Perl Exploits
2,854 exploits tracked across all sources.
Texas Imperial Software Wftpd - Denial of Service
WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing an MLST command before logging into the server.
by Blue Panda
Microsoft Outlook - Buffer Overflow
Buffer overflow in Microsoft Outlook and Outlook Express allows remote attackers to execute arbitrary commands via a long Date field in an email header, aka the "Malformed E-mail Header" vulnerability.
by Ussr Labs
Texas Imperial Software Wftpd - Denial of Service
WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of service by executing the RENAME TO (RNTO) command before a RENAME FROM (RNFR) command.
by Blue Panda
West Street Software Localweb HTTP Server - Denial of Service
LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial of service via a long GET request.
by Ussr Labs
Razor - Privilege Escalation
The Razor configuration management tool uses weak encryption for its password file, which allows local users to gain privileges.
by Shawn A. Clifford
Atrius Trivalie SN Time Sync - Buffer Overflow
Buffer overflow in Simple Network Time Sync (SMTS) daemon allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long string.
by Ben Taylor
Apache 1.3.x - Info Disclosure
The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters.
by H D Moore
KDE 1.1.2 - Local Privilege Escalation
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
by kil3r
KDE 1.1.2 - Local Privilege Escalation
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
by kil3r
Lotus Domino <5.0.2c - Buffer Overflow
Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands.
by smiler
NetworkICE ICEcap <2.0.23 - Auth Bypass
A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is enabled, which allows a remote attacker to bypass the weak authentication and post unencrypted events.
by rain forest puppy
Microsoft Internet Information Server < 5.0 - Denial of Service
The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request.
by Nelson Bunker
Napster - Info Disclosure
The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file.
by no_maam
Bugzilla <2.10 - RCE
Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi.
by Frank van Vliet karin
Cisco Ios - Improper Input Validation
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.
by Keith Woodworth
Concurrent Versions Software - Improper Locking
Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use by a legitimate CVS user.
by Michal Szymanski
CVSS 5.5
Microsoft Frontpage - Buffer Overflow
Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability.
by Richie & Beto
Microsoft Frontpage - Buffer Overflow
Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability.
by rain forest puppy
Nobreak Technologies Crazywwwboard - Buffer Overflow
Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header.
by Jin Ho You
atsar - Privilege Escalation
atsadc in the atsar package for Linux does not properly check the permissions of an output file, which allows local users to gain root privileges.
by S. Krahmer
SGI InfoSearch < - Command Injection
SGI InfoSearch CGI program infosrch.cgi allows remote attackers to execute commands via shell metacharacters.
by rpc
HP Openview Omniback II - Denial of Service
HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of service via a large number of connections to port 5555.
by Jon Hittner
wwwthreads - SQL Injection
wwwthreads does not properly cleanse numeric data or table names that are passed to SQL queries, which allows remote attackers to gain privileges for wwwthreads forums.
by rain forest puppy
SolutionScripts Home Free - Path Traversal
search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack.
by k0ad k1d
WebWho+ - Command Injection
WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter.
by loophole
By Source