Exploitdb Exploits
3,138 exploits tracked across all sources.
rsync < 2.5.7 - Buffer Overflow via RSYNC_PROXY Environment Variable
Buffer overflow in the open_socket_out function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long RSYNC_PROXY environment variable. NOTE: since rsync is not setuid, this issue does not provide any additional privileges beyond those that are already available to the user. Therefore this issue may be REJECTED in the future.
by Abhisek Datta
Crob FTP Server 3.5.2 - Denial of Service via Repeated Connection/Disconnection
Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of service (crash) by repeatedly connecting to and disconnecting from the server.
by gsicht
Dream FTP 1.02 - Denial of Service via Format String in PASS or RETR Commands
Format string vulnerability in Dream FTP 1.02 allows local users to cause a denial of service (crash) via format string specifiers in the (1) PASS or (2) RETR commands.
by Skylined
palmhttpd - Denial of Service via Simultaneous HTTP Connections
palmhttpd for PalmOS allows remote attackers to cause a denial of service (crash) by establishing two simultaneous HTTP connections, which exceeds the PalmOS accept queue.
by shaun2k2
Nadeo Game Engine - Denial of Service via Malformed TCP Data to Port 2350
Nadeo Game Engine for Nadeo TrackMania and Nadeo Virtual Skipper 3 allows remote attackers to cause a denial of service (server crash) via malformed data to TCP port 2350, possibly due to long values or incorrect size fields.
by scrap
Dream FTP 1.02 - Remote Code Execution via Format String in Username
Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the username.
by shaun2k2
Linux-VServer 1.24 - Privilege Escalation
Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command.
by Markus Mueller
0verkill 0.15pre3 - Multiple Buffer Overflow in load_cfg, save_cfg, send_message, and parse_command_line
Multiple buffer overflows in Overkill (0verkill) 0.15pre3 might allow local users to execute arbitrary code in the client via a long HOME environment variable in the (1) load_cfg and (2) save_cfg functions; possibly allow remote attackers to execute arbitrary code via long strings to (3) the send_message function; and, in the server, via (4) the parse_command_line function.
by pi3ki31ny
Serv-U FTP Server <4.2 - Buffer Overflow
Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename.
by Skylined
Serv-U FTP Server <4.2 - Buffer Overflow
Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename.
by lion
Serv-U FTP Server <4.2 - Buffer Overflow
Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename.
Serv-U FTP Server <4.2 - Buffer Overflow
Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename.
by mandragore
Need for Speed Hot Pursuit 2.0 <242 - Buffer Overflow
Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), version 242 and earlier, allows remote attackers (servers) to execute arbitrary code via long (1) gamename, (2) gamever, (3) hostname, (4) gametype, (5) mapname or (6) gamemode commands.
by Luigi Auriemma
McAfee ePolicy Orchestrator - Denial of Service and Possible Remote Code Execution via Invalid HTTP Content-Length
McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow.
by cyber_flash
SuSE 9.0 - Local Privilege Escalation
The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.
by l0om
Linux kernel 2.4.x < 2.4.21 - Denial of Service and Privilege Escalation via mremap Bounds Check Bypass
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.
by Paul Starzetz
lionmax software www file share pro 2.4x - Multiple Vulnerabilities (2)
by Luigi Auriemma
lionmax software www file share pro 2.4x - Multiple Vulnerabilities (1)
by Luigi Auriemma
lftp <= 2.6.9 - Remote Code Execution via Long Directory Names in ls or rels Commands
Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.
by Li0n7
KAME racoon - Remote Certificate Deletion via Malformed Hash Handling
KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c.
by Thomas Walpuski
HD Soft Windows FTP Server <1.6 - RCE
Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function.
by mandragore
Kroum Grigorov KpyM Telnet Server 1.0 - Remote Denial of Service
by NoRpiuS
Linux kernel 2.4.x < 2.4.21 - Denial of Service and Privilege Escalation via mremap Bounds Check Bypass
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.
by Christophe Devine
Linux kernel 2.4.x < 2.4.21 - Denial of Service and Privilege Escalation via mremap Bounds Check Bypass
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.
by Christophe Devine
YaSoft Switch Off <= 2.3 - Authenticated Stack-Based Buffer Overflow via SendMsg Action
Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote authenticated users to execute arbitrary code via a long message parameter in a SendMsg action to action.htm.
by MrNice
By Source