you dong-hun (Xpl017Elz)

12 exploits Active since May 2002
CVE-2003-0466 EXPLOITDB CRITICAL c WORKING POC
wu-ftpd 2.5.0-2.6.2 - Remote Code Execution via fb_realpath Off-by-one Error
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVSS 9.8
CVE-2003-0466 EXPLOITDB CRITICAL c WORKING POC
wu-ftpd 2.5.0-2.6.2 - Remote Code Execution via fb_realpath Off-by-one Error
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVSS 9.8
EIP-2026-114796 EXPLOITDB c WORKING POC
Passlog Daemon 0.1 - 'SL_Parse' Remote Buffer Overflow (1)
EIP-2026-114797 EXPLOITDB c WORKING POC
Passlog Daemon 0.1 - 'SL_Parse' Remote Buffer Overflow (2)
CVE-2003-1236 EXPLOITDB c WORKING POC
Tanne 0.6.17 - Remote Code Execution via Format String in Logger Function
Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog.
CVE-2003-0466 EXPLOITDB CRITICAL c WORKING POC
wu-ftpd 2.5.0-2.6.2 - Remote Code Execution via fb_realpath Off-by-one Error
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVSS 9.8
CVE-2003-0466 EXPLOITDB CRITICAL c WORKING POC
wu-ftpd 2.5.0-2.6.2 - Remote Code Execution via fb_realpath Off-by-one Error
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVSS 9.8
CVE-2005-1100 EXPLOITDB c WORKING POC
Greylisting daemon (GLD) 1.3-1.4 - Remote Code Execution via Format String in ErrorLog Function
Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog.
CVE-2005-2878 EXPLOITDB c WORKING POC
GNU Mailutils 0.6 - Authenticated Remote Code Execution via IMAP SEARCH Command Format String
Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.
CVE-2005-1099 EXPLOITDB c WORKING POC
Greylisting daemon <1.4 - Buffer Overflow
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code.
CVE-2002-0239 EXPLOITDB c WORKING POC
hanterm 3.3.1 - Local Buffer Overflow via Long Argument
Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument.
EIP-2026-100871 EXPLOITDB c WORKING POC
Outblaze Webmail - Cookie Authentication Bypass