Exploitdb Exploits
3,138 exploits tracked across all sources.
ISC BIND host command - Buffer Overflow
Buffer overflow in host command allows a remote attacker to execute arbitrary commands via a long response to an AXFR query.
by antirez
Microsoft Windows NT 4.0 - MSIEXEC Registry Permissions
by Mnemonix
Avirt Mail 4.0 and 4.2 - Denial of Service and Remote Code Execution via Long RCPT TO or MAIL FROM Command
Avirt Mail 4.0 and 4.2 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long "RCPT TO" or "MAIL FROM" command.
by Martin
xlockmore/xlockf < unknown - Privilege Escalation
xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option.
by Ben Williams
Oracle Internet Directory - Buffer Overflow via Long Connect Parameter
Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect" command line parameter.
by Juan Manuel Pascual Escribá
Internet Information Server 4.0-5.0 - Path Traversal and Remote Code Execution via Unicode-Encoded URL
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
by zipo
Internet Information Server 4.0-5.0 - Path Traversal and Remote Code Execution via Unicode-Encoded URL
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
by Gabriel Maggiotti
PHP 3 and 4 - Remote Code Execution via Format String Injection
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.
by anonymous
All-Mail 1.1 - Remote Code Execution via Long MAIL FROM or RCPT TO Command
Buffer overflow in All-Mail 1.1 allows remote attackers to execute arbitrary commands via a long "MAIL FROM" or "RCPT TO" command.
by @stake
Linux - OS Command Injection via tmpwatch --fuser Option
Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters.
by X-Force
OpenBSD <= 2.6 - Denial of Service via ARP Request Flood
OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests.
by skyper
OpenBSD - Local Privilege Escalation via PWD Environment Variable Format String
Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable.
by K2
LBNL Traceroute <1.4a5 - Buffer Overflow
Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option.
by Michel Kaempf
LBNL Traceroute <1.4a5 - Buffer Overflow
Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option.
by Perry Harrington
LBNL Traceroute <1.4a5 - Buffer Overflow
Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option.
by Dvorak
HP-UX - Remote Code Execution via wu-ftpd SITE EXEC Format String
The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.
by vsz_
Pine 4.21 - Remote Code Execution via Long From Header
Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header.
by Arkane
Mobius DocumentDirect for the Internet 1.2 - Remote Code Execution via Long User-Agent Parameter
Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long User-Agent parameter.
by wildcoyote
Caldera Openlinux Ebuilder - Access Control
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
by warning3
Caldera Openlinux Ebuilder - Access Control
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
by warning3
screen <3.9.5 - Privilege Escalation
Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges via format characters in the vbell_msg initialization variable.
by IhaQueR@IRCnet
Caldera Openlinux Ebuilder - Access Control
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
by anonymous
Caldera Openlinux Ebuilder - Access Control
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
by Synnergy.net
Caldera Openlinux Ebuilder - Access Control
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
by Kil3r of Lam3rZ
AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Local Buffer Overflow
by Last Stage of Delirium
By Source