Perl Exploits
2,849 exploits tracked across all sources.
Technote - Directory Traversal via Filename Parameter
Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter.
by Ksecurity
Solaris 2.7-2.8 - Local Privilege Escalation
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.
by lwc
Solaris 2.7-2.8 - Local Privilege Escalation
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.
by Shane Hird
Solaris - Local Privilege Escalation
patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack.
by Larry W. Cashdollar
Cisco Catalyst 4000 5000 6000 - Denial of Service via SSH Protocol Mismatch
Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error.
by blackangels
rp-pppoe - Denial of Service via Clamp MSS Option
rp-pppoe PPPoE client allows remote attackers to cause a denial of service via the Clamp MSS option and a TCP packet with a zero-length TCP option.
by dethy
WatchGuard SOHO FireWall <2.2.1 - DoS
WatchGuard SOHO FireWall 2.2.1 and earlier allows remote attackers to cause a denial of service via a large number of GET requests.
by Filip Maertens
Cisco CatOS - Denial of Service via Failed Telnet Authentication Attempts
Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts.
by blackangels
RedHat 6.2 /usr/bin/rcp - 'SUID' Local Privilege Escalation
by Tlabs
Microsys CyberPatrol - Info Disclosure
Microsys CyberPatrol uses weak encryption (trivial encoding) for credit card numbers and uses no encryption for the remainder of the information during registration, which could allow attackers to sniff network traffic and obtain this sensitive information.
by Joey Maier
Solaris 2.7-2.8 - Local Privilege Escalation
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.
by Vapid Labs
Solaris 2.7-2.8 - Local Privilege Escalation
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.
by Vapid Labs
Internet Information Server 4.0-5.0 - Path Traversal and Remote Code Execution via Unicode-Encoded URL
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
by Roelof Temmingh
Internet Information Server 4.0-5.0 - Path Traversal and Remote Code Execution via Unicode-Encoded URL
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
by steeLe
UtilMind Mail List 1.7 - Users Can Execute Commands
by teleh0r
Red Hat Linux 6.2 - Privilege Escalation
restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.
by Tlabs
Poll It 2.01 - Unauthenticated Admin Access via Password Parameter Bypass
pollit.cgi in Poll It 2.01 and earlier allows remote attackers to access administrative functions without knowing the real password by specifying the same value to the entered_password and admin_password parameters.
by keelis
DCForum - Unauthenticated Arbitrary File Read and Program Deletion via Malformed Forum Variable
DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable.
by steeLe
Debian 2.x / RedHat 6.2 / IRIX 5/6 / Solaris 2.x - Mail Reply-To Field
by Gregory Duchemin
Cisco Virtual Central Office 4000 < 5.1.3 - Weak Encryption in SNMP MIB
Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges.
by @stake
Cisco Catalyst 3500 XL - Unauthenticated Remote Code Execution via /exec/ Directory
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.
by blackangels
Internet Information Server 4.0-5.0 - Path Traversal and Remote Code Execution via Unicode-Encoded URL
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
by Roelof Temmingh
Internet Information Server 4.0-5.0 - Path Traversal and Remote Code Execution via Unicode-Encoded URL
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
by Andrea Spabam
By Source