Exploitdb Exploits
3,138 exploits tracked across all sources.
RobTex Viking Server < 1.0.6_build355 - Buffer Overflow via Long HTTP Headers
Buffer overflow in RobTex Viking server earlier than 1.06-370 allows remote attackers to cause a denial of service or execute arbitrary commands via a long HTTP GET request, or long Unless-Modified-Since, If-Range, or If-Modified-Since headers.
by wildcoyote
Darxite <= 0.4 - Remote Code Execution via Long Username or Password
Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to execute arbitrary commands via a long username or password.
by Scrippie
University of Minnesota gopherd 2.x - Remote Code Execution via Long GDESkey Ticket Value
Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows remote attackers to execute arbitrary commands via a DES key generation request (GDESkey) that contains a long ticket value.
by Chris Sharp
xlockmore/xlockf < unknown - Privilege Escalation
xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option.
by noir
ntop - Remote Code Execution via Buffer Overflow in Web Mode
Buffer overflows in ntop running in web mode allows remote attackers to execute arbitrary commands.
by anonymous
Aptis Totalbill - Privilege Escalation
The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed.
by Brian Masney
Linux rpc.statd - Remote Code Execution via Format String Vulnerability
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
by ron1n
IRIX 6.2-6.3 - Local Buffer Overflow via dmplay Command Line Option
Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long command line option.
by Last Stage of Delirium
Linux rpc.statd - Remote Code Execution via Format String Vulnerability
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
by Doing
Debian Linux - Buffer Overflow in KON fld via Long CHARSET Settings
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
by E-Ligth
AnalogX Proxy 4.04 - Denial of Service via Long FTP USER Command
Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long USER command in the FTP protocol.
by wildcoyote
BEA WebLogic 5.1.x - Unauthenticated Remote Code Execution via JSPServlet
BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file.
by Brian Carrier
Alibaba - Denial of Service via Long GET Request
Buffer overflow in Alibaba web server allows remote attackers to cause a denial of service via a long GET request.
by wildcoyote
Linux rpc.statd - Remote Code Execution via Format String Vulnerability
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
by drow
Cisco Secure PIX Firewall - Denial of Service via Forged TCP Reset Packets
Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections.
by Citec Network Securities
Caldera Openlinux Desktop - Denial of Service
BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters.
by RaiSe
Check Point Software Firewall-1 3.0/1.4.0/1.4.1 - Spoofed Source Denial of Service
by lore
Debian Linux - Buffer Overflow via Canna SR_INIT Command
Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name.
by UNYUN
IRIX 5.2-6.1 - Remote Code Execution via Telnetd Format String Injection
Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.
by Last Stage of Delirium
Sygate - Denial of Service via Malformed DNS UDP Packet
Sybergen Sygate allows remote attackers to cause a denial of service by sending a malformed DNS UDP packet to its internal interface.
by Marc of eEye
Dalnet IRCd 4.6.5 - Buffer Overflow via SUMMON Command
Buffer overflow in Dalnet IRC server 4.6.5 allows remote attackers to cause a denial of service or execute arbitrary commands via the SUMMON command.
by Matt Conover
sapporoworks_winproxy 2.0-2.0.1 - Remote Code Execution via Long POP3 Commands
Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitrary commands via long USER, PASS, LIST, RETR, or DELE commands.
by UNYUN
SawMill 5.0.21 - Weak Password Encryption
SawMill 5.0.21 uses weak encryption to store passwords, which allows attackers to easily decrypt the password and modify the SawMill configuration.
by Larry W. Cashdollar
Tridia Double Vision 3.07.00 - Local Buffer Overflow via dvtermtype Terminal Type Argument
Buffer overflow in dvtermtype in Tridia Double Vision 3.07.00 allows local users to gain root privileges via a long terminal type argument.
by Stephen J. Friedl
By Source