Exploitdb Exploits

3,138 exploits tracked across all sources.

Sort: Activity Stars
CVE-2001-0876 EXPLOITDB c VERIFIED
Windows 98, 98SE, ME, and XP - Remote Code Execution via UPnP NOTIFY Location URL
Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL.
by Gabriel Maggiotti
CVE-2001-0797 EXPLOITDB c VERIFIED
SGI IRIX - Buffer Overflow in Login via Telnet/Rlogin Arguments
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
by Teso
CVE-2001-1519 EXPLOITDB c VERIFIED
Windows 2000 - Local Privilege Escalation
RunAs (runas.exe) in Windows 2000 allows local users to create a spoofed named pipe when the service is stopped, then capture cleartext usernames and passwords when clients connect to the service. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it
by Camisade
CVE-2001-1518 EXPLOITDB c VERIFIED
Windows 2000 - Denial of Service via RunAs Named Pipe Session
RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the vendor also presents a scenario in which other users could be affected if running on a Terminal Server. Therefore this is a vulnerability.
by Camisade
CVE-2001-0951 EXPLOITDB c VERIFIED
Windows 2000 - Denial of Service via IKE UDP Port Flood
Windows 2000 allows remote attackers to cause a denial of service (CPU consumption) by flooding Internet Key Exchange (IKE) UDP port 500 with packets that contain a large number of dot characters.
by Nelson Brito
CVE-2001-1184 EXPLOITDB c VERIFIED
Denicomp Winsock RSHD/NT <2.21.00 - DoS
wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows remote attackers to cause a denial of service (CPU consumption) via (1) in 2.20.00 and earlier, an invalid port number such as a negative number, which causes a connection attempt to that port and all ports below 1024, and (2) in 2.21.00, a port number of 1024.
by jimmers
CVE-2001-1184 EXPLOITDB c VERIFIED
Denicomp Winsock RSHD/NT <2.21.00 - DoS
wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows remote attackers to cause a denial of service (CPU consumption) via (1) in 2.20.00 and earlier, an invalid port number such as a negative number, which causes a connection attempt to that port and all ports below 1024, and (2) in 2.21.00, a port number of 1024.
by jimmers
CVE-2001-1185 EXPLOITDB c VERIFIED
FreeBSD 4.4 - Local Privilege Escalation via AIO Operations
Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges.
by David Rufino
CVE-2001-1559 EXPLOITDB MEDIUM c VERIFIED
OpenBSD 2.9-3.0 - Denial of Service via uipc System Calls
The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.
by Marco Peereboom
CVSS 5.5
CVE-2001-0915 EXPLOITDB c VERIFIED
Berkeley parallel make <2.1.33 - Privilege Escalation
Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition.
by IhaQueR@IRCnet
CVE-2001-0916 EXPLOITDB c VERIFIED
Berkeley pmake < 2.1.33 - Local Privilege Escalation via Long Shell Definition Check Argument
Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via a long check argument of a shell definition.
by IhaQueR@IRCnet
CVE-2001-0815 EXPLOITDB c VERIFIED
ActivePerl < 5.6.1.629 - Remote Code Execution via Long Filename HTTP Request
Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension.
by Indigo
CVE-2001-0815 EXPLOITDB c VERIFIED
ActivePerl < 5.6.1.629 - Remote Code Execution via Long Filename HTTP Request
Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension.
by Indigo
CVE-2001-0855 EXPLOITDB c VERIFIED
ClearCase <= 4.2 - Buffer Overflow via TERM Environment Variable
Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local users to gain root privileges via a long TERM environment variable.
by virtualcat
CVE-2002-0184 EXPLOITDB HIGH c VERIFIED
sudo < 1.6.6 - Heap-Based Buffer Overflow via Prompt Argument Expansion
Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.
by MaXX
CVSS 7.8
EIP-2026-117572 EXPLOITDB c VERIFIED
Microsoft Windows NT 3/4.0 - CSRSS Memory Access Violation
by Michael Wojcik
CVE-2001-0830 EXPLOITDB HIGH c VERIFIED
6tunnel < 0.08 - Denial of Service via Socket Resource Exhaustion
6tunnel 0.08 and earlier does not properly close sockets that were initiated by a client, which allows remote attackers to cause a denial of service (resource exhaustion) by repeatedly connecting to and disconnecting from the server.
by awayzzz
CVSS 7.5
CVE-2001-1015 EXPLOITDB c VERIFIED
Snes9x 1.37 - Local Privilege Escalation via Long Command Line Argument
Buffer overflow in Snes9x 1.37, when installed setuid root, allows local users to gain root privileges via a long command line argument.
by Niels Heinen
CVE-2001-0740 EXPLOITDB c VERIFIED
3COM OfficeConnect 812 and 840 ADSL Router < 1.1.9 - Denial of Service via Format String Attack
3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router software 1.1.9 and earlier, allows remote attackers to cause a denial of service via a long string containing a large number of "%s" strings, possibly triggering a format string vulnerability.
by Sniffer
CVE-2001-1112 EXPLOITDB c VERIFIED
EFTP 2.0.7.337 - Remote Code Execution via .lnk File Upload
Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .lnk file containing a large number of characters.
by byterage
CVE-2002-1652 EXPLOITDB c VERIFIED
cgiemail 1.6 - Buffer Overflow via Long Query Parameter
Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long query parameter.
by isox
CVE-2001-1067 EXPLOITDB c VERIFIED
AOLserver 3.0 - Buffer Overflow via HTTP Authorization Header
Buffer overflow in AOLserver 3.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via an HTTP request with a long Authorization header.
by qitest1
CVE-2001-1093 EXPLOITDB c VERIFIED
Compaq Tru64 - Buffer Overflow via Long Command Line Argument
Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument.
by seo
CVE-2001-0979 EXPLOITDB c VERIFIED
HP-UX 11.0 - Buffer Overflow via Long Command Line Argument
Buffer overflow in swverify in HP-UX 11.0, and possibly other programs, allows local users to gain privileges via a long command line argument.
by foo
EIP-2026-103843 EXPLOITDB c VERIFIED
Apache 1.0/1.2/1.3 - Server Address Disclosure
by magnum
By Source
All 3,138 Writeup 62,491 Exploitdb 50,076 Nomisec 22,459 Github 3,677 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,598 ruby 6,006 c 3,631 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25