Exploitdb Exploits
3,138 exploits tracked across all sources.
Solaris <= 8 - Buffer Overflow via mailx -F Option
Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option.
by Pablo Sor
NetBSD - Remote Code Execution via Long Pattern String with {} Sequence
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
by fish stiqz
Microsoft Windows 2000 - Denial of Service via Empty TCP/IP Packets with ACK and FIN Bits
Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3.
by 3APA3A
Microsoft Windows 2000 - Denial of Service via Empty TCP/IP Packets with ACK and FIN Bits
Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3.
by 3APA3A
Solaris - Local Privilege Escalation via LANG Environment Variable
Buffer overflow in dtsession on Solaris, and possibly other operating systems, allows local users to gain privileges via a long LANG environmental variable.
by Last Stage of Delirium
Solaris 8 and earlier - Buffer Overflow via HOME Environment Variable
Buffer overflow in Xsun in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.
by Riley Hassell
Zetetic STRIP <0.5 - Info Disclosure
Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack. This attack is made feasible by STRIP's use of SysRandom, which is seeded by TimeGetTicks, and an implementation flaw which vastly reduces the password 'search space'.
by Thomas Roessler
Solaris 7 and 8 - Local Privilege Escalation via kcms_configure Command Line Argument Buffer Overflow
kcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument.
by Adam Slattery
Solaris 7 and 8 - Local Privilege Escalation via kcms_configure Command Line Argument Buffer Overflow
kcms_configure as included with Solaris 7 and 8 allows a local attacker to gain additional privileges via a buffer overflow in a command line argument.
by Riley Hassell
ntpd < 4.0.99k - Buffer Overflow via Long readvar Argument
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
by babcia padlina ltd
Solaris <= 8 - Buffer Overflow via mailx -F Option
Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option.
by Pablo Sor
Solaris <= 8 - Local Buffer Overflow via HOME Environment Variable
Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.
by Pablo Sor
Linux kernel <2.5 - Privilege Escalation
Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process.
by Wojciech Purczynski
Linux kernel <2.5 - Privilege Escalation
Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process.
by Wojciech Purczynski
Digital Unix - Buffer Overflow
Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a local attacker to obtain root access via a long command line argument (non-existent printer name).
by Luciano Rocha
Solaris - Remote Code Execution via SNMP to DMI Mapper Daemon Buffer Overflow
Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event.
by Last Stage of Delirium
AfterStep ascdc - Local Privilege Escalation via Long Command Line Option
Buffer overflows in ascdc Afterstep while running setuid allows local users to gain root privileges via a long (1) -d option, (2) -m option, or (3) -f option.
by the itch
AfterStep ascdc - Local Privilege Escalation via Long Command Line Option
Buffer overflows in ascdc Afterstep while running setuid allows local users to gain root privileges via a long (1) -d option, (2) -m option, or (3) -f option.
by anonymous
Progress Database Server 8.3b - 'prodb' Local Privilege Escalation
by the itch
University of Washington imapd 4.7 - Authenticated Buffer Overflow via LIST Command
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
by SkyLaZarT
Slackware 7.1 - '/usr/bin/mail' Local Privilege Escalation
by kengz
ja-xklock < 2.7.1 - Local Buffer Overflow
Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges.
by dethy
ja-elvis and ko-helvis - Local Buffer Overflow
Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local users to gain root privileges.
by dethy
HP Tru64 UNIX - Buffer Overflow via Long Argument to /usr/bin/at
Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.
by Cody Tubbs
BIND 8 - Buffer Overflow in TSIG Handling
Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.
by Multiple
By Source