C Exploits

3,564 exploits tracked across all sources.

Sort: Activity Stars
CVE-2003-0466 EXPLOITDB CRITICAL c VERIFIED
wu-ftpd <2.6.2 - RCE
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
by Xpl017Elz
CVSS 9.8
CVE-2003-0647 EXPLOITDB c VERIFIED
Cisco IOS <12.2 - RCE
Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request.
by FX
CVE-2004-2131 EXPLOITDB c VERIFIED
IBM Informix Dynamic Server <9.40.xC3 - Buffer Overflow
Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable.
by pask
CVE-2003-0605 EXPLOITDB c VERIFIED
Windows 2000 SP3-SP4 - DoS
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
by oc192
CVE-2003-0466 EXPLOITDB CRITICAL c VERIFIED
wu-ftpd <2.6.2 - RCE
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
by Xpl017Elz
CVSS 9.8
EIP-2026-103048 EXPLOITDB c VERIFIED
Xtokkaetama 1.0 b-6 - Nickname Local Buffer Overflow (2)
EIP-2026-103047 EXPLOITDB c VERIFIED
Xtokkaetama 1.0 b-6 - Nickname Local Buffer Overflow (1)
by V9
CVE-2003-0540 EXPLOITDB c VERIFIED
Postfix <1.1.12 - DoS
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or (2) via a valid MAIL FROM with a RCPT TO containing a ".!" string, which causes an instance of the SMTP listener to lock up.
by r3b00t
CVE-2003-0466 EXPLOITDB CRITICAL c VERIFIED
wu-ftpd <2.6.2 - RCE
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
by Xpl017Elz
CVSS 9.8
CVE-2003-0466 EXPLOITDB CRITICAL c VERIFIED
wu-ftpd <2.6.2 - RCE
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
by Xpl017Elz
CVSS 9.8
CVE-2002-1487 EXPLOITDB c VERIFIED
Trillian <0.74 - DoS
The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service (crash) by sending the raw messages (1) 206, (2) 211, (3) 213, (4) 214, (5) 215, (6) 217, (7) 218, (8) 243, (9) 302, (10) 317, (11) 324, (12) 332, (13) 333, (14) 352, and (15) 367.
by l0bstah
CVE-2003-0611 EXPLOITDB c VERIFIED
xtokkaetama 1.0 - Buffer Overflow
Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long (1) -display command line argument or (2) XTOKKAETAMADIR environment variable.
by brahma
CVE-2003-0454 EXPLOITDB c VERIFIED
xgalaga <2.0.34 - Buffer Overflow
Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable.
by c0wboy
CVE-2003-0605 EXPLOITDB c VERIFIED
Windows 2000 SP3-SP4 - DoS
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
by anonymous
EIP-2026-119240 EXPLOITDB c VERIFIED
Valve Software Half-Life 1.1 Client - Connection Routine Buffer Overflow (1)
by D4rkGr3y
CVE-2003-0605 EXPLOITDB c VERIFIED
Windows 2000 SP3-SP4 - DoS
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
by pHrail
EIP-2026-103236 EXPLOITDB c VERIFIED
Valve Software Half-Life Server 3.1.1.0 - Multiplayer Request Buffer Overflow
by KnbykL
EIP-2026-103235 EXPLOITDB c VERIFIED
Valve Software Half-Life Server 1.1.1.0/3.1.1.1c1/4.1.1.1a - Multiplayer Request Buffer Overflow
by hkvig
CVE-2003-0619 EXPLOITDB c VERIFIED
Linux kernel <2.4.21 - DoS
Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call.
by Jared Stanbrough
EIP-2026-114790 EXPLOITDB c VERIFIED
Mini SQL 1.0/1.3 - Remote Format String
by lucipher
CVE-2003-0651 EXPLOITDB c VERIFIED
mod_mylo <0.2.1 - RCE
Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
by Carl Livitt
EIP-2026-103037 EXPLOITDB c VERIFIED
XBlast 2.6.1 - 'HOME Environment' Local Buffer Overflow
by c0wboy
CVE-2003-0605 EXPLOITDB c VERIFIED
Windows 2000 SP3-SP4 - DoS
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
by H D Moore
CVE-2003-0605 EXPLOITDB c VERIFIED
Windows 2000 SP3-SP4 - DoS
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
by Flashsky
CVE-2003-0232 EXPLOITDB c VERIFIED
Microsoft SQL Server < - Buffer Overflow
Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls (LPC) port that leads to a buffer overflow.
by refdom
By Source
All 3,564 Exploitdb 50,130 Writeup 46,871 Nomisec 21,233 Metasploit 3,221 Github 2,353 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,346 ruby 5,952 python 5,785 c 3,564 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 78 go 45 postscript 25 xml 24