Exploitdb Exploits
3,138 exploits tracked across all sources.
splitvt - Remote Code Execution via Format String in -rcfile Argument
Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument.
by Michel Kaempf
Solaris 7 and earlier - Local Buffer Overflow via Long -f Parameter
Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.
by ahmed
APC UPS daemon - Local Privilege Escalation
APC UPS daemon, apcupsd, saves its process ID in a world-writable file, which allows local users to kill an arbitrary process by specifying the target process ID in the apcupsd.pid file.
by the itch
HP-UX 11.0 - Buffer Overflow via cu Program -l Argument
Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument.
by zorgon
BSD libutil - Privilege Escalation
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
by caddis
HP-UX - Remote Code Execution via wu-ftpd SITE EXEC Format String
The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.
by kalou
ProFTPd 1.2.0rc2 - Denial of Service via USER Command Memory Leak
Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
by Piotr Zurawski
LBNL tcpdump - Remote Code Execution via Buffer Overflow
Multiple buffer overflows in LBNL tcpdump allow remote attackers to execute arbitrary commands.
by Zhodiac
GTK+ - Privilege Escalation via GTK_MODULES Environment Variable
GTK+ library allows local users to specify arbitrary modules via the GTK_MODULES environmental variable, which could allow local users to gain privileges if GTK+ is used by a setuid/setgid program.
by V9
Sendmail 5.79-8.12.7 - Remote Code Execution via Formatted Address Fields in Header Comments
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
by sd
licq < 1.0.3 - Buffer Overflow in Logging Functions
Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.
by Stan Bubrouski
HP OmniBackII <A.03.50 - Privilege Escalation
Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.
by DiGiT
BSD-based ftpd - Remote Code Execution via replydirname Buffer Overflow
One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.
by Scrippie
Check Point VPN-1/FireWall-1 4.1 SP2 - Blocked Port Bypass
by anonymous
itetris/xitetris <1.6.2 - Privilege Escalation
itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program.
by V9
LPRng 3.6.24 - Remote Code Execution
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
by VeNoMouS
xsoldier - Privilege Escalation via Long Argument
xsoldier program allows local users to gain root access via a long argument.
by zorgon
oops_proxy_server 1.4.6 - Remote Code Execution via Long Hostname Buffer Overflow
Buffer overflow in oops WWW proxy server 1.4.6 (and possibly other versions) allows remote attackers to execute arbitrary commands via a long host or domain name that is obtained from a reverse DNS lookup.
by diman
Check Point VPN-1/FireWall-1 <4.1 SP2 - Auth Bypass
Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets.
by Thomas Lopatic
oops_proxy_server 1.5.2 - Remote Code Execution via HTML Parser Quotation Character Overflow
Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 and earlier allows remote attackers to execute arbitrary commands via a large number of " (quotation) characters.
by CyRaX
LPRng 3.6.24 - Remote Code Execution
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
by sk8
LPRng 3.6.24 - Remote Code Execution
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
by DiGiT
By Source