Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-2020 EXPLOITDB c VERIFIED
FreeBSD 7.2-8.1-PRERELEASE - Privilege Escalation via NFS Client fhsize Parameter
sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allows local users to gain privileges via a crafted mount request.
by Patroklos Argyroudis
CVE-2010-2020 EXPLOITDB c VERIFIED
FreeBSD 7.2-8.1-PRERELEASE - Privilege Escalation via NFS Client fhsize Parameter
sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allows local users to gain privileges via a crafted mount request.
by Patroklos Argyroudis
CVE-2010-2687 EXPLOITDB text VERIFIED
Site2Nite Boat Classifieds - SQL Injection
SQL injection vulnerability in printdetail.asp in Site2Nite Boat Classifieds allows remote attackers to execute arbitrary SQL commands via the Id parameter.
by CoBRa_21
CVE-2010-2458 EXPLOITDB text VERIFIED
2daybiz Video Community Portal Script 1.0 - Cross-Site Scripting via videoid Parameter
Cross-site scripting (XSS) vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to inject arbitrary web script or HTML via the videoid parameter.
by L0rd CrusAd3r
CVE-2005-3868 EXPLOITDB text VERIFIED
K-Search < 1.0 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in K-Search 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) term, (2) id, (3) stat, and (4) source parameters to index.php, and (5) through the image parameters with an add request.
by Sangteamtham
CVE-2008-5159 EXPLOITDB ruby VERIFIED
Client Software WinCom LPD Total < 3.0.2.623 - Denial of Service via Large String Length Argument
Integer overflow in the remote administration protocol processing in Client Software WinCom LPD Total 3.0.2.623 and earlier allows remote attackers to cause a denial of service (crash) via a large string length argument, which triggers memory corruption.
by Metasploit
CVE-2004-1172 EXPLOITDB ruby VERIFIED
Veritas Backup Exec 8.x-9.x - Stack-Based Buffer Overflow via Long Hostname in Agent Browser Registration
Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, allows remote attackers to execute arbitrary code via a registration request with a long hostname.
by Metasploit
CVE-2006-4318 EXPLOITDB ruby VERIFIED
WFTPD Server 3.23 - Remote Code Execution via Long SIZE Command
Buffer overflow in WFTPD Server 3.23 allows remote attackers to execute arbitrary code via long SIZE commands.
by Metasploit
CVE-2005-2297 EXPLOITDB ruby VERIFIED
Sybase EAServer 4.2.5-5.2 - Authenticated Stack-Based Buffer Overflow via TreeAction.do Javascript Parameter
Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter.
by Metasploit
CVE-2009-1943 EXPLOITDB ruby VERIFIED
SafeNet SoftRemote <10.8.6 - Buffer Overflow
Stack-based buffer overflow in the IKE service (ireIke.exe) in SafeNet SoftRemote before 10.8.6 allows remote attackers to execute arbitrary code via a long request to UDP port 62514.
by Metasploit
CVE-2008-2703 EXPLOITDB ruby VERIFIED
Novell GroupWise Messenger < 2.0.3 HP1 - Remote Code Execution via Spoofed Server Response
Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID field name.
by Metasploit
CVE-2004-1317 EXPLOITDB ruby VERIFIED
Netcat for Windows 1.1 - Buffer Overflow
Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command.
by Metasploit
CVE-2008-4449 EXPLOITDB ruby VERIFIED
mIRC 6.34 - Remote Code Execution via Long Hostname in PRIVMSG
Stack-based buffer overflow in mIRC 6.34 allows remote attackers to execute arbitrary code via a long hostname in a PRIVMSG message.
by Metasploit
CVE-2007-4440 EXPLOITDB ruby VERIFIED
MercuryS SMTP <4.51 - Buffer Overflow
Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961.
by Metasploit
CVE-2007-1373 EXPLOITDB ruby VERIFIED
Mercury Mail Transport System < 4.01b - Remote Code Execution via Long LOGIN Command
Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport System) 4.01b and earlier allows remote attackers to execute arbitrary code via a long LOGIN command. NOTE: this might be the same issue as CVE-2006-5961.
by Metasploit
CVE-2007-3872 EXPLOITDB ruby VERIFIED
HP OpenView Operations < a.07.50 - Remote Code Execution via Crafted Requests
Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.
by Metasploit
CVE-2000-0665 EXPLOITDB ruby VERIFIED
GAMSoft TelSrv <= 1.5 - Denial of Service via Long Username
GAMSoft TelSrv telnet server 1.5 and earlier allows remote attackers to cause a denial of service via a long username.
by Metasploit
CVE-2005-1018 EXPLOITDB ruby VERIFIED
CA BrightStor ARCserve Backup - Buffer Overflow
Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows remote authenticated users to cause a denial of service or execute arbitrary code via an agent request to TCP port 6050 with a large argument before the option field.
by Metasploit
CVE-2007-2139 EXPLOITDB ruby VERIFIED
CA BrightStor ARCserve Backup 9.01-11.5 SP2 - Remote Code Execution via Malformed RPC Strings
Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785.
by Metasploit
CVE-2004-2074 EXPLOITDB ruby VERIFIED
Dream FTP 1.02 - Denial of Service via Format String in PASS or RETR Commands
Format string vulnerability in Dream FTP 1.02 allows local users to cause a denial of service (crash) via format string specifiers in the (1) PASS or (2) RETR commands.
by Metasploit
CVE-2008-1491 EXPLOITDB ruby VERIFIED
ASUS Remote Console <2.0.0.19,2.0.0.24 - Buffer Overflow
Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623.
by Metasploit
CVE-2010-2440 EXPLOITDB python VERIFIED
Subtitle Translation Wizard 3.0 - Stack-based Buffer Overflow via Crafted SRT File
Stack-based buffer overflow in st-wizard.exe in Subtitle Translation Wizard 3.0 allows user-assisted remote attackers to execute arbitrary code via a crafted SRT file with a long line after a time range. NOTE: some of these details are obtained from third party information.
by blake
CVE-2007-0882 EXPLOITDB ruby VERIFIED
Solaris 10 and 11 - Unauthenticated Argument Injection in telnetd via -f Sequence
Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account.
by Metasploit
CVE-2001-0797 EXPLOITDB ruby VERIFIED
SGI IRIX - Buffer Overflow in Login via Telnet/Rlogin Arguments
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
by Metasploit
EIP-2026-113345 EXPLOITDB text VERIFIED
Webring Script - SQL Injection
by L0rd CrusAd3r