kokanin

29 exploits Active since May 1997
CVE-2006-0319 EXPLOITDB perl WORKING POC
Farmers Wife - Path Traversal
Directory traversal vulnerability in the FTP server (port 22003/tcp) in Farmers WIFE 4.4 SP1 allows remote attackers to create arbitrary files via ".." (dot dot) sequences in a (1) PUT, (2) SIZE, and possibly other commands.
CVE-2006-0189 EXPLOITDB perl WORKING POC
Estara Softphone - Buffer Overflow
Buffer overflow in eStara Softphone 3.0.1.14 through 3.0.1.46 allows remote attackers to execute arbitrary code via a long attribute (aka "a") field in the SDP data of a SIP packet on UDP port 5060.
CVE-2005-4360 EXPLOITDB perl WORKING POC
Microsoft IIS 5.1 - RCE
The URL parser in Microsoft Internet Information Services (IIS) 5.1 on Windows XP Professional SP2 allows remote attackers to execute arbitrary code via multiple requests to ".dll" followed by arguments such as "~0" through "~9", which causes ntdll.dll to produce a return value that is not correctly handled by IIS, as demonstrated using "/_vti_bin/.dll/*/~0". NOTE: the consequence was originally believed to be only a denial of service (application crash and reboot).
CVE-2006-0620 EXPLOITDB bash WORKING POC
QNX Neutrino RTOS 6.2.1 - RCE
Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code via unspecified manipulations of the PHFONT and PHOTON2_PATH environment variables.
EIP-2026-114687 EXPLOITDB text WORKING POC
QNX 6.4.0 - bitflipped ELF Binary 'id' Kernel Panic (Denial of Service)
EIP-2026-114773 EXPLOITDB perl WORKING POC
Tower Toppler 0.99.1 - 'Display' Local Buffer Overflow
CVE-2006-0623 EXPLOITDB bash WORKING POC
QNX Neutrino RTOS 6.3.0 - Code Injection
QNX Neutrino RTOS 6.3.0 ships /etc/rc.d/rc.local with world-writable permissions, which allows local users to modify the file and execute arbitrary code at system startup.
EIP-2026-103382 EXPLOITDB text WORKING POC
Minix 3.1.2a - Local TTY Panic (Denial of Service)
CVE-2008-3447 EXPLOITDB text WORKING POC
F-Prot Antivirus <6.2.1 4252 - DoS
The scanning engine in F-Prot Antivirus 6.2.1 4252 allows remote attackers to cause a denial of service (infinite loop) via a malformed ZIP archive, probably related to invalid offsets.
EIP-2026-103383 EXPLOITDB text WORKING POC
Minix 3.1.2a - Remote TTY Panic (Denial of Service)
CVE-2003-0497 EXPLOITDB text WORKING POC
Caché Database 5.x - Privilege Escalation
Caché Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local users to gain privileges by modifying cache and executing it via cuxs.
EIP-2026-103035 EXPLOITDB bash WORKING POC
WMAPM 3.1 - Local Privilege Escalation
EIP-2026-103030 EXPLOITDB perl WORKING POC
ViRobot Linux Server 2.0 - Local Overflow
CVE-1999-1184 EXPLOITDB perl WORKING POC
Elm <2.4 - Privilege Escalation
Buffer overflow in Elm 2.4 and earlier allows local users to gain privileges via a long TERM environmental variable.
EIP-2026-102724 EXPLOITDB text WRITEUP
QNX RTOS 6.4 - '.ELF' Binary File Local Denial of Service
EIP-2026-102679 EXPLOITDB text WORKING POC
Minix 3.1.2a - Psuedo Terminal Denial of Service
CVE-2006-0179 EXPLOITDB perl WORKING POC
Cisco IP Phone 7940 - Memory Corruption
The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80.
CVE-2003-0723 EXPLOITDB perl WORKING POC
gkrellm <2.1.14 - RCE
Buffer overflow in gkrellmd for gkrellm 2.1.x before 2.1.14 may allow remote attackers to execute arbitrary code.
CVE-2003-0269 EXPLOITDB perl WORKING POC
youbin - Buffer Overflow
Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable.
CVE-2003-0325 EXPLOITDB perl WORKING POC
Maelstrom <3.0.6-3.0.5 - RCE
Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument.
CVE-2003-0274 EXPLOITDB perl WORKING POC
catmail <8.2.09 - RCE
Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value.
EIP-2026-100954 EXPLOITDB c WORKING POC
FreeBSD 7.x - Dumping Environment Local Kernel Panic (Denial of Service)
EIP-2026-100950 EXPLOITDB c WORKING POC
FreeBSD 5.5/6.x - Scheduler Policy Local Denial of Service
EIP-2026-100951 EXPLOITDB c WORKING POC
FreeBSD 6.0/6.1 - Ftrucante Local Denial of Service
CVE-2006-5482 EXPLOITDB c WORKING POC
Freebsd - Denial of Service
ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by calling the ftruncate function on a file type that is not VREG, VLNK or VDIR, which is not defined in POSIX.