Exploitdb Exploits

3,149 exploits tracked across all sources.

Sort: Activity Stars
CVE-2002-2400 EXPLOITDB c VERIFIED
Hughes Technologies Libhttpd - Memory Corruption
Buffer overflow in the httpdProcessRequest function in LibHTTPD 1.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP POST request.
by Xpl017Elz
CVE-2002-1549 EXPLOITDB c VERIFIED
Light HTTPd 0.1 - RCE
Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.
by uid0x00
CVE-2002-1549 EXPLOITDB c VERIFIED
Light HTTPd 0.1 - RCE
Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.
by Xpl017Elz
CVE-2002-1364 EXPLOITDB c VERIFIED
Traceroute-nanog - Buffer Overflow
Buffer overflow in the get_origin function in traceroute-nanog allows attackers to execute arbitrary code via long WHOIS responses.
by Carl Livitt
CVE-2002-1220 EXPLOITDB c VERIFIED
BIND <8.3.4 - DoS
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.
by spybreak
CVE-2002-1983 EXPLOITDB c VERIFIED
QNX Rtos - Denial of Service
The timer implementation in QNX RTOS 6.1.0 allows local users to cause a denial of service (hang) and possibly execute arbitrary code by creating multiple timers with a 1-ms tick.
by Pawel Pisarczyk
CVE-2002-0991 EXPLOITDB c VERIFIED
HP Cifs-9000 Server - Buffer Overflow
Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters.
by watercloud
EIP-2026-101293 EXPLOITDB c VERIFIED
GlobalSunTech Access Point GL2422AP-0T - Information Disclosure
by Tom Knienieder
CVE-2002-1250 EXPLOITDB c VERIFIED
Abuse <2.00 - Privilege Escalation
Buffer overflow in Abuse 2.00 and earlier allows local users to gain root privileges via a long -net command line argument.
by Girish
CVE-2002-1561 EXPLOITDB c VERIFIED
Windows <XP - DoS
The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference.
by Trancer
CVE-2002-1561 EXPLOITDB c VERIFIED
Windows <XP - DoS
The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a denial of service (disabled RPC service) via a malformed packet to the RPC Endpoint Mapper at TCP port 135, which triggers a null pointer dereference.
by lion
CVE-2002-1911 EXPLOITDB c VERIFIED
Zonelabs Zonealarm - Denial of Service
ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue.
by Abraham Lincoln
CVE-2002-1230 EXPLOITDB c VERIFIED
NetDDE Agent - RCE
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."
by Serus
CVE-2002-1230 EXPLOITDB c VERIFIED
NetDDE Agent - RCE
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demonstrated by GetAd, aka "Flaw in Windows WM_TIMER Message Handling Could Enable Privilege Elevation."
by Serus
CVE-2002-0693 EXPLOITDB c VERIFIED
Microsoft Windows 2000 - Buffer Overflow
Buffer overflow in the HTML Help ActiveX Control (hhctrl.ocx) in Microsoft Windows 98, 98 Second Edition, Millennium Edition, NT 4.0, NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute code via (1) a long parameter to the Alink function, or (2) script containing a long argument to the showHelp function.
by ipxodi
CVE-2001-0820 EXPLOITDB c VERIFIED
Gaztek Ghttp - Buffer Overflow
Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to execute arbitrary code via long arguments that are passed to (1) the Log function in util.c, or (2) serveconnection in protocol.c.
by flea
CVE-2002-1522 EXPLOITDB c VERIFIED
PowerFTP <2.24 - RCE/DoS
Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument.
by Morgan
EIP-2026-103171 EXPLOITDB c VERIFIED
MySQL 3.20.32/3.22.x/3.23.x - Null Root Password Weak Default Configuration (2)
by st0ic
CVE-2002-1816 EXPLOITDB CRITICAL c VERIFIED
Redshift Atphttpd < 0.4b - Buffer Overflow
Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ATPhttpd 0.4b and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
by thread
CVSS 9.8
CVE-2002-0838 EXPLOITDB c VERIFIED
GV - Buffer Overflow
Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScript file, which is processed by an unsafe call to sscanf.
by infamous42md
CVE-2002-0838 EXPLOITDB c VERIFIED
GV - Buffer Overflow
Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScript file, which is processed by an unsafe call to sscanf.
by zen-parse
CVE-2002-1514 EXPLOITDB c VERIFIED
Borland InterBase - Privilege Escalation
gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file.
by grazer
CVE-2002-1850 EXPLOITDB HIGH c VERIFIED
Apache HTTP Server - Improper Locking
mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI script.
by K.C. Wong
CVSS 7.5
CVE-2002-1496 EXPLOITDB c VERIFIED
Null HTTP Server <0.5.0 - Buffer Overflow
Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to execute arbitrary code via a negative value in the Content-Length HTTP header.
by eSDee
CVE-2002-1487 EXPLOITDB c VERIFIED
Trillian <0.74 - DoS
The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service (crash) by sending the raw messages (1) 206, (2) 211, (3) 213, (4) 214, (5) 215, (6) 217, (7) 218, (8) 243, (9) 302, (10) 317, (11) 324, (12) 332, (13) 333, (14) 352, and (15) 367.
by Lance Fitz-Herbert
By Source
All 3,149 Exploitdb 50,130 Writeup 46,870 Nomisec 21,221 Metasploit 3,189 Github 2,316 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,346 ruby 5,920 python 5,770 c 3,560 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 74 go 43 postscript 25 xml 24