Exploitdb Exploits
2,814 exploits tracked across all sources.
HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (2)
by digitalmunition
Webmin - Access Control
The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests.
by Noam Rathaus
Perl 5.003 - RCE
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request.
by Dan Elder
Lynx <2.8.4 - CRLF Injection
CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters.
by Ulf Harnhammar
MyWebServer 1.0.2 - RCE
Buffer overflow in the search capability for MyWebServer 1.0.2 allows remote attackers to execute arbitrary code via a long searchTarget parameter.
by D4rkGr3y
ISDN4Linux - Privilege Escalation
Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a call to syslog.
by TESO Security
Qualcomm Eudora - Path Traversal
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).
by Paul Szabo
Qualcomm Eudora - Path Traversal
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).
by Paul Szabo
Qualcomm Eudora - Buffer Overflow
Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a multi-part message with a long boundary string.
by Kanatoko
Software602 602pro Lan Suite - Denial of Service
The Telnet proxy of 602Pro LAN SUITE 2002 does not restrict the number of outstanding connections to the local host, which allows remote attackers to create a denial of service (memory consumption) via a large number of connections.
by Stan Bubrouski
Trillian 0.x IRC Module - Remote Buffer Overflow
by John C. Hennessy
Freebsd Point-to-point Protocol Daemon - Symlink Following
BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device.
by Sebastian Krahmer
Microsoft Internet Explorer - Buffer Overflow
Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response.
InterScan VirusWall 3.52 build 1462 - Auth Bypass
InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass virus protection via e-mail messages with headers that violate RFC specifications by having (or missing) space characters in unexpected places (aka "space gap"), such as (1) Content-Type :", (2) "Content-Transfer-Encoding :", (3) no space before a boundary declaration, or (4) "boundary= ", which is processed by Outlook Express.
by SecuriTeam
HP Tru64 UNIX <5.1a-4.0f - Buffer Overflow
Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession.
by stripey
Worldspan Res Manager - Denial of Service
Res Manager in Worldspan for Windows Gateway 4.1 allows remote attackers to cause a denial of service (crash) via a malformed request to TCP port 17990.
by altomo
dxterm - Buffer Overflow
Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument.
by stripey
HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (1)
by stripey
Analogx Proxy - Buffer Overflow
Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long HTTP request to TCP port 6588 or (2) a SOCKS 4A request to TCP port 1080 with a long DNS hostname.
by Kanatoko
Gnome Bonobo - Buffer Overflow
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
by andrea lisci
Gnome Bonobo - Buffer Overflow
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
by clorox
Firebird <1.5 - Buffer Overflow
Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop.
by stripey
Ehud Gavron TrACESroute 6.1.1 - Terminator Function Format String
by stringz
WebBBS 4-5.0 - Command Injection
webbbs_post.pl in WebBBS 4 and 5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the followup parameter.
by NERF Security
IBM Informix - Buffer Overflow
Buffer overflow in sqlexec for Informix SE-7.25 allows local users to gain root privileges via a long INFORMIXDIR environment variable.
by pHrail
By Source