C Exploits
3,560 exploits tracked across all sources.
Apache mod_php - Local Privilege Escalation
The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP.
by Steve Grubb
Messenger Service - Buffer Overflow
The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
by MrNice
Dameware Development Mini Remote Control Server - Buffer Overflow
Buffer overflow in DameWare Mini Remote Control before 3.73 allows remote attackers to execute arbitrary code via a long pre-authentication request to TCP port 6129.
by kralor
Dameware Development Mini Remote Control Server - Buffer Overflow
Buffer overflow in DameWare Mini Remote Control before 3.73 allows remote attackers to execute arbitrary code via a long pre-authentication request to TCP port 6129.
by kralor
Dameware Development Mini Remote Control Server - Buffer Overflow
Buffer overflow in DameWare Mini Remote Control before 3.73 allows remote attackers to execute arbitrary code via a long pre-authentication request to TCP port 6129.
by Adik
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0844. Reason: This candidate is a duplicate of CVE-2000-0844. Notes: All CVE users should reference CVE-2000-0844 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
by watercloud
Cyrus IMSP Daemon 1.x - Remote Buffer Overflow
by Carlos Barros
Apache 1.3.x < 2.0.48 mod_userdir - Remote Users Disclosure
by m00
Linux kernel <2.4.22 - Privilege Escalation
Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.
by Wojciech Purczynski
Windows Workstation Service - Buffer Overflow
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API.
by fiNis
Jason Maloney's Guestbook 3.0 - Remote Command Execution
by shaun2k2
Applied Watch Command Center - CSRF
Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using addrule.c.
by Bugtraq Security
Applied Watch Command Center - CSRF
Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using addrule.c.
by Bugtraq Security
Thomson Cablemodem TCM315 - Denial of Service
by Shell security group
GEdit 2.0/2.2 - Large IOStream File Memory Corruption
by MegaHz
OpenBSD 3.3/3.4 - semctl/semop Local Unexpected Array Indexing
by anonymous
mod_gzip 1.3.26.1a - Buffer Overflow
Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header.
by xCrZx
OpenBSD 3.3/3.4 - 'sysctl' Local Denial of Service
by anonymous
Openbsd - Buffer Overflow
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow.
by Sinan Eren
Windows Workstation Service - Buffer Overflow
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API.
by snooq
Windows NT-Server 2003 - Buffer Overflow
Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.
by xCrZx
Microsoft FrontPage Server Extensions <2002 - RCE
Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.
by Adik
TerminatorX 3.81 - Local Stack Overflow / Local Privilege Escalation
by Li0n7
Windows Workstation Service - Buffer Overflow
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API.
by eEYe
By Source