C Exploits
3,628 exploits tracked across all sources.
SGI IRIX - Buffer Overflow in Login via Telnet/Rlogin Arguments
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
by Marco Ivaldi
Solaris 8.0-9.0 - Privilege Escalation
Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors.
by Marco Ivaldi
SCO Open UNIX and UnixWare - Buffer Overflow via DTHELPUSERSEARCHPATH or DTSEARCHPATH Environment Variable
Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.
by Marco Ivaldi
SCO Open UNIX and UnixWare - Buffer Overflow via DTHELPUSERSEARCHPATH or DTSEARCHPATH Environment Variable
Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.
by Marco Ivaldi
Solaris 2.6-9 - Local Privilege Escalation via LD_PRELOAD Environment Variable
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.
by Marco Ivaldi
MySQL 4.0.17 (Linux) - User-Defined Function (UDF) Dynamic Library (1)
by Marco Ivaldi
Linux kernel <2.x - Privilege Escalation
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
by Marco Ivaldi
SHOUTcast 1.9.4 - Remote Code Execution via Format String in Content URL
Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.
by pucik
SLMail 5.1.0.4420 - Buffer Overflow
Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server.
by Ivan Ivanovic
Snort - Denial of Service via Invalid TCP/IP Options in DecodeTCPOptions
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
by Antimatt3r
Snort - Denial of Service via Invalid TCP/IP Options in DecodeTCPOptions
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
by Marcin Zgorecki
SLMail 5.1.0.4420 - Buffer Overflow
Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server.
by Haroon Rashid Astwat
Ultrix dxterm 4.5 - Buffer Overflow via Long -setup Parameter
Buffer overflow in dxterm in Ultrix 4.5 allows local users to execute arbitrary code via a long -setup parameter.
by Kristoffer Brånemyr
IBM AIX 5.1-5.3 - Local Buffer Overflow via Long Username
Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username.
by cees-bart
PHP 4.3.9 + phpBB 2.x - 'Unserialize()' Remote Information Leak
by overdose
Ability Server 2.34 - 'APPE' Remote Buffer Overflow
by darkeagle
WinRAR 3.40 - Remote Code Execution via ZIP File with Long Filename
WinRAR 3.40, and possibly earlier versions, allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, possibly causing an integer overflow that leads to a buffer overflow.
by Vafa Khoshaein
Linux Kernel < 2.6.10 - Denial of Service via vc_resize Integer Overflow
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.
by Georgi Guninski
Linux Kernel 2.4.28/2.6.9 - Memory Leak Local Denial of Service
by Georgi Guninski
Linux Kernel < 2.6.10 - Denial of Service via ip_options_get Memory Leak
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
by Georgi Guninski
OpenText FirstClass 7.1 and 8.0 - Denial of Service via POST Requests to /Search
The HTTP daemon in OpenText FirstClass 7.1 and 8.0 allows remote attackers to cause a denial of service (service availability loss) via a large number of POST requests to /Search.
by dila
MPlayer 0.9/1.0 - MMST Get_Header Remote Client-Side Buffer Overflow
by Ariel Berkman
Ricoh Aficio 450/455 PCL 5e Printer - ICMP Denial of Service
by x90c
By Source