Xpl017Elz

23 exploits Active since May 2002
CVE-2003-0201 EXPLOITDB c WORKING POC
Samba - Buffer Overflow
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
EIP-2026-114797 EXPLOITDB c WORKING POC
Passlog Daemon 0.1 - 'SL_Parse' Remote Buffer Overflow (2)
CVE-2003-0466 EXPLOITDB CRITICAL c WORKING POC
wu-ftpd <2.6.2 - RCE
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVSS 9.8
CVE-2003-0466 EXPLOITDB CRITICAL c WORKING POC
wu-ftpd <2.6.2 - RCE
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVSS 9.8
EIP-2026-114796 EXPLOITDB c WORKING POC
Passlog Daemon 0.1 - 'SL_Parse' Remote Buffer Overflow (1)
CVE-2002-2251 EXPLOITDB c WORKING POC
Marcos Luiz Onisto Lib Cgi - Memory Corruption
Buffer overflow in the changevalue function in libcgi.h for Marcos Luiz Onisto Lib CGI 0.1 allows remote attackers to execute arbitrary code via a long argument.
CVE-2002-1549 EXPLOITDB c WORKING POC
Light HTTPd 0.1 - RCE
Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2007-2668 EXPLOITDB c WORKING POC
webdesproxy 0.0.1 - RCE
Buffer overflow in webdesproxy 0.0.1 allows remote attackers to execute arbitrary code via a long URL, possibly involving the process_connection_request function in webdesproxy.c.
EIP-2026-103248 EXPLOITDB c WORKING POC
WSMP3 0.0.1/0.0.2 - Remote Heap Corruption (2)
CVE-2003-0339 EXPLOITDB c WORKING POC
WsMp3d <0.0.10 - RCE
Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allow remote attackers to execute arbitrary code via long HTTP requests.
CVE-2003-0466 EXPLOITDB CRITICAL c WORKING POC
wu-ftpd <2.6.2 - RCE
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVSS 9.8
CVE-2003-0466 EXPLOITDB CRITICAL c WORKING POC
wu-ftpd <2.6.2 - RCE
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVSS 9.8
CVE-2005-1099 EXPLOITDB c WORKING POC
Greylisting daemon <1.4 - Buffer Overflow
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code.
CVE-2007-0774 EXPLOITDB c WORKING POC
Apache Tomcat JK Web Server Connector <1.2.21 - RCE
Stack-based buffer overflow in the map_uri_to_worker function (native/common/jk_uri_worker_map.c) in mod_jk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a URI worker map routine.
CVE-2006-2022 EXPLOITDB c WORKING POC
LS3 Fenice < 1.10 - Buffer Overflow
Buffer overflow in the parse_url function in the RTSP module (rtsp/parse_url.c) in Fenice 1.10 and earlier allows remote attackers to execute arbitrary code via a long URL.
CVE-2005-1100 EXPLOITDB c WORKING POC
Greylisting daemon <1.4 - RCE
Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog.
CVE-2005-2878 EXPLOITDB c WORKING POC
GNU Mailutils 0.6 - RCE
Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.
CVE-2002-2400 EXPLOITDB c WORKING POC
Hughes Technologies Libhttpd - Memory Corruption
Buffer overflow in the httpdProcessRequest function in LibHTTPD 1.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP POST request.
EIP-2026-102858 EXPLOITDB c WORKING POC
GNU GNATS 3.113 - Environment Variable Buffer Overflow
CVE-2007-2031 EXPLOITDB c WORKING POC
3proxy < 0.5.3g - Buffer Overflow
Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests.
CVE-2003-1452 EXPLOITDB c WORKING POC
Qualcomm qpopper <4.05 - Code Injection
Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program.
EIP-2026-102957 EXPLOITDB text WORKING POC
ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' exec-shield Local Overflow
CVE-2002-0239 EXPLOITDB c WORKING POC
Hanterm - Buffer Overflow
Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument.