Exploitdb Exploits
3,138 exploits tracked across all sources.
xli 1.16-1.17 - Buffer Overflow via FACES Format Image Long Name Field
Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field.
by zenith parsec
Samsung ML-85G GDI <0.2.0 - Local Privilege Escalation
ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
by Charles Stevenson
TCP MSS Handling - Amplified Traffic Denial of Service
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
by Darren Reed
Lmail <2.7 - Local Privilege Escalation
Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
by Charles Stevenson
Xvt 2.1 - Local Buffer Overflow via Long -name or -T Arguments
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.
by Christophe Bailleux
CylantSecure 1.0 - Kernel Module Syscall Rerouting
by Juergen Pabel
Linux xinetd < 2.1.8.9pre11-1 - Remote Code Execution via Long Ident Response
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.
by qitest1
Solaris 8 - Buffer Overflow via LDAP_OPTIONS Environment Variable
Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.
by Fyodor
Linux Kernel 2.2/2.4 - procfs Stream redirection to Process Memory Privilege Escalation
by zen-parse
Cisco IOS 11.3-12.2 - Unauthenticated Command Execution via High Access Level URL
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
by Eliel C. Sardanons
Solaris 8 - Buffer Overflow via LDAP_OPTIONS Environment Variable
Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.
by noir
XFree86 3.3-3.3.3 - Info Disclosure
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack.
by ntf & sky
groff - Remote Code Execution via Format String in pic Utility
Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command.
by zen-parse
teTeX filter <1.0.7 - Privilege Escalation
teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr.
by zen-parse
Microsoft FrontPage Server Extensions - Remote Code Execution via Long Registration Request to fp30reg.dll
Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.
by NSFOCUS Security Team
Index Server and Indexing Service - Remote Code Execution via Long Argument to ISAPI Extension
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
by hsj
Arcadia Internet Store 1.0 - Denial of Service via Template Parameter
tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to cause a denial of service via a URL request with an MS-DOS device name in the template parameter.
by NERF Security
eXtremail <= 1.1.9 - Format String Vulnerability via SMTP and POP3 Commands
Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3) MAIL FROM, or (4) RCPT TO, and the POP3 commands (5) USER and (6) other commands that can be executed after POP3 authentication.
by mu-b
eXtremail <= 1.1.9 - Format String Vulnerability via SMTP and POP3 Commands
Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3) MAIL FROM, or (4) RCPT TO, and the POP3 commands (5) USER and (6) other commands that can be executed after POP3 authentication.
by Luca Ercoli
Index Server and Indexing Service - Remote Code Execution via Long Argument to ISAPI Extension
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
by Ps0
PCP <2.2.1-3 - Privilege Escalation
The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR).
by IhaQueR
GazTek ghttpd 1.4-1.4.3 - Remote Code Execution via Long HTTP GET Request
Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long HTTP GET request.
by qitest1
Munica Corporation NetSQL 1.0 - RCE
Buffer overflow in Munica Corporation NetSQL 1.0 allows remote attackers to execute arbitrary code via a long CONNECT argument to port 6500.
by Sergio Monteiro
Jetico BestCrypt <= 0.8.1 - Local Buffer Overflow via Long Pathname
Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows local users to execute arbitrary code via a file or directory with a long pathname, which is processed during an unmount.
by Carl Livitt
scotty 2.1.0 - Local Buffer Overflow via Long Hostname Command Line Argument
Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument.
by Larry W. Cashdollar
By Source