Exploitdb Exploits
2,689 exploits tracked across all sources.
Samba < 2.2.8 - Remote Code Execution via SMB/CIFS Packet Fragment Reassembly
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.
by H D Moore
RealNetworks Helix Universal Server 9.0.2.768 - Remote Code Execution via RTSP/HTTP Request Buffer Overflow
Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote attackers to execute arbitrary code via (1) a long Transport field in a SETUP RTSP request, (2) a DESCRIBE RTSP request with a long URL argument, or (3) two simultaneous HTTP GET requests with long arguments.
by H D Moore
HP-UX 10.20-11.11 - Buffer Overflow in lp Subsystem
Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.
by H D Moore
CDE Common Desktop Environment - Remote Code Execution via Buffer Overflow in dtspcd Client Connection Routine
Buffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands.
by noir
distcc 2.x - Remote Code Execution
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.
by H D Moore
SGI IRIX - Buffer Overflow in Login via Telnet/Rlogin Arguments
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
by MC
SGI IRIX - Buffer Overflow in Login via Telnet/Rlogin Arguments
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
by I)ruid
IRIX < 6.5.13f - Remote Code Execution via lpsched Shell Metacharacters
lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.
by H D Moore
Solaris 8 - Remote Code Execution
lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220.
by H D Moore
ntpd < 4.0.99k - Buffer Overflow via Long readvar Argument
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
by patrick
HP OmniBackII <A.03.50 - Privilege Escalation
Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.
by H D Moore
University of Washington imapd 4.7 - Authenticated Buffer Overflow via LIST Command
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
by patrick
Apache HTTP Server - Remote Command Execution via SSI Closing Sequence Bypass
guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
by patrick
HP-UX - Unauthenticated Remote Login via Default Null Password
A Unix account has a default, null, blank, or missing password.
by Metasploit
By Source