acaro

15 exploits Active since Dec 2004
CVE-2005-0595 METASPLOIT ruby WORKING POC
Working Resources. Badblue - Buffer Overflow
Buffer overflow in ext.dll in BadBlue 2.55 allows remote attackers to execute arbitrary code via a long mfcisapicommand parameter.
CVE-2004-2271 METASPLOIT ruby WORKING POC
MiniShare <1.4.1 - RCE
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2005-1983 METASPLOIT ruby WORKING POC
Microsoft Windows 2000 - Buffer Overflow
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
CVE-2004-1558 METASPLOIT ruby WORKING POC
Ypops - Buffer Overflow
Multiple stack-based buffer overflows in YPOPs! (aka YahooPOPS) 0.4 through 0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) POP3 USER command or (2) SMTP request.
CVE-2004-1558 EXPLOITDB ruby WORKING POC
Ypops - Buffer Overflow
Multiple stack-based buffer overflows in YPOPs! (aka YahooPOPS) 0.4 through 0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) POP3 USER command or (2) SMTP request.
EIP-2026-119145 EXPLOITDB perl WORKING POC
SIPfoundry sipXtapi - 'CSeq' Remote Buffer Overflow
CVE-2004-1211 EXPLOITDB perl WORKING POC
David Harris Mercury - Memory Corruption
Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands.
CVE-2006-1255 EXPLOITDB perl WORKING POC
Mercur Messaging 5.0 SP3 - Buffer Overflow
Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177.
CVE-2004-2271 EXPLOITDB ruby WORKING POC
MiniShare <1.4.1 - RCE
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2006-4379 EXPLOITDB perl WORKING POC
Ipswitch Imail Plus - Buffer Overflow
Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an '@' character and before a ':' character.
CVE-2007-0449 EXPLOITDB perl WORKING POC
Broadcom Brightstor Arcserve Backup L... - Memory Corruption
Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 allow remote attackers to execute arbitrary code via crafted packets to TCP port (1) 1900 or (2) 2200.
CVE-2005-0595 EXPLOITDB ruby WORKING POC
Working Resources. Badblue - Buffer Overflow
Buffer overflow in ext.dll in BadBlue 2.55 allows remote attackers to execute arbitrary code via a long mfcisapicommand parameter.
CVE-2006-6184 EXPLOITDB perl WORKING POC
Alliedtelesyn At-tftp < 1.9 - Buffer Overflow
Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.
CVE-2005-1983 EXPLOITDB ruby WORKING POC
Microsoft Windows 2000 - Buffer Overflow
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
CVE-2007-0168 EXPLOITDB perl WORKING POC
CA BrightStor ARCserve <11.5 - RCE
The Tape Engine service in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allows remote attackers to execute arbitrary code via certain data in opnum 0xBF in an RPC request, which is directly executed.