Exploitdb Exploits
3,149 exploits tracked across all sources.
SuSE Linux 8.2Pro - Local Privilege Escalation
SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file.
by Nash Leon
slocate <2.6 - Buffer Overflow
Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.
by Patrik Hornik
ProFTPD <1.2.9rc2 - Buffer Overflow
ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files.
by bkbll
Microsoft Windows XP/2000 - PostThreadMessage() Arbitrary Process Killing
by Brett Moore
Silly Poker 0.25.5 - Local HOME Environment Variable Buffer Overrun
by demz
Webfs <1.20 - Buffer Overflow
Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname.
by jsk
Mah-Jong 1.4 - MJ-Player Server Flag Local Buffer Overflow
by jsk
IBM DB2 Universal Data Base <7.2 - Buffer Overflow
Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument.
by Juan Escriba
Marbles <1.0.2 - Privilege Escalation
Buffer overflow in marbles 1.0.2 and earlier allows local users to gain privileges via a long HOME environment variable.
by demz
cfengine <2.0.8 - Buffer Overflow
Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function.
by jsk
mpg123 <0.59 - Buffer Overflow
Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request.
by V9
ProFTPD <1.2.9rc2 - Buffer Overflow
ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files.
by netris
hztty 2.0 - Buffer Overflow
Multiple buffer overflows in hztty 2.0 allow local users to gain root privileges.
by c0wboy
Windows 2000 SP3-SP4 - DoS
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
by Flashsky
Knox Software Arkeia Server Backup - Buffer Overflow
Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 77 request.
by anonymous
lsh daemon - Buffer Overflow
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack.
by m00 security
lsh daemon - Buffer Overflow
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack.
by Carl Livitt
Sendmail 8.12.9 - Buffer Overflow
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
by Gyan Chawdhary
Microsoft Windows - Buffer Overflow
Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.
by ey4s
PINE <4.58 - RCE
Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type.
by sorbo
Liquid War 5.4.5/5.5.6 - HOME Environment Variable Buffer Overflow
by Angelo Rosiello
MySQL <4.0.14 & <3.23.x - RCE
Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
by bkbll
Windows 2000 SP3-SP4 - DoS
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
by Doke Scott
By Source