Exploitdb Exploits
462 exploits tracked across all sources.
Samsung ML-85G GDI <0.2.0 - Local Privilege Escalation
ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
by ml85p
Vixie cron <3.0.1 - Privilege Escalation
crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error.
by cairnsc
KDE ktvision <0.1.1-271 - Privilege Escalation
KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file.
by IhaQueR
Index Server and Indexing Service - Remote Code Execution via Long Argument to ISAPI Extension
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
by mat
rxvt 2.6.2 - Local Privilege Escalation via Long -T or -name Argument
Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users to gain privileges via a long (1) -T or (2) -name argument.
by MasterSecuritY
XFree86 xman - Buffer Overflow via MANPATH
Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable.
by kf
Microsoft Windows 2000 - Denial of Service via Long Telnet Logon Command with Backspace
Microsoft Windows 2000 telnet service allows attackers to cause a denial of service (crash) via a long logon command that contains a backspace.
by Michal Zalewski
Internet Information Server < 5.0 - Directory Traversal via Double-Encoded Dot-Dot Sequences
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
by Leif Jakob
IRIX 6.2 - Authenticated Remote Code Execution via netprint -n Option
Unknown vulnerability in netprint in IRIX 6.2, and possibly other versions, allows local users with lp privileges attacker to execute arbitrary commands via the -n option.
by LSD-PLaNET
Vixie cron <3.0.1 - Privilege Escalation
crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error.
by Sebastian Krahmer
IRIX 6.2-6.3 - Local Buffer Overflow via lpstat -n Option
Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long -n option.
by LSD-PLaNET
sendfile - Privilege Escalation via Notification Email Handling
sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges.
by psheep
sendfile - Privilege Escalation via Notification Email Handling
sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges.
by Cade Cairns
ISC InterNetNews <2.3.0 - Privilege Escalation
Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 allows local users in the "news" group to gain privileges via a long -c command line argument.
by Enrique A.
Cisco PIX Firewall 515 and 520 - Denial of Service via TACACS+ Authentication Flood
Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests.
by Claudiu Calomfirescu
ProFTPD 1.2.1 - Denial of Service via Glob Pattern with Wildcards
The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls command with multiple (1) "*/..", (2) "*/.*", or (3) ".*./*?/" sequences in the argument.
by Frank DENIS
Linux Distro - Privilege Escalation
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter.
by IhaQueR
glibc <2.1.9x - Info Disclosure
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
by krochos
SuSE Linux <= 7.0 - Arbitrary File Write via rctab Symlink Attack
rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file.
by IhaQueR
SuSE Linux <= 7.0 - Arbitrary File Write via rctab Symlink Attack
rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file.
by IhaQueR
Lotus Domino 5.0.5 - Path Traversal
Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack.
by Georgi Guninski
By Source