nitr0us

19 exploits Active since May 2006
CVE-2010-10011 EXPLOITDB MEDIUM text WORKING POC
Acritum Femitter Server 1.04 - Path Traversal
A vulnerability, which was classified as problematic, was found in Acritum Femitter Server 1.04. Affected is an unknown function. The manipulation leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-250446 is the identifier assigned to this vulnerability.
CVSS 4.3
CVE-2010-4181 EXPLOITDB text WORKING POC
Yaws 1.89 - Path Traversal via Dot Dot Backslash Sequences
Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslash) and other sequences.
CVE-2006-6707 EXPLOITDB html WORKING POC
McAfee NeoTrace and Visual Trace 3.25 - Stack-Based Buffer Overflow via TraceTarget Method
Stack-based buffer overflow in the NeoTraceExplorer.NeoTraceLoader ActiveX control (NeoTraceExplorer.dll) in NeoTrace Express 3.25 and NeoTrace Pro (aka McAfee Visual Trace) 3.25 allows remote attackers to execute arbitrary code via a long argument string to the TraceTarget method. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-118920 EXPLOITDB text WORKING POC
Mongoose Web Server 2.11 - Directory Traversal
EIP-2026-118639 EXPLOITDB text WORKING POC
Home FTP Server 1.11.1.149 - (Authenticated) Directory Traversal
CVE-2007-0120 EXPLOITDB perl WORKING POC
Acunetix Web Vulnerability Scanner < 4.0_build_2006-07-17 - Denial of Service via Invalid Content-Length HTTP Requests
Acunetix Web Vulnerability Scanner (WVS) 4.0 Build 20060717 and earlier allows remote attackers to cause a denial of service (application crash) via multiple HTTP requests containing invalid Content-Length values.
EIP-2026-103655 EXPLOITDB c WORKING POC
Snort 2.4.0 - SACK TCP Option Error Handling Denial of Service
EIP-2026-103517 EXPLOITDB c WORKING POC
IDA Pro 6.3 - Crash (PoC)
CVE-2006-2656 EXPLOITDB text WRITEUP
libtiff < 3.8.2 - Stack-based Buffer Overflow via Long Filename
Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE.
EIP-2026-102741 EXPLOITDB c WORKING POC
Snort 2.x - PrintTcpOptions Remote Denial of Service
EIP-2026-102604 EXPLOITDB c WORKING POC
gdb (GNU debugger) 7.5.1 - Null Pointer Dereference
EIP-2026-102680 EXPLOITDB text WORKING POC
Minix 3.3.0 - Local Denial of Service (PoC)
EIP-2026-102681 EXPLOITDB c WORKING POC
Minix 3.3.0 - Remote TCP/IP Stack Denial of Service
EIP-2026-102689 EXPLOITDB perl WORKING POC
mpg123 0.59r - Malformed .mp3 (SIGSEGV) (PoC)
EIP-2026-102701 EXPLOITDB python WORKING POC
NeuroServer 0.7.4 - EEG TCP/IP Transceiver Remote Denial of Service
CVE-2009-3457 EXPLOITDB text WORKING POC
Cisco ACE Web Application Firewall and ACE XML Gateway < 6.1 - Information Disclosure via Unhandled HTTP Request
Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling Errors message containing a certain client intranet IP address, aka Bug ID CSCtb82159.
CVE-2011-5127 EXPLOITDB text WRITEUP
Blue Coat Reporter 9.x < 9.2.4.13, 9.2.5.x < 9.2.5.1, 9.3 < 9.3.1.2 - Path Traversal
Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request.
EIP-2026-100676 EXPLOITDB c WORKING POC
OpenBSD 5.5 - Local Kernel Panic (Denial of Service)
EIP-2026-100677 EXPLOITDB c WORKING POC
OpenBSD 5.6 - Multiple Local Kernel Panics (Denial of Service)