prdelka

35 exploits Active since Jan 2003
CVE-2010-4165 EXPLOITDB c WORKING POC
Linux Kernel < 2.6.37 - Denial of Service via TCP_MAXSEG Setsockopt
The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer.
CVE-2010-4077 EXPLOITDB c WORKING POC
Linux Kernel < 2.6.36.1 - Information Disclosure via TIOCGICOUNT ioctl
The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.
CVE-2006-5558 EXPLOITDB c WORKING POC
HP-UX B.11.11 - Local Format String Vulnerability via swask -s Argument
Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
CVE-2006-5557 EXPLOITDB c WORKING POC
HP-UX - Stack-based Buffer Overflow via Long -S Argument
Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
CVE-2006-5557 EXPLOITDB c WORKING POC
HP-UX - Stack-based Buffer Overflow via Long -S Argument
Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
CVE-2006-5556 EXPLOITDB c WORKING POC
HP-UX B.11.11 - Buffer Overflow via Long TZ Environment Variable
Buffer overflow in the localtime_r function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable.
EIP-2026-101366 EXPLOITDB text WORKING POC
MobileIron Virtual Smartphone Platform - Privilege Escalation
EIP-2026-101206 EXPLOITDB c WORKING POC
Cisco VPN 3000 Concentrator 4.1.7/4.7.2 - 'FTP' Remote File System Access
CVE-2003-0001 EXPLOITDB python WORKING POC
FreeBSD - Information Exposure via Ethernet NIC Frame Padding
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
CVE-2004-0164 EXPLOITDB c WORKING POC
KAME racoon - Remote Certificate Deletion via Malformed Hash Handling
KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c.