Exploitdb Exploits

3,138 exploits tracked across all sources.

Sort: Activity Stars
CVE-2002-0813 EXPLOITDB c VERIFIED
Cisco IOS 11.1-11.3 - Heap-Based Buffer Overflow via TFTP Long Filename
Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename.
by FX
CVE-2002-1076 EXPLOITDB c VERIFIED
Ipswitch IMail - Buffer Overflow via Long HTTP GET Request
Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0.
by anonymous
CVE-2002-2306 EXPLOITDB c VERIFIED
KaZaA Media Desktop 1.7.1 - Denial of Service via Large Messages
Sharman Networks KaZaA Media Desktop 1.7.1 allows remote attackers to cause a denial of service (CPU consumption) by sending several large messages.
by Josh & omega
CVE-2002-1792 EXPLOITDB c VERIFIED
fake_identd 0.9-1.4 - Remote Code Execution via Long Request Split into Multiple Packets
Buffer overflow in Fake Identd 0.9 through 1.4 allows remote attackers to execute arbitrary code as root via a long request that is split into multiple packets.
by Jedi/Sector
CVE-2002-0814 EXPLOITDB c VERIFIED
VMware GSX Server 2.0.0 build-2050 - Authenticated Buffer Overflow via Long GLOBAL Argument
Buffer overflow in VMware Authorization Service for VMware GSX Server 2.0.0 build-2050 allows remote authenticated users to execute arbitrary code via a long GLOBAL argument.
by Zag & Glcs
CVE-2002-0280 EXPLOITDB c VERIFIED
CodeBlue < 4 - Remote Code Execution via SMTP Reply Buffer Overflow
Buffer overflow in CodeBlue 4 and earlier, and possibly other versions, allows remote attackers to execute arbitrary code via a long string in an SMTP reply.
by doe
CVE-2002-1072 EXPLOITDB c VERIFIED
ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01) - Denial of Service via Oversized ICMP Packet
ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01), allows remote attackers to cause a denial of service via an oversized, fragmented "jolt" style ICMP packet.
by Jeff w. Roberson
CVE-2002-1059 EXPLOITDB c VERIFIED
SecureCRT < 3.4.6 and 4.x < 4.0 beta 3 - Remote Code Execution via Long SSH1 Protocol Version String
Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6, and 4.x before 4.0 beta 3, allows an SSH server to execute arbitrary code via a long SSH1 protocol version string.
by andrea lisci
CVE-2002-1059 EXPLOITDB c VERIFIED
SecureCRT < 3.4.6 and 4.x < 4.0 beta 3 - Remote Code Execution via Long SSH1 Protocol Version String
Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6, and 4.x before 4.0 beta 3, allows an SSH server to execute arbitrary code via a long SSH1 protocol version string.
by Kyuzo
CVE-2002-2309 EXPLOITDB c VERIFIED
PHP 3.0-4.2.2 - Denial of Service via Direct Request Without Arguments
php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.
by Matthew Murphy
CVE-2002-1057 EXPLOITDB c VERIFIED
SmartMax MailMax POP3 Daemon 4.8 - Remote Code Execution via Long USER Command
Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows remote attackers to execute arbitrary code via a long USER command.
by anonymous
CVE-2002-1073 EXPLOITDB c VERIFIED
MERCUR Mailserver 4.2 - Remote Code Execution via Long Password Buffer Overflow
Buffer overflow in the control service for MERCUR Mailserver 4.2 allows remote attackers to execute arbitrary code via a long password.
by anonymous
CVE-2002-1014 EXPLOITDB c VERIFIED
RealJukebox 2 and RealOne Player - Buffer Overflow via RFS Skin File
Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long value in a CONTROLnImage argument, such as CONTROL1Image.
by UNYUN
EIP-2026-100963 EXPLOITDB c VERIFIED
ATPhttpd 0.4b - Remote Buffer Overflow
by badc0ded
CVE-2002-1973 EXPLOITDB c VERIFIED
Microsoft Foundation Class Library - Buffer Overflow in CHttpServer::OnParseError via Long Query String
Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attackers to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error.
by Matthew Murphy
EIP-2026-102647 EXPLOITDB c VERIFIED
Linux Kernel 2.4.18/2.4.19 - Privileged File Descriptor Resource Exhaustion (Denial of Service)
by Paul Starzetz
CVE-2002-2195 EXPLOITDB c VERIFIED
Winamp 2.80 - Buffer Overflow via Version Update Check
Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response.
by anonymous
CVE-2002-0994 EXPLOITDB c VERIFIED
SunPCi II VNC - Weak Authentication Scheme
SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.
by Richard van den Berg
CVE-2002-1814 EXPLOITDB c VERIFIED
Bonobo - Buffer Overflow via Long Command Line Arguments
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
by N4rK07IX
CVE-2000-0284 EXPLOITDB c VERIFIED
University of Washington imapd 4.7 - Authenticated Buffer Overflow via LIST Command
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
by Teso
CVE-2002-0652 EXPLOITDB c VERIFIED
IRIX 6.5-6.5.16 - Remote Code Execution via XFSMD Popen Shell Metacharacter Injection
xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs().
by Last Stage of Delirium
CVE-2002-1447 EXPLOITDB c VERIFIED
UNIX VPN Client <3.5.2 - Privilege Escalation
Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain administrative privileges via a long profile name in a connect argument.
by methodic
CVE-2003-0281 EXPLOITDB c VERIFIED
Firebird < 1.5 - Buffer Overflow via Long INTERBASE Environment Variable
Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop.
by bob
CVE-2002-0392 EXPLOITDB c VERIFIED
Apache HTTP Server 1.3-1.3.24 & 2.0-2.0.36 - DoS & RCE via Chunk-Encoded Request
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
by Gobbles Security
CVE-2002-0392 EXPLOITDB c VERIFIED
Apache HTTP Server 1.3-1.3.24 & 2.0-2.0.36 - DoS & RCE via Chunk-Encoded Request
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
by Gobbles Security
By Source
All 3,138 Writeup 62,482 Exploitdb 50,076 Nomisec 22,450 Github 3,674 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,597 ruby 6,006 c 3,631 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25