Exploitdb Exploits
2,809 exploits tracked across all sources.
Apache Tomcat 4.0-4.1.12 with mod_jk 1.2.1 - Denial of Service via Invalid Chunked Transfer-Encoding
Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.
by Sapient2003
Pserv 2.0 - User-Agent HTTP Header Buffer Overflow (1)
by Sapient2003
XFS font server <9 - Buffer Overflow
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
by TESO Security
WSMP3 0.0.1/0.0.2 - Remote Heap Corruption (1)
by Damian Myerscough
Zeroo http_server 1.5 - Path Traversal via URL GET Request
Directory traversal vulnerability in Zeroo web server 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL GET request.
by mattmurphy
tftpd32 < 2.21 - Remote Code Execution via Long Filename
Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote attackers to execute arbitrary code via a long filename argument.
by Aviram Jenik
IISPop 1.161 and 1.181 - Denial of Service via Long POP3 Request
Buffer overflow in IISPop email server 1.161 and 1.181 allows remote attackers to cause a denial of service (crash) via a long request to the POP3 port (TCP port 110).
by securma massine
Perception LiteServe <2.0.1 - Info Disclosure
Perception LiteServe 2.0 through 2.0.1 allows remote attackers to obtain the source code of CGI scripts via an HTTP request with a trailing dot (".").
by mattmurphy
KeyFocus kf_web_server 1.0.8 - Path Traversal via Multiple Dot Sequences
Directory traversal vulnerability in KeyFocus web server 1.0.8 allows remote attackers to read arbitrary files for recognized MIME type files via "...", "....", ".....", and other multiple dot sequences.
by mattmurphy
Pserv 2.0 - HTTP Request Parsing Buffer Overflow
by Matthew Murphy
SmartMail Server 2.0 - Denial of Service via Early Connection Termination
SmartMail Server 2.0 allows remote attackers to cause a denial of service (crash) by sending data and closing the connection before all the data has been sent.
by securma massine
SmartMail Server 1.0 Beta 10 - Denial of Service via Long SMTP or POP3 Request
Buffer overflow in SmartMail Server 1.0 Beta 10 allows remote attackers to cause a denial of service (crash) via a long request to (1) TCP port 25 (SMTP) or (2) TCP port 110 (POP3).
by securma massine
html2ps 1.0 - Remote Code Execution
Unknown vulnerability in html2ps HTML/PostScript converter 1.0, when used within LPRng, allows remote attackers to execute arbitrary code via "unsanitized input."
by Sebastian Krahmer
SolarWinds TFTP server <5.0.55 - DoS
SolarWinds TFTP server 5.0.55 and earlier allows remote attackers to cause a denial of service (crash) via a large UDP datagram, possibly triggering a buffer overflow.
by D4rkGr3y
PlanetDNS PlanetWeb 1.14 - Remote Buffer Overflow
by securma massine
Cisco Catalyst <7.3 - Buffer Overflow
Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.
by blackangels
Microsoft Outlook Express <6.0 - RCE
Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote attackers to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views or previews the message.
by Noam Rathaus
PowerFTP 2.24 - Buffer Overflow via Long USER Argument
Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument.
by subj
Monkey HTTP Daemon 0.1.4 - Path Traversal via Dot Dot Sequences
Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences.
by DownBload
PlanetDNS PlanetWeb < 1.14 - Remote Code Execution via Long URL or Method Name
Buffer overflow in PlanetDNS PlanetWeb 1.14 and earlier allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long URL or (2) a request with a long method name.
by UkR-XblP
HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (2)
by digitalmunition
Webmin 0.21-0.99 - Unauthenticated Arbitrary File Read/Write and Remote Code Execution via RPC Module
The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests.
by Noam Rathaus
Novell NetWare 5.1 and 6 - Remote Code Execution via Perl Web Handler
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request.
by Dan Elder
Lynx <2.8.4 - CRLF Injection
CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters.
by Ulf Harnhammar
MyWebServer 1.0.2 - Remote Code Execution via Long searchTarget Parameter
Buffer overflow in the search capability for MyWebServer 1.0.2 allows remote attackers to execute arbitrary code via a long searchTarget parameter.
by D4rkGr3y
By Source