Exploitdb Exploits
2,809 exploits tracked across all sources.
InterBase and Firebird < 1.5 - Denial of Service via Long Database Name
Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command.
by wsxz
Mollensoft Lightweight FTP Server 3.6 - Remote Buffer Overflow
by Chintan Trivedi
Mollensoft Lightweight FTP Server 3.6 - Authenticated Buffer Overflow via CWD Command
Buffer overflow in Mollensoft Lightweight FTP Server 3.6 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long CWD command, as demonstrated in one example by using the "cd" command in an interactive FTP client.
by storm
LHA - Buffer Overflow via Long Working Directory Command Line Option
Buffer overflow in the extract_one function from lhext.c in LHA may allow attackers to execute arbitrary code via a long w (working directory) command line option, a different issue than CVE-2004-0769. NOTE: this issue may be REJECTED if there are not any cases in which LHA is setuid or is otherwise used across security boundaries.
by Lukasz Wojtow
EMule Web 0.42 Control Panel - Denial of Service
by Rafel Ivgi The-Insider
Qualcomm Eudora 5.2.1, 6.0.3, 6.1 - Buffer Overflow via Long URL or Attachment Name
Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows remote attackers to execute arbitrary code via an e-mail with (1) a link to a long URL to the C drive or (2) a long attachment name.
by Paul Szabo
Titan FTP Server 3.01 build 163 - Authenticated Denial of Service via LIST -L Command
Titan FTP Server version 3.01 build 163, and possibly other versions before build 169, allows remote authenticated users to cause a denial of service (crash) by disconnecting from the system during a "LIST -L" command, which causes Titan to access an invalid socket.
by storm
HP Web JetAdmin 6.5 - 'connectedNodes.ovpl' Remote Code Execution
by FX
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (3)
by Secure Network Operations
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (2)
by Secure Network Operations
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (1)
by Secure Network Operations
Juniper Junos - Denial of Service via TCP RST Packet Injection
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
by K-sPecial
Kinesphere eXchange POP3 - Remote Code Execution via Long MAIL FROM Field
Buffer overflow in Kinesphere eXchange POP3 allows remote attackers to execute arbitrary code via a long MAIL FROM field.
by securma massine
Serv-U File Server < 5.0.0.6 - Denial of Service via Long -l Parameter
Buffer overflow in Serv-U FTP server before 5.0.0.6 allows remote attackers to cause a denial of service (crash) via a long -l parameter, which triggers an out-of-bounds read.
by storm
Juniper Junos - Denial of Service via TCP RST Packet Injection
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
by Paul A. Watson
Qualcomm Eudora 6.0.3-6.1 - Denial of Service via Deeply Nested Multipart MIME Message
Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multipart MIME message.
by Paul Szabo
eMule 0.42d - Stack-based Buffer Overflow in DecodeBase16 Function
Stack-based buffer overflow in DecodeBase16 function, as used in the (1) IRC module and (2) web server in eMule 0.42d, allows remote attackers to execute arbitrary code via a long string.
by kingcope
Monit 1.4-4.1 - Remote Code Execution via Long HTTP Request
Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attackers to execute arbitrary code via a long HTTP request.
by gsicht
KPhone < 4.0.1 - Denial of Service via STUN Response Packet with Large attrLen Value
sipclient.cpp in KPhone 4.0.1 and earlier allows remote attackers to cause a denial of service (crash) via a STUN response packet with a large attrLen value that causes an out-of-bounds read.
by storm
LCDproc 0.4.x-0.4.4 - Remote Code Execution via parse_all_client_messages Buffer Overflow
Buffer overflow in the parse_all_client_messages function in LCDproc 0.4.x up to 0.4.4 allows remote attackers to execute arbitrary code via a large number of arguments.
by wsxz
Aborior Encore WebForum - Command Injection
display.cgi in Aborior Encore WebForum allows remote to execute arbitrary commands via shell metacharacters in the file variable.
by K-159
eSignal 7.5-7.6 - Stack-Based Buffer Overflow via Long STREAMQUOTE Tag
Stack-based buffer overflow in WinSig.exe in eSignal 7.5 and 7.6 allows remote attackers to execute arbitrary code via a long STREAMQUOTE tag.
by VizibleSoft
Qualcomm Eudora 6.2.0.14 - Unauthenticated Arbitrary File Read via Spoofed Converted Headers
Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mail message that contains base64 or quoted-printable encoded attachments, which makes it easier for remote attackers to read arbitrary files via spoofed "Converted" headers.
by anonymous
By Source