vade79

30 exploits Active since May 1997
CVE-2007-2031 EXPLOITDB c WORKING POC
3proxy 0.5-0.5.3g - Remote Code Execution via Transparent Request Buffer Overflow
Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests.
EIP-2026-119563 EXPLOITDB perl WORKING POC
3proxy 0.5.3g (Windows x86) - 'logurl()' Remote Buffer Overflow
CVE-2007-2666 EXPLOITDB c WORKING POC
Notepad++ < 4.1.1 - Stack-based Buffer Overflow in LexRuby.cxx
Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines. NOTE: this was originally reported as a vulnerability in notepad++.
CVE-2007-2668 EXPLOITDB c WORKING POC
webdesproxy 0.0.1 - Remote Code Execution via Long URL
Buffer overflow in webdesproxy 0.0.1 allows remote attackers to execute arbitrary code via a long URL, possibly involving the process_connection_request function in webdesproxy.c.
CVE-2007-2761 EXPLOITDB c WORKING POC
MagicISO <5.4.239 - Buffer Overflow
Stack-based buffer overflow in MagicISO 5.4 build 239 and earlier allows remote attackers to execute arbitrary code via a long filename in a .cue file.
CVE-2005-1843 EXPLOITDB c WORKING POC
Adobe Version Cue 1.0-1.0.1 - Local Arbitrary Library Loading via -lib Command Line Argument
VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, allows local users to load arbitrary libraries and execute arbitrary code via the -lib command line argument.
CVE-2005-0716 EXPLOITDB c WORKING POC
Mac OS X 10.3.5-10.3.6 - Local Buffer Overflow via CF_CHARSET_PATH Environment Variable
Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable.
CVE-2005-2713 EXPLOITDB perl WORKING POC
Mac OS X <10.3.9, <10.4.5 - Privilege Escalation
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option.
CVE-2005-0342 EXPLOITDB perl WORKING POC
Mac OS X - Arbitrary File Overwrite and Privilege Escalation via .DS_Store Hard Link
The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.
CVE-2005-1842 EXPLOITDB perl WORKING POC
Adobe Version Cue <1.3 - Local Privilege Escalation
VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, creates temporary log files with predictable names, which allows local users to modify arbitrary files via a symlink attack.
CVE-2005-1280 EXPLOITDB c WORKING POC
tcpdump < 3.9.1 - Denial of Service via RSVP Packet Length 4
The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.
EIP-2026-103125 EXPLOITDB c WORKING POC
Gopherd 3.0.5 - FTP Gateway Remote Overflow
CVE-2007-4060 EXPLOITDB c WORKING POC
Frank Yaul corehttp <0.5.3alpha - RCE
Multiple buffer overflows in the HttpSprockMake function in http.c in Frank Yaul corehttp 0.5.3alpha allow remote attackers to execute arbitrary code via a long string in the (1) method name or (2) URI in an HTTP request.
CVE-2005-2367 EXPLOITDB c WORKING POC
Ethereal 0.9.4-0.10.11 - Remote Code Execution via AFP Packet Format String
Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet.
CVE-2003-0755 EXPLOITDB c WORKING POC
gtkftpd 1.0.4 - Buffer Overflow via Long Directory Names in LIST Command
Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitrary code by creating long directory names and listing them with a LIST command.
CVE-2005-1110 EXPLOITDB c WORKING POC
SUMUS 0.2.2 - Remote Code Execution via Large Packet to TCP Port 81
Stack-based buffer overflow in the RespondeHTTPPendiente function in the HTTP server for SUMUS 0.2.2 allows remote attackers to execute arbitrary code via a large packet sent to TCP port 81.
CVE-2004-0409 EXPLOITDB c WORKING POC
XChat 1.8.0-2.0.8 - Remote Code Execution via Socks-5 Proxy Buffer Overflow
Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code.
EIP-2026-102839 EXPLOITDB c WORKING POC
fkey 0.0.2 - Local File Accessibility
CVE-2007-2031 EXPLOITDB c WORKING POC
3proxy 0.5-0.5.3g - Remote Code Execution via Transparent Request Buffer Overflow
Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests.
EIP-2026-103046 EXPLOITDB perl WORKING POC
xsplumber - 'strcpy()' Local Buffer Overflow
CVE-2001-1178 EXPLOITDB bash WORKING POC
XFree86 xman - Buffer Overflow via MANPATH
Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable.
CVE-2003-0645 EXPLOITDB bash WORKING POC
man-db <2.4.1 - Privilege Escalation
man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges.
CVE-2005-2772 EXPLOITDB c WORKING POC
University of Minnesota gopher client 3.0.9 - Buffer Overflow
Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function.
EIP-2026-102851 EXPLOITDB c WORKING POC
GnomeHack 1.0.5 - Local Buffer Overflow
CVE-2005-1279 EXPLOITDB c WORKING POC
tcpdump < 3.8.3 - Denial of Service via BGP or LDP Packet Handling
tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function.