Exploitdb Exploits
3,149 exploits tracked across all sources.
Arcadia Internet Store - Denial of Service
tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to cause a denial of service via a URL request with an MS-DOS device name in the template parameter.
by NERF Security
eXtremail <1.1.9 - RCE
Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3) MAIL FROM, or (4) RCPT TO, and the POP3 commands (5) USER and (6) other commands that can be executed after POP3 authentication.
by mu-b
eXtremail <1.1.9 - RCE
Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3) MAIL FROM, or (4) RCPT TO, and the POP3 commands (5) USER and (6) other commands that can be executed after POP3 authentication.
by Luca Ercoli
Microsoft Index Server < 6.0 - Buffer Overflow
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
by Ps0
PCP <2.2.1-3 - Privilege Escalation
The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR).
by IhaQueR
Gaztek Ghttpd - Buffer Overflow
Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long HTTP GET request.
by qitest1
Munica Corporation NetSQL 1.0 - RCE
Buffer overflow in Munica Corporation NetSQL 1.0 allows remote attackers to execute arbitrary code via a long CONNECT argument to port 6500.
by Sergio Monteiro
Jetico Bestcrypt - Buffer Overflow
Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows local users to execute arbitrary code via a file or directory with a long pathname, which is processed during an unmount.
by Carl Livitt
Juergen Schoenwaelder Scotty - Buffer Overflow
Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument.
by Larry W. Cashdollar
FreeBSD 1.5 - Privilege Escalation
Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd.
by Teso
LPRng - Privilege Escalation
LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges.
by zen-parse
Su-wrapper - Buffer Overflow
Buffer overflow in su-wrapper 1.1.1 allows local users to execute arbitrary code via a long first argument.
by dex
PKCrew TIAtunnel 0.9 alpha2 - Authentication Mechanism Buffer Overflow
by qitest1
SUN Solaris - Buffer Overflow
Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable.
by 51
SUN Solaris - Buffer Overflow
Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2) CFIME environment variable.
by Pablo Sor
Windows 2000 - DoS
Windows 2000 allows local users to cause a denial of service and possibly gain privileges by setting a hardware breakpoint that is handled using global debug registers, which could cause other processes to terminate due to an exception, and allow hijacking of resources such as named pipes.
by Georgi Guninski
Microsoft Internet Information Server < 5.0 - Path Traversal
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
by HuXfLuX
Microsoft Internet Information Server < 5.0 - Path Traversal
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
by MovAX
Microsoft Internet Information Server < 5.0 - Path Traversal
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
by Filip Maertens
Microsoft Windows 2000 - Buffer Overflow
Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.
by dark spyrit
wu-ftpd <2.6.0 - Code Injection
The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.
by qitest1
Microsoft Windows 2000 - Buffer Overflow
Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.
by Ryan Permeh
Novell Bordermanager < 3.6 - Denial of Service
Remote attackers can cause a denial of service in Novell BorderManager 3.6 and earlier by sending TCP SYN flood to port 353.
by honoriak
Microsoft Windows 2000 - Buffer Overflow
Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.
by dark spyrit
Nullsoft Winamp - Buffer Overflow
Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute arbitrary code via a long string in an AIP file.
by byterage
By Source