C Exploits

3,568 exploits tracked across all sources.

Sort: Activity Stars
CVE-2002-1486 EXPLOITDB c VERIFIED
Trillian <0.74 - Buffer Overflow
Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service and possibly execute arbitrary code via (1) a large response from the server, (2) a JOIN with a long channel name, (3) a long "raw 221" message, (4) a PRIVMSG with a long nickname, or (5) a long response from an IDENT server.
by Lance Fitz-Herbert
CVE-2002-1492 EXPLOITDB c VERIFIED
Cisco VPN 5000 Client <5.2.7/5.2.8 - Privilege Escalation
Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel.
by zillion
CVE-2002-1492 EXPLOITDB c VERIFIED
Cisco VPN 5000 Client <5.2.7/5.2.8 - Privilege Escalation
Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel.
by BrainStorm
CVE-1999-0116 EXPLOITDB c VERIFIED
IBM Aix - Denial of Service
Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood.
by Nebunu
EIP-2026-116444 EXPLOITDB c VERIFIED
UDP Stress Tester - Denial of Service
by Cys
CVE-2002-2162 EXPLOITDB c VERIFIED
Cerulean Studios Trillian <0.73 - Info Disclosure
Cerulean Studios Trillian 0.73 and earlier use weak encrypttion (XOR) for storing user passwords in .ini files in the Trillian directory, which allows local users to gain access to other user accounts.
by Coeus Group
CVE-2002-1566 EXPLOITDB c VERIFIED
netris <0.52 - DoS
netris 0.5, and possibly other versions before 0.52, when running with the -w (wait) option, allows remote attackers to cause a denial of service (crash) via a long string to port 9284.
by V9
CVE-2002-1503 EXPLOITDB c VERIFIED
AFD <1.2.14 - Buffer Overflow
Buffer overflow in Automatic File Distributor (AFD) 1.2.14 and earlier allows local users to gain privileges via a long MON_WORK_DIR environment variable or -w (workdir) argument to (1) afd, (2) afdcmd, (3) afd_ctrl, (4) init_afd, (5) mafd, (6) mon_ctrl, (7) show_olog, or (8) udc.
by eSDee
CVE-2002-1101 EXPLOITDB c VERIFIED
Cisco VPN <3.5.5 - DoS
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name.
by Phenoelit
CVE-2002-2370 EXPLOITDB c VERIFIED
Sws Simple Web Server - Denial of Service
SWS web server 0.0.4, 0.0.3 and 0.1.0 allows remote attackers to cause a denial of service (crash) via a URL request that does not end with a newline.
by saman
CVE-2002-1506 EXPLOITDB c VERIFIED
Linuxconf <1.28r4 - RCE
Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.
by David Endler
CVE-2002-1506 EXPLOITDB c VERIFIED
Linuxconf <1.28r4 - RCE
Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.
by RaiSe
CVE-2002-1812 EXPLOITDB c VERIFIED
Gdam - Buffer Overflow
Buffer overflow in gdam123 0.933 and 0.942 allows local users to execute arbitrary code via a long filename parameter.
by Netric Security
CVE-2002-0724 EXPLOITDB c VERIFIED
Microsoft Windows 2000 - Buffer Overflow
Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows attackers to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerEnum3, aka "Unchecked Buffer in Network Share Provider Can Lead to Denial of Service".
by Frederic Deletang
CVE-2002-1809 EXPLOITDB c VERIFIED
MySQL <3.23.52 - Privilege Escalation
The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database.
by g0thm0g
CVE-2002-0851 EXPLOITDB c VERIFIED
ISDN4Linux - Privilege Escalation
Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a call to syslog.
by Gobbles Security
CVE-2002-1230 EXPLOITDB c VERIFIED
NetDDE Agent - RCE
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."
by Brett Moore
CVE-2002-1230 EXPLOITDB c VERIFIED
NetDDE Agent - RCE
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."
by Oliver Lavery
CVE-2002-1230 EXPLOITDB c VERIFIED
NetDDE Agent - RCE
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."
by Brett Moore
CVE-2002-1230 EXPLOITDB c VERIFIED
NetDDE Agent - RCE
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."
by Brett Moore
CVE-2002-1230 EXPLOITDB c VERIFIED
NetDDE Agent - RCE
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."
by Oliver Lavery
CVE-2002-1230 EXPLOITDB c VERIFIED
NetDDE Agent - RCE
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."
by sectroyer
CVE-2002-1414 EXPLOITDB c VERIFIED
qmailadmin - Buffer Overflow
Buffer overflow in qmailadmin allows local users to gain privileges via a long QMAILADMIN_TEMPLATEDIR environment variable.
by Thomas Cannon
EIP-2026-114739 EXPLOITDB c VERIFIED
Inso DynaWeb HTTPd 3.1/4.0.2/4.1 - Format String
by ghandi
CVE-2000-0284 EXPLOITDB c VERIFIED
University OF Washington Imap - Buffer Overflow
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
by Gabriel A. Maggiotti
By Source
All 3,568 Exploitdb 50,130 Writeup 46,953 Nomisec 21,249 Metasploit 3,221 Github 2,399 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,346 ruby 5,952 python 5,805 c 3,568 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 86 go 46 postscript 25 xml 24