_parse; and allows remote authenticated users to cause a denial of service (daemon crash) via a crafted packet on TCP port 9875 that (4) triggers a maxlength assertion failure in pa_memblockq_new, (5) triggers a size assertion failure in pa_xmalloc, or (6) plays a certain sound file.
CVE-2007-6454 EXPLOITDB text WRITEUP
PeerCast <0.1217 - Buffer Overflow
Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.
EIP-2026-102690 EXPLOITDB text WRITEUP
Mumble Murmur 1.2 - Denial of Service
CVE-2007-6036 EXPLOITDB text WRITEUP
LIVE555 Media Server <2007.11.01 - DoS
The parseRTSPRequestString function in LIVE555 Media Server 2007.11.01 and earlier allows remote attackers to cause a denial of service (daemon crash) via a short RTSP query, which causes a negative number to be used during memory allocation.
CVE-2008-0852 EXPLOITDB text WRITEUP
Freesshd < 1.2 - Denial of Service
freeSSHd 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a SSH2_MSG_NEWKEYS packet to TCP port 22, which triggers a NULL pointer dereference.
CVE-2012-2277 EXPLOITDB text WRITEUP
EMC Documentum Information Rights Management - Memory Corruption
The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \n (line feed) characters in the Id fields of many "batch begin untethered" commands.
CVE-2008-0767 EXPLOITDB text WRITEUP
Extremez Print Server < 5.1.2 - Numeric Error
ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier does not verify that a certain "number of URLs" field is consistent with the packet length, which allows remote attackers to cause a denial of service (daemon crash) via a large integer in this field in a packet to the Service Location Protocol (SLP) service on UDP port 427, triggering an out-of-bounds read.
CVE-2012-4330 EXPLOITDB text WRITEUP
Samsung D6000 Firmware - Memory Corruption
The Samsung D6000 TV and possibly other products allows remote attackers to cause a denial of service (crash) via a long string in certain fields, as demonstrated by the MAC address field, possibly a buffer overflow.
CVE-2004-1854 EXPLOITDB text WRITEUP
Picophone Internet Telephone - Buffer Overflow
Buffer overflow in the logging function in Picophone 1.63 and earlier allows remote attackers to execute arbitrary code via a large packet.
CVE-2012-0407 EXPLOITDB text WORKING POC
EMC DPA <5.8 SP1 - DoS
Integer overflow in the DPA_Utilities library in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (infinite loop) via a negative 64-bit value in a certain size field.
CVE-2008-5692 EXPLOITDB text WRITEUP
Ipswitch WS_FTP Server Manager <6.1.1 - Auth Bypass
Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other Ipswitch products, allows remote attackers to bypass authentication and read logs via a logLogout action to FTPLogServer/login.asp followed by a request to FTPLogServer/LogViewer.asp with the localhostnull account name.