C Exploits
3,632 exploits tracked across all sources.
QNX RTOS 6.1.0 - Local Buffer Overflow via ABLANG Environment Variable or pkg-installer -u Option
Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 allows local users to execute arbitrary code via (1) a long ABLANG environment variable in phlocale or (2) a long -u option to pkg-installer.
by badc0ded
QNX RTOS 6.1.0 - Local Buffer Overflow via ABLANG Environment Variable or pkg-installer -u Option
Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 allows local users to execute arbitrary code via (1) a long ABLANG environment variable in phlocale or (2) a long -u option to pkg-installer.
by badc0ded
Shambala Server 4.5 - Denial of Service via Malformed HTTP Request
Web server for Shambala 4.5 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request.
by Shambala
IBM Informix SE-7.25 - Local Buffer Overflow via INFORMIXDIR Environment Variable
Buffer overflow in sqlexec for Informix SE-7.25 allows local users to gain root privileges via a long INFORMIXDIR environment variable.
by smurf
Yahoo! Messenger 5.0.0.1064 - Remote Code Execution via Long YMSGR URI Arguments
Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend.
by bob
Sendmail 8.9.0-8.12.3 - Denial of Service via File Locking
Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files.
by zillion
Sendmail 8.9.0-8.12.3 - Denial of Service via File Locking
Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files.
by zillion
NewAtlanta ServletExec ISAPI 4.1 - Denial of Service via Long JSP File Request
NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp file, or (2) a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet.
by Matt Moore
YoungZSoft CMailServer 3.30 - Remote Code Execution via Long USER Argument
Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument.
by Over_G
YoungZSoft CMailServer 3.30 - Remote Code Execution via Long USER Argument
Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument.
by anonymous
psyBNC 2.3 - Denial of Service via Long PASS Command
psyBNC 2.3 allows remote attackers to cause a denial of service (CPU consumption and resource exhaustion) by sending a PASS command with a long password argument and quickly killing the connection, which is not properly terminated by psyBNC.
by Lunar Fault
wu-ftpd 2.6.1 - Remote Command Execution via Glob Function
wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
by Teso
Squid < 2.4_9 - Heap-Based Buffer Overflow via Compressed DNS Responses
Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses.
by Teso
University of Washington uw-imap - Authenticated Buffer Overflow via Long BODY Request
Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.
by 0x3a0x29 crew
University of Washington uw-imap - Authenticated Buffer Overflow via Long BODY Request
Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.
by korty
ISC DHCPd 3-3.0.1rc8 - Remote Code Execution via Format String in DNS Response
Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response.
by Andi
Internet Information Server 4.0 and 5.0 - Buffer Overflow in Chunked Encoding Transfer Mechanism
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
by yuange
GNU screen 3.9.11 - Buffer Overflow in Braille Module
Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code.
by Gobbles Security
FreeBSD <4.5 - Local Privilege Escalation
FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files.
by phased
Microsoft Windows 2000 - Denial of Service via Malformed Data to Microsoft-DS Port
LANMAN service on Microsoft Windows 2000 allows remote attackers to cause a denial of service (CPU/memory exhaustion) via a stream of malformed data to microsoft-ds port 445.
by Daniel Nystrom
3Cdaemon 2.0 - Buffer Overflow via Long FTP Commands
Buffer overflow in 3Cdaemon 2.0 FTP server allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long commands such as login.
by MaD SKiLL
Internet Information Server 4.0 and 5.0 - Buffer Overflow in Chunked Encoding Transfer Mechanism
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
by hsj
OpenBSD <3.1 - Privilege Escalation
mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.
by Przemyslaw Frasunek
Internet Information Server 4.0 and 5.0 - Buffer Overflow in Chunked Encoding Transfer Mechanism
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
by NeMeS||y
Internet Information Server 4.0 and 5.0 - Buffer Overflow in Chunked Encoding Transfer Mechanism
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
by CHINANSL Security Team
By Source