Exploitdb Exploits
2,809 exploits tracked across all sources.
WzdFTPD 0.1 rc5 - Login Remote Denial of Service
by Moran Zavdi
Man Utility 2.3.19 - Local Compression Program Privilege Escalation
by Sebastian Krahmer
Plug and Play Web Server - Denial of Service via Long FTP Command
Multiple buffer overflows in the FTP service in Plug and Play Web Server 1.0002c allow remote attackers to cause a denial of service (crash) via long (1) dir, (2) ls, (3) delete, (4) mkdir, (5) DELE, (6) RMD, or (7) MKD commands.
by Bahaa Naamneh
Solaris - Unauthenticated Remote Privilege Escalation via sadmind AUTH_SYS Spoofing
The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets.
by H D Moore
Roger Wilco 1.4.1 - Remote Server Side Buffer Overrun
by D4rkGr3y
mah-jong 1.5.6 - Denial of Service via Tight Loop
Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote attackers to cause a denial of service (tight loop).
by jsk
ZoneAlarm 3.7.202/PRO 4.0/PRO 4.5 - Random UDP Flood Denial of Service (1)
by _6mO_HaCk
Tellurian TftpdNT 1.8 - Buffer Overflow via Long Filename in TFTP Request
Buffer overflow in Tellurian TftpdNT 1.8 allows remote attackers to execute arbitrary code via a TFTP request with a long filename.
by storm
Cerberus FTPServer 1.71/2.1/2.32 - Remote Denial of Service
by real Remoter
Meteor FTP Server 1.2/1.5 - USER Memory Corruption
by zerash
IBM DB2 <8.1 - Privilege Escalation
IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs.
EveryBuddy 0.4.3 - Long Message Denial of Service
by Noam Rathaus
Postfix <= 1.1.12 - Denial of Service via Malformed Envelope Address
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or (2) via a valid MAIL FROM with a RCPT TO containing a ".!" string, which causes an instance of the SMTP listener to lock up.
wu-ftpd 2.5.0-2.6.2 - Remote Code Execution via fb_realpath Off-by-one Error
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
CVSS 9.8
Cisco IOS - Denial of Service via Malformed URL
The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL.
by blackangels
GNU GNATS 3.113.1_6 - Queue-PR Database Command Line Option Buffer Overflow
by inv[at]dtors
IglooFTP PRO 3.8 - Remote Code Execution via Long FTP Banner or Command Response
Multiple buffer overflows in IglooFTP PRO 3.8 allow remote FTP servers to execute arbitrary code via (1) a long FTP banner, or long responses to the client commands (2) USER, (3) PASS, (4) ACCT, and possibly other commands.
by inv[at]dtors
VP-ASP - SQL Injection via id Parameter
SQL injection vulnerability in shopexd.asp for VP-ASP allows remote attackers to gain administrator privileges via the id parameter.
by Bosen & TioEuy
VP-ASP - SQL Injection via id Parameter
SQL injection vulnerability in shopexd.asp for VP-ASP allows remote attackers to gain administrator privileges via the id parameter.
by TioEuy & AresU
Twilight Webserver 1.3.3.0 - Denial of Service via Long URI GET Request
Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial of service (application crash) via a GET request for a long URI, a different vulnerability than CVE-2004-2376.
by anonymous
Macromedia ColdFusion MX 6.0 - Remote Development Service File Disclosure
by rs2112
By Source