Exploitdb Exploits

CVE-2005-0959 EXPLOITDB c VERIFIED

mtftpd <0.0.3 - RCE

Buffer overflow in the mt_do_dir function in YepYep mtftpd 0.0.3 may allow attackers to execute arbitrary code via a long path.

by gunzip

View

EIP-2026-102650 EXPLOITDB c VERIFIED

Linux Kernel 2.6.10 - File Lock Local Denial of Service

by ChoiX

View

CVE-2005-0958 EXPLOITDB c VERIFIED

YepYep mtftpd <0.0.3 - RCE

Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD command.

by darkeagle

View

EIP-2026-103091 EXPLOITDB c VERIFIED

Cyrus imapd 2.2.4 < 2.2.8 - 'imapmagicplus' Remote Overflow

by crash-x

View

EIP-2026-102651 EXPLOITDB c VERIFIED

Linux Kernel 2.6.10 - Local Denial of Service

by ChoiX

View

CVE-2005-0892 EXPLOITDB c VERIFIED

Smail - Buffer Overflow

Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands.

by infamous41md

View

CVE-2005-0750 EXPLOITDB c VERIFIED

Linux Kernel <2.6.11.5 - Privilege Escalation

The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.

by ilja van sprundel

View

CVE-2005-0892 EXPLOITDB c VERIFIED

Smail - Buffer Overflow

Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands.

by infamous42md

View

CVE-2005-0716 EXPLOITDB c VERIFIED

Apple Mac OS X - Buffer Overflow

Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable.

by vade79

View

CVE-2004-1235 EXPLOITDB c VERIFIED

Linux kernel <2.6.11 - RCE

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

by sd

View

CVE-2005-0713 EXPLOITDB c VERIFIED

Mac OS X <10.3.8 - Privilege Escalation

The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges.

by V9

View

EIP-2026-103106 EXPLOITDB c VERIFIED

Ethereal 0.10.9 (Linux) - '3G-A11' Remote Buffer Overflow

by Diego Giagio

View

CVE-2005-0666 EXPLOITDB c VERIFIED

PaX <2005.03.05 - Privilege Escalation

Unknown vulnerability in PaX from the September 2003 release to 2.2 before 2005.03.05, related to SEGMEXEC or RANDEXEC and VMA mirroring, allows local users and possibly remote attackers to bypass intended access restrictions and execute arbitrary code.

by Christophe Devine

View

CVE-2005-0353 EXPLOITDB c VERIFIED

Safenet Sentinel License Manager - Buffer Overflow

Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093.

by class101

View

CVE-2005-1199 EXPLOITDB c VERIFIED

UBB.Threads - SQL Injection

SQL injection vulnerability in printthread.php in UBB.Threads allows remote attackers to execute arbitrary SQL commands via the main parameter.

by HLL

View

CVE-2005-0736 EXPLOITDB c VERIFIED

Linux kernel <2.6.12 - Memory Corruption

Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.

by sd

View

EIP-2026-100673 EXPLOITDB c VERIFIED

OpenBSD 2.0 < 3.6 - TCP Timestamp Remote Denial of Service

by RusH

View

CVE-2005-0647 EXPLOITDB c VERIFIED

paNews 2.0.4b - Command Injection

admin_setup.php in paNews 2.0.4b allows remote attackers to inject arbitrary PHP code via the (1) $form[comments] or (2) $form[autoapprove] parameters, which are written to config.php.

by Silentium

View

EIP-2026-103462 EXPLOITDB c VERIFIED

Ethereal 0.10.9 - Denial of Service

by Leon Juranic

View

CVE-2005-1649 EXPLOITDB c VERIFIED

Microsoft Windows 2003 Server - Denial of Service

The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the "Land" vulnerability (CVE-1999-0016).

by RusH

View

CVE-2005-0700 EXPLOITDB c VERIFIED

Aztek Forum 4.0 - Info Disclosure

The export_index action in myadmin.php for Aztek Forum 4.0 allows remote attackers to obtain database files, possibly by setting the ATK_ADMIN cookie.

by sirius_black

View

CVE-2005-0582 EXPLOITDB c VERIFIED

Broadcom License Software - Buffer Overflow

Buffer overflow in Computer Associates (CA) License Client 0.1.0.15 allows remote attackers to execute arbitrary code via a long filename in a PUTOLF request.

by class101

View

CVE-2005-0438 EXPLOITDB c VERIFIED

AWStats 6.3-6.4 - Info Disclosure

awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter.

by omin0us

View

CVE-2005-0621 EXPLOITDB c VERIFIED

Enlight Software Scrapland - Denial of Service

Scrapland 1.0 and earlier allows remote attackers to cause a denial of service (server termination) by triggering an error, which is treated as a fatal error by the server, as demonstrated using (1) signed integers for size values, (2) an invalid model, (3) a "newpos" value that is less than or equal to a size value, or (4) partial packets.

by Luigi Auriemma

View

EIP-2026-110966 EXPLOITDB c VERIFIED

phpBB 2.0.x - Authentication Bypass (1)

by Paisterist

View