bkbll

7 exploits Active since Sep 2003
CVE-2004-0330 EXPLOITDB c WORKING POC
Serv-U ftp <5.0.0.4 - RCE
Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command.
CVE-2004-0210 EXPLOITDB HIGH c WORKING POC
Microsoft Interix - Buffer Overflow
The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.
CVSS 7.8
CVE-2004-0213 EXPLOITDB HIGH c WORKING POC
Microsoft Windows 2000 - Missing Authentication
Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which allows local users to gain system privileges via a "Shatter" style attack that sends a Windows message to cause Utility Manager to launch winhlp32 by directly accessing the context sensitive help and bypassing the GUI, then sending another message to winhlp32 in order to open a user-selected file, a different vulnerability than CVE-2003-0908.
CVSS 7.8
CVE-2005-2307 EXPLOITDB c++ WORKING POC
Microsoft Windows 2000 - Denial of Service
netman.dll in Microsoft Windows Connections Manager Library allows local users to cause a denial of service (Network Connections Service crash) via a large integer argument to a particular function, aka "Network Connection Manager Vulnerability."
CVE-2004-0493 EXPLOITDB perl WORKING POC
Apache httpd 2.0.49 - DoS/Buffer Overflow
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
CVE-2003-0780 EXPLOITDB c WORKING POC
MySQL <4.0.14 & <3.23.x - RCE
Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
CVE-2003-0831 EXPLOITDB c WORKING POC
ProFTPD <1.2.9rc2 - Buffer Overflow
ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files.