Exploitdb Exploits
3,149 exploits tracked across all sources.
MIT Kerberos - Buffer Overflow
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
by Dvorak
ID Software Quake - Denial of Service
Quake 1 and NetQuake servers allow remote attackers to cause a denial of service (resource exhaustion or forced disconnection) via a flood of spoofed UDP connection packets, which exceeds the server's player limit.
by Andy Gavin
Slackware 7.0/7.1/8.0 - Manual Page Cache File Creation
by josh
Check Point FireWall-1 <4.1 - Info Disclosure
Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet.
by Jim Becher
Richard Everitt Pileup - Buffer Overflow
Buffer overflows in Pileup before 1.2 allows local users to gain root privileges via (1) long command line arguments, or (2) a long callsign.
by Charles Stevenson
ArGoSoft FTP Server <1.2.2.2 - Privilege Escalation
ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, which allows an attacker with access to the password file to gain privileges.
by byterage
Infodrom Cfingerd - Buffer Overflow
Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file.
by Megyer Laszlo
Infodrom Cfingerd - Buffer Overflow
Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file.
by qitest1
Xli - Memory Corruption
Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field.
by zenith parsec
Samsung ML-85G GDI <0.2.0 - Local Privilege Escalation
ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
by Charles Stevenson
Multiple TCP Implementations - DoS
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
by Darren Reed
Lmail <2.7 - Local Privilege Escalation
Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
by Charles Stevenson
Xvt 2.1 - Buffer Overflow
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.
by Christophe Bailleux
CylantSecure 1.0 - Kernel Module Syscall Rerouting
by Juergen Pabel
Debian Linux < 2.1.8.8.p3-1.1 - Buffer Overflow
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.
by qitest1
Sun Solaris 8 - RCE
Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.
by Fyodor
Linux Kernel 2.2/2.4 - procfs Stream redirection to Process Memory Privilege Escalation
by zen-parse
Cisco Ios - Authentication Bypass
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
by Eliel C. Sardanons
Sun Solaris 8 - RCE
Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.
by noir
XFree86 3.3-3.3.3 - Info Disclosure
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack.
by ntf & sky
Groff <1.16.1/jgroff <1.15 - RCE
Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command.
by zen-parse
teTeX filter <1.0.7 - Privilege Escalation
teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr.
by zen-parse
Microsoft Frontpage Server Extensions - Buffer Overflow
Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.
by NSFOCUS Security Team
Microsoft Index Server < 6.0 - Buffer Overflow
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
by hsj
By Source