Exploitdb Exploits
3,138 exploits tracked across all sources.
xconq - Buffer Overflow via Long USER Environment Variable
Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long USER environmental variable.
by V9
X 11.0/3.3.3/3.3.4/3.3.5/3.3.6/4.0 - libX11 '_XAsyncReply()' Stack Corruption
by Chris Evans
Gnome Gdm - Denial of Service
libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro.
by Chris Evans
Razor - Weak Password Encryption
The Razor configuration management tool uses weak encryption for its password file, which allows local users to gain privileges.
by pbw
Solaris 8 and earlier - Local Buffer Overflow in ufsrestore
Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.
by Job de Haas of ITSX
INN 2.2.2 - Remote Code Execution via Long Message ID in Cancel Request
Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID.
by Michal Zalewski
Windows NT 4.0 - Authenticated Denial of Service via Malformed Remote Registry Request
The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability.
by Renaud Deraison
dump restore 0.4b17 - Local Buffer Overflow via Long Tape Name
Buffer overflow in restore program 0.4b17 and earlier in dump package allows local users to execute arbitrary commands via a long tape name.
by Stan Bubrouski
Linux Kernel - Privilege Escalation via Setuid/Setcap Capabilities Bypass
The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability."
by Florian Heinz
PassWD 1.2 - Weak Password Encryption
PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords.
by Daniel Roethlisberger
mailx - Buffer Overflow via Long -c Parameter
Buffer overflow in mailx mail command (aka Mail) on Linux systems allows local users to gain privileges via a long -c (carbon copy) parameter.
by Paulo Ribeiro
O'Reilly WebSite Professional 2.x - Remote Code Execution via Long Keywords Parameter
Buffer overflow in Webfind CGI program in O'Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long "keywords" parameter.
by Robert Horton
NetWin dmail DSMTP 2.7q - Remote Code Execution via Long ETRN Request
Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a long ETRN request.
by noir
splitvt 1.6.3 - Local Buffer Overflow via Long Password in Screen Locking Function
Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a long password in the screen locking function.
by Syzop
FreeBSD 3.x/4.0/5.0 / NetBSD 1.4.1/1.4.2 / OpenBSD 2.x - Denial of Service
by Ussr Labs
Windows Media Encoder - Denial of Service via Malformed Request
Microsoft Windows Media Encoder allows remote attackers to cause a denial of service via a malformed request, aka the "Malformed Windows Media Encoder Request" vulnerability.
by Kit Knox
xterm, Eterm, and rxvt - Denial of Service via Escape Character Handling
xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized.
by Kit Knox
Mandrake Linux - Buffer Overflow via cdrecord dev Parameter
Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.
by noir
Elm Development Group ELM 2.4/2.5.1 Mail for UNIX - ELM Buffer Overflow (2)
by Buffer0verfl0w
KDE kdesud - Buffer Overflow via DISPLAY Environment Variable
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable.
by noir
Cygnus Network Security - Buffer Overflow
Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.
by Jim Paris
MDBMS - Remote Code Execution via Buffer Overflow
Buffer overflow in MDBMS database server allows remote attackers to execute arbitrary commands via a long string.
by HaCk-13 TeaM
Qpopper <2.53 - Privilege Escalation
Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command.
by Prizm
Check Point Firewall-1 - Denial of Service via Malformed IP Fragmentation
Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large number of malformed fragmented IP packets.
by phonix
D-Link DI-704 - Denial of Service via Malformed IP Datagram Fragments
D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows remote attackers to cause a denial of service (reboot) via malformed IP datagram fragments.
by phonix
By Source