Exploitdb Exploits
462 exploits tracked across all sources.
ProFTPd 1.2.x - 'STAT' Denial of Service
by Rob klein Gunnewiek
Zeroo HTTP Server 1.5 - Remote Code Execution via Long HTTP Request
Buffer overflow in the HttpGetRequest function in Zeroo HTTP server 1.5 allows remote attackers to execute arbitrary code via a long HTTP request.
by dong-h0un U
Trojan Horse - Info Disclosure
A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.
by netmask
ArGoSoft Mail Server Plus or Pro 1.8.1.5 - Directory Traversal via Webmail URL
Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL.
by team n.finity
Cobalt Linux 6.0 - RaQ (Authenticated) Privilege Escalation
by Charles Stevenson
Sun Cobalt RaQ 4.0 - Predictable Temporary Filename Symbolic Link Attack
by Charles Stevenson
QNX RTOS <6.1.0 - Privilege Escalation
The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1.0 do not properly drop privileges before executing the system command, which allows local users to execute arbitrary commands by modifying the PATH environment variable to reference a malicious crttrap program.
by badc0ded
QNX RTOS <6.1.0 - Privilege Escalation
The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1.0 do not properly drop privileges before executing the system command, which allows local users to execute arbitrary commands by modifying the PATH environment variable to reference a malicious crttrap program.
by badc0ded
QNX RTOS <6.1.0 - Privilege Escalation
ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows programs to attach to privileged processes, which could allow local users to execute arbitrary code by modifying running processes.
by badc0ded
SquirrelMail <1.2.5 - Command Injection
SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie.
by pokleyzz sakamaniaka
LogWatch < 2.5 - Arbitrary Code Execution via Symlink Attack on Temporary Directory
LogWatch before 2.5 allows local users to execute arbitrary code via a symlink attack on the logwatch temporary directory.
by spybreak
Sun Cobalt RaQ XTR - Unauthenticated Arbitrary File Write via Symlink Attack on Temporary File
MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php.
by Wouter ter Maat
Tarantella Enterprise 3 - Local File Overwrite
The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file.
by Larry W. Cashdollar
UnixWare 7.1.1-Open UNIX 8.0.0 - Privilege Escalation
Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows local and possibly remote attackers to gain root privileges via shell metacharacters in the -c argument for (1) in scoadminreg.cgi or (2) service_action.cgi.
by jGgM
Netopia Timbuktu Pro < 6.0.1 - Denial of Service via Repeated Connections to Ports 1417-1420
Netopia Timbuktu Pro 6.0.1 and earlier allows remote attackers to cause a denial of service (crash) via a series of connections to one of the ports (1417 - 1420).
by Tekno pHReak
sudo <1.6.3p7 - Privilege Escalation
sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked.
by Charles Stevenson
CDRDAO <1.1.5 - Local Privilege Escalation
CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file.
by Karol Wiesek
CDRDAO <1.1.5 - Local Privilege Escalation
CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file.
by anonymous
CDRDAO <1.1.5 - Local Privilege Escalation
CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file.
by atomi
CDRDAO <1.1.5 - Local Privilege Escalation
CDRDAO 1.1.4 and 1.1.5 allows local users to overwrite arbitrary files via a symlink attack on the $HOME/.cdrdao configuration file.
by anonymous
Qualcomm Qpopper <4.0 - Local Privilege Escalation
popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user via a symlink attack on the -trace file option.
by IhaQueR
Linux Kernel 2.2.1-2.2.19 and 2.4.1-2.4.10 - Denial of Service via Deeply Nested Symlinks
Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows local users to cause a denial of service via a series of deeply nested symlinks, which causes the kernel to spend extra time when trying to access the link.
by Nergal
Digital UNIX 4.0G - Info Disclosure
msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file.
by seo
Merit AAA Server <5.01 - Info Disclosure
rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and possibly other versions, allows local users to read arbitrary files via a symlink attack on the rlmadmin.help file.
by Digital Shadow
By Source