C Exploits

3,632 exploits tracked across all sources.

Sort: Activity Stars
CVE-2002-1072 EXPLOITDB c VERIFIED
ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01) - Denial of Service via Oversized ICMP Packet
ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01), allows remote attackers to cause a denial of service via an oversized, fragmented "jolt" style ICMP packet.
by Jeff w. Roberson
CVE-2002-1059 EXPLOITDB c VERIFIED
SecureCRT < 3.4.6 and 4.x < 4.0 beta 3 - Remote Code Execution via Long SSH1 Protocol Version String
Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6, and 4.x before 4.0 beta 3, allows an SSH server to execute arbitrary code via a long SSH1 protocol version string.
by andrea lisci
CVE-2002-1059 EXPLOITDB c VERIFIED
SecureCRT < 3.4.6 and 4.x < 4.0 beta 3 - Remote Code Execution via Long SSH1 Protocol Version String
Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6, and 4.x before 4.0 beta 3, allows an SSH server to execute arbitrary code via a long SSH1 protocol version string.
by Kyuzo
CVE-2002-2309 EXPLOITDB c VERIFIED
PHP 3.0-4.2.2 - Denial of Service via Direct Request Without Arguments
php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.
by Matthew Murphy
CVE-2002-1057 EXPLOITDB c VERIFIED
SmartMax MailMax POP3 Daemon 4.8 - Remote Code Execution via Long USER Command
Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows remote attackers to execute arbitrary code via a long USER command.
by anonymous
CVE-2002-1073 EXPLOITDB c VERIFIED
MERCUR Mailserver 4.2 - Remote Code Execution via Long Password Buffer Overflow
Buffer overflow in the control service for MERCUR Mailserver 4.2 allows remote attackers to execute arbitrary code via a long password.
by anonymous
CVE-2002-1014 EXPLOITDB c VERIFIED
RealJukebox 2 and RealOne Player - Buffer Overflow via RFS Skin File
Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long value in a CONTROLnImage argument, such as CONTROL1Image.
by UNYUN
EIP-2026-100963 EXPLOITDB c VERIFIED
ATPhttpd 0.4b - Remote Buffer Overflow
by badc0ded
CVE-2002-1973 EXPLOITDB c VERIFIED
Microsoft Foundation Class Library - Buffer Overflow in CHttpServer::OnParseError via Long Query String
Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attackers to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error.
by Matthew Murphy
EIP-2026-102647 EXPLOITDB c VERIFIED
Linux Kernel 2.4.18/2.4.19 - Privileged File Descriptor Resource Exhaustion (Denial of Service)
by Paul Starzetz
CVE-2002-2195 EXPLOITDB c VERIFIED
Winamp 2.80 - Buffer Overflow via Version Update Check
Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response.
by anonymous
CVE-2002-0994 EXPLOITDB c VERIFIED
SunPCi II VNC - Weak Authentication Scheme
SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.
by Richard van den Berg
CVE-2002-1814 EXPLOITDB c VERIFIED
Bonobo - Buffer Overflow via Long Command Line Arguments
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
by N4rK07IX
CVE-2000-0284 EXPLOITDB c VERIFIED
University of Washington imapd 4.7 - Authenticated Buffer Overflow via LIST Command
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
by Teso
CVE-2002-0652 EXPLOITDB c VERIFIED
IRIX 6.5-6.5.16 - Remote Code Execution via XFSMD Popen Shell Metacharacter Injection
xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs().
by Last Stage of Delirium
CVE-2002-1447 EXPLOITDB c VERIFIED
UNIX VPN Client <3.5.2 - Privilege Escalation
Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain administrative privileges via a long profile name in a connect argument.
by methodic
CVE-2003-0281 EXPLOITDB c VERIFIED
Firebird < 1.5 - Buffer Overflow via Long INTERBASE Environment Variable
Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop.
by bob
CVE-2002-0392 EXPLOITDB c VERIFIED
Apache HTTP Server 1.3-1.3.24 & 2.0-2.0.36 - DoS & RCE via Chunk-Encoded Request
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
by Gobbles Security
CVE-2002-0392 EXPLOITDB c VERIFIED
Apache HTTP Server 1.3-1.3.24 & 2.0-2.0.36 - DoS & RCE via Chunk-Encoded Request
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
by Gobbles Security
CVE-2002-0968 EXPLOITDB c VERIFIED
AnalogX SimpleServer:WWW < 1.16 - Remote Code Execution via Long HTTP Request Method
Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows remote attackers to cause a denial of service (crash) and execute code via a long HTTP request method name.
by Auriemma Luigi
CVE-2002-2338 EXPLOITDB c VERIFIED
Mozilla and Netscape Communicator - Denial of Service via POP3 Mail Message Newline Handling
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
by eldre8
CVE-2002-0767 EXPLOITDB c VERIFIED
simpleinit - Privilege Escalation via FIFO Descriptor Handling
simpleinit on Linux systems does not close a read/write FIFO file descriptor before creating a child process, which allows the child process to cause simpleinit to execute arbitrary programs with root privileges.
by Patrick Smith
CVE-2002-1891 EXPLOITDB c VERIFIED
IRCIT 0.3.1 - Buffer Overflow via Long Invite Request
Buffer overflow in IRCIT 0.3.1 IRC client allows remote attackers to execute arbitrary code via a long invite request.
by gobbles
CVE-2002-0949 EXPLOITDB c VERIFIED
Telindus 1100 - Privilege Escalation
Telindus 1100 series ADSL router allows remote attackers to gain privileges to the device via a certain packet to UDP port 9833, which generates a reply that includes the router's password and other sensitive information in cleartext.
by rubik
CVE-2002-0907 EXPLOITDB c VERIFIED
SHOUTcast < 1.8.12 - Authenticated Buffer Overflow via Long icy- Header
Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-".
by eSDee
By Source
All 3,632 Writeup 62,507 Exploitdb 50,076 Nomisec 22,465 Github 3,690 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,604 ruby 6,006 c 3,632 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25