Exploitdb Exploits
3,138 exploits tracked across all sources.
Microsoft Windows 2000 - Denial of Service via Malformed Data to Microsoft-DS Port
LANMAN service on Microsoft Windows 2000 allows remote attackers to cause a denial of service (CPU/memory exhaustion) via a stream of malformed data to microsoft-ds port 445.
by Daniel Nystrom
3Cdaemon 2.0 - Buffer Overflow via Long FTP Commands
Buffer overflow in 3Cdaemon 2.0 FTP server allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long commands such as login.
by MaD SKiLL
Internet Information Server 4.0 and 5.0 - Buffer Overflow in Chunked Encoding Transfer Mechanism
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
by hsj
OpenBSD <3.1 - Privilege Escalation
mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.
by Przemyslaw Frasunek
Internet Information Server 4.0 and 5.0 - Buffer Overflow in Chunked Encoding Transfer Mechanism
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
by NeMeS||y
Internet Information Server 4.0 and 5.0 - Buffer Overflow in Chunked Encoding Transfer Mechanism
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
by CHINANSL Security Team
Solaris 2.6-8 - Buffer Overflow via Xsun -co Argument
Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument.
by gloomy
Oracle Database Server 8.1.5 - Buffer Overflow via Long Command Line Argument
Buffer overflow in tnslsnr of Oracle 8i Database Server 8.1.5 for Linux allows local users to execute arbitrary code as the oracle user via a long command line argument.
by the itch
Linux kernel <2.2.20 & <2.4.18 - Path Traversal
The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories.
by cliph
Progress Database 8.3D and 9.1C - Buffer Overflow via Multiple Executables
Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump.
by kf
Trend Micro InterScan VirusWall HTTP proxy 3.6 - Open Redirect
Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients.
by Jochen Thomas Bauer
Menasoft SPHERE server 0.99x and 0.5x - Unauthenticated Denial of Service via Connection Flood
Menasoft SPHERE server 0.99x and 0.5x allows remote attackers to cause a denial of service by establishing a large number of connections to the server without providing login credentials, which prevents other users from being able to log in.
by H Zero Seven
Galacticomm Worldgroup <= 3.20 - Buffer Overflow via Long HTTP GET Request
Buffer overflow in Galacticomm Worldgroup web server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long HTTP GET request.
by Limpid Byte
Galacticomm Worldgroup <= 3.20 - Buffer Overflow via FTP LIST Command
Buffer overflow in Galacticomm Worldgroup FTP server 3.20 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a LIST command containing a large number of / (slash), * (wildcard), and .. characters.
by Limpid Byte
xtell < 1.91.1 and 2.x < 2.7 - Remote Code Execution via Buffer Overflow
Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the xtell request.
by spybreak
Ecartis 1.0.0 - Buffer Overflow via Long Command Line Argument
Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c, or possibly via bad uses of sprintf() in (2) moderate.c, (3) lcgi.c, (4) fileapi.c, (5) cookie.c, (6) codes.c, or other files.
by the itch
Ecartis 1.0.0 - Buffer Overflow via Long Command Line Argument
Buffer overflows in Ecartis (formerly Listar) 1.0.0 in snapshot 20020427 and earlier allow local users to gain privileges via (1) a long command line argument, which is not properly handled in core.c, or possibly via bad uses of sprintf() in (2) moderate.c, (3) lcgi.c, (4) fileapi.c, (5) cookie.c, (6) codes.c, or other files.
by the itch
Century Software TERM - Local Buffer Overflow via Long tty Argument
Buffer overflow in Century Software TERM allows local users to gain root privileges via a long tty argument to the callin program.
by Haiku Hacker
Squid < 2.4_stable_3 - DoS and RCE via FTP URL with Excessive Special Characters
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
by gunzip
Apache HTTP Server - Directory Listing via Excessive Slash Characters
The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1) mod_negotiation, (2) mod_dir, or (3) mod_autoindex.
by st0ic
Phusion Web Server 1.0 - Buffer Overflow via Long HTTP Request
Buffer overflow in Phusion web server 1.0 allows remote attackers to cause a denial of service and execute arbitrary code via a long HTTP request.
by Alex Hernandez
icecast <= 1.3.11 - Remote Code Execution via Long HTTP GET Request
Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client.
by dizznutt
Ettercap <= 0.6.3.1 - Remote Code Execution via Large Packet Buffer Overflow
Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, when running on networks with an MTU greater than 2000, allows remote attackers to execute arbitrary code via large packets.
by FermÃn J. Serna
SNMP - Denial of Service or Privilege Escalation via SNMPv1 Request Handling
Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available.
by kundera
Apple QuickTime 5.01-5.02 - Remote Code Execution via Long Content-Type MIME Header
Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header.
by UNYUN
By Source