Stan Bubrouski

7 exploits Active since Jun 2000
CVE-2002-2174 EXPLOITDB perl WORKING POC
602Pro LAN SUITE 2002 - Denial of Service via Telnet Proxy Connection Flood
The Telnet proxy of 602Pro LAN SUITE 2002 does not restrict the number of outstanding connections to the local host, which allows remote attackers to create a denial of service (memory consumption) via a large number of connections.
CVE-2000-0691 EXPLOITDB text WORKING POC
mgetty - Arbitrary File Write via Symlink Attack in faxrunq and faxrunqd
The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file.
CVE-2001-0440 EXPLOITDB c WORKING POC
licq < 1.0.3 - Buffer Overflow in Logging Functions
Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.
CVE-2000-0520 EXPLOITDB c WORKING POC
dump restore 0.4b17 - Local Buffer Overflow via Long Tape Name
Buffer overflow in restore program 0.4b17 and earlier in dump package allows local users to execute arbitrary commands via a long tape name.
CVE-2003-0154 EXPLOITDB text WORKING POC
Mozilla Bonsai - Cross-Site Scripting via Multiple CGI Parameters
Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244.
CVE-2005-4327 EXPLOITDB text WORKING POC
Michael Arndt WebCal 1.11-3.04 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Michael Arndt WebCal 1.11-3.04 allow remote attackers to inject arbitrary web script or HTML via the (1) function, (2) year, and (3) date parameters to webcal.cgi, (4) new calendar entries, and (5) notes for entries.
CVE-2003-0153 EXPLOITDB text WRITEUP
bonsai Mozilla CVS - Info Disclosure
bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi.