Xpl017Elz

23 exploits Active since May 2002
CVE-2003-0201 EXPLOITDB c WORKING POC
Samba < 2.2.8a and 2.0.10 - Remote Code Execution via call_trans2open Buffer Overflow
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
EIP-2026-114797 EXPLOITDB c WORKING POC
Passlog Daemon 0.1 - 'SL_Parse' Remote Buffer Overflow (2)
CVE-2003-0466 EXPLOITDB CRITICAL c WORKING POC
wu-ftpd 2.5.0-2.6.2 - Remote Code Execution via fb_realpath Off-by-one Error
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVSS 9.8
CVE-2003-0466 EXPLOITDB CRITICAL c WORKING POC
wu-ftpd 2.5.0-2.6.2 - Remote Code Execution via fb_realpath Off-by-one Error
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVSS 9.8
EIP-2026-114796 EXPLOITDB c WORKING POC
Passlog Daemon 0.1 - 'SL_Parse' Remote Buffer Overflow (1)
CVE-2002-2251 EXPLOITDB c WORKING POC
Marcos Luiz Onisto Lib CGI 0.1 - Buffer Overflow in changevalue Function
Buffer overflow in the changevalue function in libcgi.h for Marcos Luiz Onisto Lib CGI 0.1 allows remote attackers to execute arbitrary code via a long argument.
CVE-2002-1549 EXPLOITDB c WORKING POC
Light HTTPd 0.1 - Remote Code Execution via Long HTTP GET Request
Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2007-2668 EXPLOITDB c WORKING POC
webdesproxy 0.0.1 - Remote Code Execution via Long URL
Buffer overflow in webdesproxy 0.0.1 allows remote attackers to execute arbitrary code via a long URL, possibly involving the process_connection_request function in webdesproxy.c.
EIP-2026-103248 EXPLOITDB c WORKING POC
WSMP3 0.0.1/0.0.2 - Remote Heap Corruption (2)
CVE-2003-0339 EXPLOITDB c WORKING POC
WsMp3 daemon 0.0.10 - Remote Code Execution via Long HTTP Requests
Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allow remote attackers to execute arbitrary code via long HTTP requests.
CVE-2003-0466 EXPLOITDB CRITICAL c WORKING POC
wu-ftpd 2.5.0-2.6.2 - Remote Code Execution via fb_realpath Off-by-one Error
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVSS 9.8
CVE-2003-0466 EXPLOITDB CRITICAL c WORKING POC
wu-ftpd 2.5.0-2.6.2 - Remote Code Execution via fb_realpath Off-by-one Error
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVSS 9.8
CVE-2005-1099 EXPLOITDB c WORKING POC
Greylisting daemon <1.4 - Buffer Overflow
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code.
CVE-2007-0774 EXPLOITDB c WORKING POC
Apache Tomcat JK Web Server Connector <1.2.21 - RCE
Stack-based buffer overflow in the map_uri_to_worker function (native/common/jk_uri_worker_map.c) in mod_jk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a URI worker map routine.
CVE-2006-2022 EXPLOITDB c WORKING POC
Fenice < 1.10 - Remote Code Execution via RTSP URL Parsing Buffer Overflow
Buffer overflow in the parse_url function in the RTSP module (rtsp/parse_url.c) in Fenice 1.10 and earlier allows remote attackers to execute arbitrary code via a long URL.
CVE-2005-1100 EXPLOITDB c WORKING POC
Greylisting daemon (GLD) 1.3-1.4 - Remote Code Execution via Format String in ErrorLog Function
Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog.
CVE-2005-2878 EXPLOITDB c WORKING POC
GNU Mailutils 0.6 - Authenticated Remote Code Execution via IMAP SEARCH Command Format String
Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.
CVE-2002-2400 EXPLOITDB c WORKING POC
LibHTTPD 1.2 - Buffer Overflow via Long HTTP POST Request
Buffer overflow in the httpdProcessRequest function in LibHTTPD 1.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP POST request.
EIP-2026-102858 EXPLOITDB c WORKING POC
GNU GNATS 3.113 - Environment Variable Buffer Overflow
CVE-2007-2031 EXPLOITDB c WORKING POC
3proxy 0.5-0.5.3g - Remote Code Execution via Transparent Request Buffer Overflow
Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests.
CVE-2003-1452 EXPLOITDB c WORKING POC
Qualcomm qpopper <4.05 - Code Injection
Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program.
EIP-2026-102957 EXPLOITDB text WORKING POC
ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' exec-shield Local Overflow
CVE-2002-0239 EXPLOITDB c WORKING POC
hanterm 3.3.1 - Local Buffer Overflow via Long Argument
Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument.