kokanin

29 exploits Active since May 1997
CVE-2006-0319 EXPLOITDB perl WORKING POC
farmers_wife 4.4 SP1 - Directory Traversal and Arbitrary File Write via FTP PUT/SIZE Commands
Directory traversal vulnerability in the FTP server (port 22003/tcp) in Farmers WIFE 4.4 SP1 allows remote attackers to create arbitrary files via ".." (dot dot) sequences in a (1) PUT, (2) SIZE, and possibly other commands.
CVE-2006-0189 EXPLOITDB perl WORKING POC
eStara Softphone 3.0.1.14-3.0.1.46 - Remote Code Execution via Long SDP Attribute Field
Buffer overflow in eStara Softphone 3.0.1.14 through 3.0.1.46 allows remote attackers to execute arbitrary code via a long attribute (aka "a") field in the SDP data of a SIP packet on UDP port 5060.
CVE-2005-4360 EXPLOITDB perl WORKING POC
Microsoft Internet Information Services 5.1 - Remote Code Execution via DLL URL Parser
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using "/_vti_bin/.dll/*/~0". NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot).
CVE-2006-0620 EXPLOITDB bash WORKING POC
QNX Neutrino RTOS 6.2.1 - Local Race Condition via PHFONT and PHOTON2_PATH Environment Variables
Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code via unspecified manipulations of the PHFONT and PHOTON2_PATH environment variables.
EIP-2026-114687 EXPLOITDB text WORKING POC
QNX 6.4.0 - bitflipped ELF Binary 'id' Kernel Panic (Denial of Service)
EIP-2026-114773 EXPLOITDB perl WORKING POC
Tower Toppler 0.99.1 - 'Display' Local Buffer Overflow
CVE-2006-0623 EXPLOITDB bash WORKING POC
QNX Neutrino RTOS 6.3.0 - Code Injection
QNX Neutrino RTOS 6.3.0 ships /etc/rc.d/rc.local with world-writable permissions, which allows local users to modify the file and execute arbitrary code at system startup.
EIP-2026-103382 EXPLOITDB text WORKING POC
Minix 3.1.2a - Local TTY Panic (Denial of Service)
CVE-2008-3447 EXPLOITDB text WORKING POC
F-Prot Antivirus 6.2.1 4252 - Denial of Service via Malformed ZIP Archive
The scanning engine in F-Prot Antivirus 6.2.1 4252 allows remote attackers to cause a denial of service (infinite loop) via a malformed ZIP archive, probably related to invalid offsets.
EIP-2026-103383 EXPLOITDB text WORKING POC
Minix 3.1.2a - Remote TTY Panic (Denial of Service)
CVE-2003-0497 EXPLOITDB text WORKING POC
Caché Database 5.x - Privilege Escalation
Caché Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local users to gain privileges by modifying cache and executing it via cuxs.
EIP-2026-103035 EXPLOITDB bash WORKING POC
WMAPM 3.1 - Local Privilege Escalation
EIP-2026-103030 EXPLOITDB perl WORKING POC
ViRobot Linux Server 2.0 - Local Overflow
CVE-1999-1184 EXPLOITDB perl WORKING POC
Elm < 2.4 - Buffer Overflow via TERM Environmental Variable
Buffer overflow in Elm 2.4 and earlier allows local users to gain privileges via a long TERM environmental variable.
EIP-2026-102724 EXPLOITDB text WRITEUP
QNX RTOS 6.4 - '.ELF' Binary File Local Denial of Service
EIP-2026-102679 EXPLOITDB text WORKING POC
Minix 3.1.2a - Psuedo Terminal Denial of Service
CVE-2006-0179 EXPLOITDB perl WORKING POC
Cisco IP Phone 7940 - Denial of Service via TCP SYN Flood
The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80.
CVE-2003-0723 EXPLOITDB perl WORKING POC
gkrellm 2.1.x - Remote Code Execution via Buffer Overflow in gkrellmd
Buffer overflow in gkrellmd for gkrellm 2.1.x before 2.1.14 may allow remote attackers to execute arbitrary code.
CVE-2003-0269 EXPLOITDB perl WORKING POC
youbin - Local Privilege Escalation via HOME Environment Variable
Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable.
CVE-2003-0325 EXPLOITDB perl WORKING POC
Maelstrom <= 3.0.6 - Buffer Overflow via Long Server Command Line Argument
Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument.
CVE-2003-0274 EXPLOITDB perl WORKING POC
ListProc 8.2.09 - Buffer Overflow via Long ULISTPROC_UMASK Value
Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value.
EIP-2026-100954 EXPLOITDB c WORKING POC
FreeBSD 7.x - Dumping Environment Local Kernel Panic (Denial of Service)
EIP-2026-100950 EXPLOITDB c WORKING POC
FreeBSD 5.5/6.x - Scheduler Policy Local Denial of Service
EIP-2026-100951 EXPLOITDB c WORKING POC
FreeBSD 6.0/6.1 - Ftrucante Local Denial of Service
CVE-2006-5482 EXPLOITDB c WORKING POC
FreeBSD 6.1 - Denial of Service via ftruncate on Non-Standard File Types
ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by calling the ftruncate function on a file type that is not VREG, VLNK or VDIR, which is not defined in POSIX.