Exploitdb Exploits
3,138 exploits tracked across all sources.
CUPS 1.3.8 - Arbitrary File Overwrite via Symlink Attack on Temporary File
pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.
by Jon Oberheide
avahi < 0.6.24 - Denial of Service via mDNS Packet with Source Port 0
The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an assertion failure.
by Jon Oberheide
Linux Kernel 2.6.27.7-generic/2.6.18/2.6.24-1 - Local Denial of Service
by Adurit-T
Linux Kernel <= 2.6.27.8 - Denial of Service via ATM Subsystem SVC Socket Handling
net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.
by Jon Oberheide
ClamAV < 0.94.2 - Denial of Service via Crafted JPEG File
Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.
by ilja van sprundel
Oracle Database Vault - 'ptrace(2)' Local Privilege Escalation
by Jakub Wartak
Microsoft Windows Vista Gold & SP1 - Buffer Overflow
Stack-based buffer overflow in Microsoft Device IO Control in iphlpapi.dll in Microsoft Windows Vista Gold and SP1 allows local users in the Network Configuration Operator group to gain privileges or cause a denial of service (system crash) via a large invalid PrefixLength to the CreateIpForwardEntry2 method, as demonstrated by a "route add" command. NOTE: this issue might not cross privilege boundaries.
by Marius Wachtler
No-IP DUC < 2.1.7 - Remote Code Execution via DNS Update Response Buffer Overflow
Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP servers to execute arbitrary code via a crafted response to a DNS update request, related to a missing length check in the GetNextLine function.
by XenoMuta
Microsoft Windows Server Service - Remote Code Execution via Crafted RPC Request
The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability."
by Polymorphours
CVSS 9.8
Linux Kernel < 2.4.36.9/2.6.27.5 - Unix Sockets Local Kernel Panic (Denial of Service)
by Andrea Bittau
Linux Kernel < 2.6.22 - Privilege Escalation via Setuid/Setgid Bit Handling
fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O.
by gat3way
VicFTPS 5.0 - Denial of Service via Malformed LIST Command
VicFTPS 5.0 allows remote attackers to cause a denial of service (crash) via a LIST command that starts with a "/\/" (forward slash, backward slash, forward slash). NOTE: this might be the same issue as CVE-2008-2031.
by Alfons Luja
Sun Solaris 9 - Denial of Service via RPC XDR_DECODE Operation
The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8 in program 100000 (rpcbind), related to the XDR_DECODE operation and the taddr2uaddr function. NOTE: this might be a duplicate of CVE-2007-0165.
by Federico L. Bossi Bonin
Windows Vista SP1 and earlier - Denial of Service via PAGE_NOACCESS Memory Page Access
Microsoft Windows Vista Home and Ultimate Edition SP1 and earlier allows local users to cause a denial of service (page fault and system crash) via multiple attempts to access a virtual address in a PAGE_NOACCESS memory page.
by Defsanguje
ESET System Analyzer Tool 1.1.1.0 - Local Privilege Escalation via IOCTL Request
The SysInspector AntiStealth driver (esiasdrv.sys) 3.0.65535.0 in ESET System Analyzer Tool 1.1.1.0 allows local users to execute arbitrary code via a certain METHOD_NEITHER IOCTL request to \Device\esiasdrv that overwrites a pointer.
by NT Internals
DATAC RealWin SCADA Server 2.0 - Remote Stack Buffer Overflow
by Ruben Santamarta
Mass Downloader - Malformed Executable Denial of Service
by Ciph3r
DESlock+ 3.2.7 - Denial of Service via Crafted IOCTL Request
The Virtual Token driver (vdlptokn.sys) 1.0.2.43 in DESlock+ 3.2.7 allows local users to cause a denial of service (system crash) via a crafted IOCTL request to \Device\DLPTokenWalter0.
by NT Internals
DESlock+ 3.2.7 - Denial of Service via DLMFENC_IOCTL Request
DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a denial of service (system crash) or potentially execute arbitrary code via a certain DLMFENC_IOCTL request to \\.\DLKPFSD_Device that overwrites a pointer, probably related to use of the ProbeForRead function when ProbeForWrite was intended.
by mu-b
DESlock+ < 3.2.6 - Denial of Service via DLMFENC_IOCTL Requests
Memory leak in DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (kernel memory consumption) via a series of DLMFENC_IOCTL requests to \\.\DLKPFSD_Device that allocate "link list structures."
by mu-b
DESlock+ 3.2.7 - Denial of Service via DLMFENC_IOCTL Request
DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a denial of service (system crash) or potentially execute arbitrary code via a certain DLMFENC_IOCTL request to \\.\DLKPFSD_Device that overwrites a pointer, probably related to use of the ProbeForRead function when ProbeForWrite was intended.
by mu-b
Acritum Femitter Server 1.03 - Denial of Service via Crafted RETR Commands
The FTP service in Acritum Femitter Server 1.03 allows remote attackers to cause a denial of service (crash) by sending multiple crafted RETR commands. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by LiquidWorm
Postfix <2.4.9, 2.5 <2.5.5, 2.6 <2.6-20080902 - DoS
Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service (application slowdown or exit) via a crafted command, as demonstrated by a command in a .forward file.
by Albert Sellares
Michael Roth Software Personal FTP Server 6.0f - Denial of Service via Multiple RETR Commands
Michael Roth Software Personal FTP Server (PFT) 6.0f allows remote attackers to cause a denial of service (service crash) via multiple RETR commands, possibly involving long filenames.
by Shinnok
By Source