Exploitdb Exploits
462 exploits tracked across all sources.
imwheel < 1.0.0pre11 - Denial of Service via Symlink Attack on PID File
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly modify arbitrary files via a symlink attack on the imwheel.pid file.
by I)ruid
im-switch <11.4-46.1 - Local Privilege Escalation
im-switch before 11.4-46.1 in Fedora Core 2 allows local users to overwrite arbitrary files via a symlink attack on the imswitcher[PID] temporary file.
by SEKINE Tatsuo
OpenBSD 3.x - ISAKMPD Security Association Piggyback Delete Payload Denial of Service
by Thomas Walpuski
Wget 1.9-1.9.1 - Local Privilege Escalation
Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded.
by Hugo Vazquez
Microsoft Windows XP/2003 - Samba Share Resource Exhaustion (Denial of Service)
by Steve Ladjabi
GNU Indent 2.2.9 - Local Heap Overflow
by Pooh Hacking Squadron
WMAPM 3.1 - Local Privilege Escalation
by Knud Erik Hojgaard
Geeklog 1.3.8 - Forgot Password SQL Injection
by Jouko Pynnonen
SCO OpenServer 5.0.x - 'mana' PATH_INFO Privilege Escalation
by Texonet
SCO OpenServer 5.0.x - 'mana' 'REMOTE_ADDR' Authentication Bypass
by Texonet
IBM Informix Dynamic Server <9.40.xC3 - Buffer Overflow
Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable.
by pask
man-db <2.4.1 - Privilege Escalation
man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges.
by vade79
IBM DB2 <7.2 - Privilege Escalation
IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.
by Juan Manuel Pascual Escribá
SDFingerD 1.1 - Failure To Drop Privileges Privilege Escalation
by V9
AIX 4.3.x-5.1 - Privilege Escalation
diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain programs, which allows local users to gain privileges by modifying the variable to point to a Trojan horse program.
by watercloud
OpenSSH < 3.6.1 - Username Enumeration via PAM Timing Attack
OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack.
by Nicolas Couture
IBM AIX - Buffer Overflow via enq Command -M Argument
Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument.
by watercloud
Smoothwall - Buffer Overflow
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
by truff
Xinetd - Denial of Service
Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections.
by Steve Grubb
Platform Load Sharing Facility 4/5 - 'LSF_ENVDIR' Local Command Execution
by Tomasz Grabowski
HP-UX 10.0-11.22 - Local Buffer Overflow via stmkfont Command Line Argument
Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.
by watercloud
HP-UX 10.0-11.22 - Privilege Escalation via PATH Environment Variable Manipulation
rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program.
by Last Stage of Delirium
By Source