C Exploits
3,570 exploits tracked across all sources.
MIT Cgiemail - Buffer Overflow
Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long query parameter.
by isox
Aol Server - Buffer Overflow
Buffer overflow in AOLserver 3.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via an HTTP request with a long Authorization header.
by qitest1
Compaq Tru64 - Buffer Overflow
Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument.
by seo
Hp-ux - Buffer Overflow
Buffer overflow in swverify in HP-UX 11.0, and possibly other programs, allows local users to gain privileges via a long command line argument.
by foo
BSDI 3.0-3.1 - DoS
Vulnerability in a system call in BSDI 3.0 and 3.1 allows local users to cause a denial of service (reboot) in the kernel via a particular sequence of instructions.
by V9
Sendmail <8.11.6 - Memory Corruption
Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number.
Sendmail <8.11.6 - Memory Corruption
Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number.
by grange
Microsoft Internet Information Server - Buffer Overflow
Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability.
by Indigo
Solaris 2.6-8 - Privilege Escalation
Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable.
by Nsfocus
Solaris 2.6-8 - Privilege Escalation
Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable.
by Nsfocus
Fetchmail < 5.8.14 - Access Control
Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.
by Salvatore Sanfilippo -antirez-
Fetchmail < 5.8.14 - Access Control
Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.
by Sanfillipo antirez
Avaya Argent Office - DoS
Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload.
by Jacek Lipkowski
Oracle Database Server - Buffer Overflow
Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable.
by Juan Manuel Pascual Escribá
Oracle Database Server < 9.0.1 - Buffer Overflow
Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability."
by Juan Manuel Pascual Escribá
GNU locate in findutils <4.1 - Privilege Escalation
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.
by Josh Smith
SUN Solaris - Buffer Overflow
Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable.
by NSFOCUS Security Team
Oracle8i < 8.1.7 - Buffer Overflow
Buffer overflow in Transparent Network Substrate (TNS) Listener in Oracle 8i 8.1.7 and earlier allows remote attackers to gain privileges via a long argument to the commands (1) STATUS, (2) PING, (3) SERVICES, (4) TRC_FILE, (5) SAVE_CONFIG, or (6) RELOAD.
by benjurry
NetWin Authentication module - Info Disclosure
NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password.
by byterage
MIT Kerberos - Buffer Overflow
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
by Dvorak
ID Software Quake - Denial of Service
Quake 1 and NetQuake servers allow remote attackers to cause a denial of service (resource exhaustion or forced disconnection) via a flood of spoofed UDP connection packets, which exceeds the server's player limit.
by Andy Gavin
Slackware 7.0/7.1/8.0 - Manual Page Cache File Creation
by josh
By Source