Perl Exploits
2,854 exploits tracked across all sources.
Tftpd32 < 2.21 - Memory Corruption
Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote attackers to execute arbitrary code via a long filename argument.
by Aviram Jenik
Curtis Specialty Consulting Iispop - Memory Corruption
Buffer overflow in IISPop email server 1.161 and 1.181 allows remote attackers to cause a denial of service (crash) via a long request to the POP3 port (TCP port 110).
by securma massine
Perception LiteServe <2.0.1 - Info Disclosure
Perception LiteServe 2.0 through 2.0.1 allows remote attackers to obtain the source code of CGI scripts via an HTTP request with a trailing dot (".").
by mattmurphy
KEY Focus KF Web Server - Path Traversal
Directory traversal vulnerability in KeyFocus web server 1.0.8 allows remote attackers to read arbitrary files for recognized MIME type files via "...", "....", ".....", and other multiple dot sequences.
by mattmurphy
Pserv 2.0 - HTTP Request Parsing Buffer Overflow
by Matthew Murphy
Virtualzone Smartmail Server - Denial of Service
SmartMail Server 2.0 allows remote attackers to cause a denial of service (crash) by sending data and closing the connection before all the data has been sent.
by securma massine
Virtualzone Smartmail Server - Buffer Overflow
Buffer overflow in SmartMail Server 1.0 Beta 10 allows remote attackers to cause a denial of service (crash) via a long request to (1) TCP port 25 (SMTP) or (2) TCP port 110 (POP3).
by securma massine
html2ps 1.0 - RCE
Unknown vulnerability in html2ps HTML/PostScript converter 1.0, when used within LPRng, allows remote attackers to execute arbitrary code via "unsanitized input."
by Sebastian Krahmer
SolarWinds TFTP server <5.0.55 - DoS
SolarWinds TFTP server 5.0.55 and earlier allows remote attackers to cause a denial of service (crash) via a large UDP datagram, possibly triggering a buffer overflow.
by D4rkGr3y
PlanetDNS PlanetWeb 1.14 - Remote Buffer Overflow
by securma massine
Cisco Catalyst <7.3 - Buffer Overflow
Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.
by blackangels
Microsoft Outlook Express <6.0 - RCE
Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote attackers to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views or previews the message.
by Noam Rathaus
PowerFTP <2.24 - RCE/DoS
Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument.
by subj
Monkey - Path Traversal
Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences.
by DownBload
PlanetDNS PlanetWeb <1.14 - RCE
Buffer overflow in PlanetDNS PlanetWeb 1.14 and earlier allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long URL or (2) a request with a long method name.
by UkR-XblP
HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (2)
by digitalmunition
Webmin - Access Control
The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests.
by Noam Rathaus
Perl 5.003 - RCE
The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request.
by Dan Elder
Lynx <2.8.4 - CRLF Injection
CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters.
by Ulf Harnhammar
MyWebServer 1.0.2 - RCE
Buffer overflow in the search capability for MyWebServer 1.0.2 allows remote attackers to execute arbitrary code via a long searchTarget parameter.
by D4rkGr3y
ISDN4Linux - Privilege Escalation
Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a call to syslog.
by TESO Security
Qualcomm Eudora - Path Traversal
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).
by Paul Szabo
Qualcomm Eudora - Path Traversal
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).
by Paul Szabo
Qualcomm Eudora - Buffer Overflow
Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a multi-part message with a long boundary string.
by Kanatoko
Software602 602pro Lan Suite - Denial of Service
The Telnet proxy of 602Pro LAN SUITE 2002 does not restrict the number of outstanding connections to the local host, which allows remote attackers to create a denial of service (memory consumption) via a large number of connections.
by Stan Bubrouski
By Source