Teso

11 exploits Active since Apr 2000
CVE-2000-0405 EXPLOITDB c WORKING POC
L0pht AntiSniff - Buffer Overflow via Malformed DNS Response Packet
Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet.
CVE-2000-0405 EXPLOITDB c WORKING POC
L0pht AntiSniff - Buffer Overflow via Malformed DNS Response Packet
Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet.
CVE-2001-0144 EXPLOITDB text STUB
OpenSSH - Remote Code Execution via CRC-32 Compensation Attack
CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.
CVE-2001-0797 EXPLOITDB c WORKING POC
SGI IRIX - Buffer Overflow in Login via Telnet/Rlogin Arguments
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
CVE-2000-0284 EXPLOITDB c WORKING POC
University of Washington imapd 4.7 - Authenticated Buffer Overflow via LIST Command
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
CVE-2001-0550 EXPLOITDB c WORKING POC
wu-ftpd 2.6.1 - Remote Command Execution via Glob Function
wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
CVE-2002-0048 EXPLOITDB c WORKING POC
rsync - Remote Code Execution via Signedness Error in I/O Functions
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.
CVE-2002-0048 EXPLOITDB c WORKING POC
rsync - Remote Code Execution via Signedness Error in I/O Functions
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.
CVE-2002-0163 EXPLOITDB c WORKING POC
Squid < 2.4_9 - Heap-Based Buffer Overflow via Compressed DNS Responses
Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses.
CVE-2000-0574 EXPLOITDB c WORKING POC
OpenBSD ftpd - Remote Code Execution via Format String in setproctitle
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
CVE-2001-0093 EXPLOITDB c WORKING POC
FreeBSD 1.5 - Privilege Escalation via telnetd Environmental Variable Manipulation
Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd.