C Exploits
3,632 exploits tracked across all sources.
Linux kernel <2.2.25-2.4.21 - Privilege Escalation
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.
Samba < 2.2.8 - Remote Code Execution via SMB/CIFS Packet Fragment Reassembly
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.
by flatline
PGP4Pine 1.75.6/1.76 - 'Message Line' Remote Buffer Overflow
by Eric AUGE
qpopper 4.0.x < 4.0.5fc2 - Authenticated Buffer Overflow via Long Macro Name in mdef Command
The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.
by Florian Heinz
Microsoft Windows Server 2000 - Help Facility '.CNT' File :Link Buffer Overflow
by s0h
Unknown AFCTR Tool <3.41 - Info Disclosure
Unknown vulnerability in the "Automatic File Content Type Recognition (AFCTR) Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact.
by CrZ
file - Buffer Overflow in readelf.c tryelf() via ELF Header
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
by lem0nxx
file - Buffer Overflow in readelf.c tryelf() via ELF Header
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
by lem0n
CoffeeCup Software Password Wizard 4.0 - HTML Source Password Retrieval
by THR
XFree86 4.2 - 'XLOCALEDIR' Local Buffer Overflow (2)
by Guilecool & deka
XFree86 4.2 - 'XLOCALEDIR' Local Buffer Overflow (1)
by dcryptr && tarranta
Sendmail 5.79-8.12.7 - Remote Code Execution via Formatted Address Fields in Header Comments
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
by bysin
Sendmail 5.79-8.12.7 - Remote Code Execution via Formatted Address Fields in Header Comments
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
by Last Stage of Delirium
tcpdump 3.6-3.7.1 - Denial of Service via Malformed ISAKMP Packet
isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.
by The Salvia Twist
Windows Me - Cross-Site Scripting via Help and Support Center Topic Parameter
Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter.
by s0h
Battlefield 1942 1.2-1.3 - Buffer Overflow via Remote Console Authentication
Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long user name and password.
by greuff
amx_mod 0.9.2 - Remote Code Execution via Format String Specifiers in amx_say Command
Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life Server, allows remote attackers to execute arbitrary commands via format string specifiers in the amx_say command.
by greuff
zlib 1.1.4 - Buffer Overflow in gzprintf
Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.
by CrZ
zlib 1.1.4 - Buffer Overflow in gzprintf
Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.
by Richard Kettlewel
Cisco IOS 11.2.x-12.0.x - Denial of Service via OSPF Neighbor Announcements
Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements.
by FX
By Source