sorbo

5 exploits Active since Feb 2002
CVE-2003-0161 EXPLOITDB c WORKING POC
Hp-ux - Buffer Overflow
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
CVE-2013-2094 EXPLOITDB HIGH c WORKING POC
Linux Kernel < 3.0.75 - Numeric Error
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.
CVSS 8.4
CVE-2013-2028 EXPLOITDB text WORKING POC
F5 Nginx < 1.4.0 - Out-of-Bounds Write
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
CVE-2003-0720 EXPLOITDB c WORKING POC
PINE <4.58 - RCE
Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type.
CVE-2002-0048 EXPLOITDB c WORKING POC
Andrew Tridgell Rsync - Denial of Service
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.