header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Integer Overflow in Apache HTTP Server mod-setenvif

An integer overflow was found in apache2-mpm-worker 2.2.19 in the function ap_pregsub called from mod-setenvif. When a header field is mangled using SetEnvIf, the new environment variable data can be multiples of the size of the submitted header field. This leads to a buffer overflow when filling the buffer with user-supplied data. The issue affects all versions from 2.0.x to 2.0.64 and 2.2.x to 2.2.21.

Privilege Escalation via Overlayfs Over Fuse

On Ubuntu Wily, it is possible to place an USERNS overlayfs mount over a fuse mount. The fuse filesystem may contain SUID binaries, but those cannot be used to gain privileges due to nosuid mount options. But when touching such an SUID binary via overlayfs mount, this will trigger copy_up including all file attributes, thus creating a real SUID binary on the disk.

PGPBBox.dll 5.1.0.112 SecureBlackbox Arbitary Data Write Exploit

The SaveToFile method in PGPBBox.dll in the SecureBlackbox software package from the Eldos Company allows remote attackers to write arbitrary data by crafting a malicious HTML page. This vulnerability affects computers using this software.

PHP 5.2.3 bz2 com_print_typeinfo() Remote DoS Exploit

This exploit targets a vulnerability in the bz2 extension of PHP version 5.2.3. By using the com_print_typeinfo() function, an attacker can trigger a remote denial of service (DoS) attack. The vulnerability was discovered by shinnai and can be exploited on Windows XP SP2, both from the command line interface (CLI) and on Apache web server.

SquirrelMail G/PGP Encryption Plug-in Remote Command Execution Vulnerability

There is a vulnerability in the keyring_main.php file of the SquirrelMail G/PGP Encryption Plug-in that allows remote command execution. The 'fpr' parameter is not properly escaped, allowing an attacker to execute arbitrary commands on the target system.

Linux Kernel IPV6_Getsockopt_Sticky Memory Leak Proof Of Concept

This proof of concept code demonstrates a memory leak vulnerability in the Linux Kernel. It dumps the memory mapped between INI and END addresses. The vulnerability is based on a null pointer dereference and can be exploited to read arbitrary memory. The code sets np->opt to NULL through IPV6_2292PKTOPTIONS and then maps a memory region at address 0x00000000. It then sets ptr to point to np->opt->hopopt and iterates through memory addresses between INIADDR and ENDADDR, retrieving the chunks pointed by hopopt through getsockopt IPV6_DSTOPTS and printing them to stdout.

Distinct TFTP 3.10 Writable Directory Traversal Execution

This module exploits a vulnerability found in Distinct TFTP server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the file system, which results in code execution under the context of 'SYSTEM'.

Mail Machine Local File Include Exploit

This exploit targets the Mail Machine application versions v3.980, v3.985, v3.987, v3.988, and v3.989. It exploits a vulnerability in the mailmachine.cgi script where the open() function is not properly sanitized against user-supplied input. By exploiting this vulnerability, an attacker can disclose arbitrary files from the server.

Recent Exploits: