bkbll

7 exploits Active since Sep 2003
CVE-2004-0330 EXPLOITDB c WORKING POC
Serv-U File Server < 5.0.0.0 - Authenticated Buffer Overflow via MDTM Command
Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command.
CVE-2004-0210 EXPLOITDB HIGH c WORKING POC
Microsoft Interix - Local Buffer Overflow via POSIX Component
The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow.
CVSS 7.8
CVE-2004-0213 EXPLOITDB HIGH c WORKING POC
Windows 2000 - Privilege Escalation via Utility Manager Shatter Attack
Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which allows local users to gain system privileges via a "Shatter" style attack that sends a Windows message to cause Utility Manager to launch winhlp32 by directly accessing the context sensitive help and bypassing the GUI, then sending another message to winhlp32 in order to open a user-selected file, a different vulnerability than CVE-2003-0908.
CVSS 7.8
CVE-2005-2307 EXPLOITDB c++ WORKING POC
Windows 2000 and XP - Denial of Service via Large Integer Argument to netman.dll Function
netman.dll in Microsoft Windows Connections Manager Library allows local users to cause a denial of service (Network Connections Service crash) via a large integer argument to a particular function, aka "Network Connection Manager Vulnerability."
CVE-2004-0493 EXPLOITDB perl WORKING POC
Apache httpd 2.0.49 - DoS/Buffer Overflow
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
CVE-2003-0780 EXPLOITDB c WORKING POC
MySQL 4.0.14 and 3.23.x - Authenticated Buffer Overflow via Long Password Field
Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
CVE-2003-0831 EXPLOITDB c WORKING POC
ProFTPD <1.2.9rc2 - Buffer Overflow
ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files.