aushack

87 exploits Active since May 1999
CVE-2007-1435 METASPLOIT ruby WORKING POC
D-link Tftp Server - Buffer Overflow
Buffer overflow in D-Link TFTP Server 1.0 allows remote attackers to cause a denial of service (crash) via a long (1) GET or (2) PUT request, which triggers memory corruption. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-6184 METASPLOIT ruby WORKING POC
Alliedtelesyn At-tftp < 1.9 - Buffer Overflow
Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.
CVE-2006-4948 METASPLOIT ruby WORKING POC
ProSysInfo TFTP Server TFTPDWIN <0.4.2 - Buffer Overflow
Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a long file name. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2000-1089 METASPLOIT ruby WORKING POC
Microsoft Phone Book Service - Buffer Overflow
Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability.
CVE-2008-1358 METASPLOIT ruby WORKING POC
Alt-N Technologies MDaemon 9.6.4 - Buffer Overflow
Stack-based buffer overflow in the IMAP server in Alt-N Technologies MDaemon 9.6.4 allows remote authenticated users to execute arbitrary code via a FETCH command with a long BODY.
CVE-2019-10068 METASPLOIT CRITICAL ruby WORKING POC
Kentico <12.0.15, 11.0.48, 10.0.52, 9.x - Code Injection
An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0.52, and 9.x versions. Due to a failure to validate security headers, it was possible for a specially crafted request to the staging service to bypass the initial authentication and proceed to deserialize user-controlled .NET object input. This deserialization then led to unauthenticated remote code execution on the server where the Kentico instance was hosted.
CVSS 9.8
CVE-2003-1200 METASPLOIT ruby WORKING POC
Alt-n Mdaemon - Buffer Overflow
Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi.
CVE-2010-20112 METASPLOIT CRITICAL ruby WORKING POC
Amlib's NetOpacs webquery.dll - Buffer Overflow
Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the application fails to enforce bounds on input supplied to the app parameter, allowing excessive data to overwrite memory structures including the Structured Exception Handler (SEH). Additionally, malformed parameter names followed by an equals sign may result in unintended control flow behavior. This vulnerability is exposed through IIS and affects legacy Windows deployments
CVE-2008-0550 METASPLOIT ruby WORKING POC
Radio Toolbox Steamcast < 0.9.75 - Numeric Error
Off-by-one error in Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a certain HTTP request that leads to a buffer overflow, as demonstrated by a long User-Agent header.
CVE-2006-3747 METASPLOIT ruby WORKING POC
Apache HTTP Server < 1.3.37 - Numeric Error
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
CVE-2005-3190 METASPLOIT ruby WORKING POC
Computer Associates iGateway <4.0.050623 - RCE
Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests.
CVE-2003-0714 METASPLOIT ruby WORKING POC
Exchange Server <5.5-2000 - DoS
The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000.
CVE-2004-1638 METASPLOIT ruby WORKING POC
MailCarrier 2.51 - RCE
Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command.
CVE-2006-2086 METASPLOIT ruby WORKING POC
Junipersetup Control - Buffer Overflow
Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute arbitrary code via a long argument in the ProductName parameter.
CVE-2007-3435 METASPLOIT ruby WORKING POC
RKD Software Barcode Activex - Buffer Overflow
Stack-based buffer overflow in the BeginPrint method in a certain ActiveX control in RKD Software (barcodetools.com) BarCodeAx.dll 4.9 allows remote attackers to execute arbitrary code via a long argument.
CVE-2008-1724 METASPLOIT ruby WORKING POC
SecureTransport Server <4.6.1 - Buffer Overflow
Stack-based buffer overflow in the IActiveXTransfer.FileTransfer method in the SecureTransport FileTransfer ActiveX control in vcst_en.dll 1.0.0.5 in Tumbleweed SecureTransport Server before 4.6.1 Hotfix 20 allows remote attackers to execute arbitrary code via a long remoteFile parameter.
CVE-2005-2535 METASPLOIT ruby WORKING POC
Broadcom Arcserve Backup 2000 - Buffer Overflow
Buffer overflow in the Discovery Service in BrightStor ARCserve Backup 9.0 through 11.1 allows remote attackers to execute arbitrary commands via a large packet to TCP port 41523, a different vulnerability than CVE-2005-0260.
CVE-2005-0260 METASPLOIT ruby WORKING POC
Broadcom Brightstor Arcserve Backup - Buffer Overflow
Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to execute arbitrary code via a long packet to UDP port 41524, which is not properly handled in a recvfrom call.
CVE-2007-0169 METASPLOIT ruby WORKING POC
Broadcom Brightstor Arcserve Backup < 11.5 - Memory Corruption
Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service.
CVE-2006-6076 METASPLOIT ruby WORKING POC
Broadcom Brightstor Arcserve Backup < 11.5 - Buffer Overflow
Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502.
CVE-2001-1320 METASPLOIT ruby WORKING POC
Network Associates PGP Keyserver 7.0 - DoS, RCE
Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via exceptional BER encodings (possibly buffer overflows), as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2008-2499 METASPLOIT ruby WORKING POC
IBM Lotus Sametime < 7.5 - Memory Corruption
Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL.
CVE-2008-2639 METASPLOIT ruby WORKING POC
Citectfacilities - Memory Corruption
Stack-based buffer overflow in the ODBC server service in Citect CitectSCADA 6 and 7, and CitectFacilities 7, allows remote attackers to execute arbitrary code via a long string in the second application packet in a TCP session on port 20222.
CVE-2004-2074 METASPLOIT ruby WORKING POC
Dream FTP 1.02 - DoS
Format string vulnerability in Dream FTP 1.02 allows local users to cause a denial of service (crash) via format string specifiers in the (1) PASS or (2) RETR commands.
CVE-2003-0558 METASPLOIT ruby WORKING POC
LeapFTP 2.7.3.600 - Buffer Overflow
Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request.