[ home ] [ contents ] [ platforms ] [ shellcode ] [ search ] [ cracker ] [ links ] [ rss ] [ archive ]
milw0rm
[ multiple - remote ]
-::DATE -::DESCRIPTION -::HITS -::AUTHOR
2009-09-11 Mozilla Firefox < 3.0.14 Multiplatform RCE via pkcs11.addmodule 8800 R D Dan Kaminsky
2009-06-29 Cpanel (lastvisit.html domain) Arbitrary File Disclosure Vuln (auth) 11035 R D SecurityRules
2009-06-09 Apple Safari <= 3.2.x (XXE attack) Local File Theft Vulnerability 6531 R D Chris Evans
2009-05-26 Lighttpd < 1.4.23 Source Code Disclosure Vulnerability (BSD/Solaris bug) 5218 R D venatir
2009-04-16 Apache Geronimo <= 2.1.3 Multiple Directory Traversal Vulnerabilities 6934 R D DSecRG
2009-03-10 NextApp Echo < 2.1.1 XML Injection Vulnerability 2951 R D SEC Consult
2009-02-23 MLdonkey <= 2.9.7 HTTP DOUBLE SLASH Arbitrary File Disclosure Vuln 6409 R D Michael Peselnik
2009-02-10 ProFTPd with mod_mysql Authentication Bypass Vulnerability 21362 R D gat3way
2009-01-14 TeamSpeak <= 2.0.23.17 Remote File Disclosure Vulnerability 6699 R D c411k
2009-01-14 Oracle Secure Backup 10g exec_qr() Command Injection Vulnerability 7018 R D Joxean Koret
2008-08-13 BIND 9.5.0-P2 (randomized ports) Remote DNS Cache Poisoning Exploit 12791 R D Zbr
2008-08-11 Apache Tomcat <= 6.0.18 UTF8 Directory Traversal Vulnerability 29464 R D Simon Ryeo
2008-07-25 BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c) 23374 R D Marc Bevand
2008-07-24 BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py) 18403 R D Julien Desfossez
2008-07-23 BIND 9.4.1-9.4.2 Remote DNS Cache Poisoning Flaw Exploit (meta) 22666 R D I)ruid
2008-06-12 SNMPv3 HMAC validation error Remote Authentication Bypass Exploit 8734 R D Maurizio Agazzini
2008-05-16 Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit (ruby) 19468 R D L4teral
2008-05-15 Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit 38225 R D Markus Mueller
2008-05-03 HLDS WebMod 0.48 Multiple Remote Vulnerabilties 7801 R D Luigi Auriemma
2008-04-11 HP OpenView Network Node Manager <= 7.53 Multiple Vulnerabilities 6503 R D Luigi Auriemma
2008-03-14 Dovecot IMAP 1.0.10 <= 1.1rc2 Remote Email Disclosure Exploit 8586 R D kcope
2008-03-06 Ruby 1.8.6 (Webrick Httpd 1.3.1) Directory Traversal Vulnerability 8158 R D DSecRG
2008-01-09 SAP MaxDB <= 7.6.03.07 pre-auth Remote Command Execution Exploit 7120 R D Luigi Auriemma
2007-12-21 Sendmail with clamav-milter < 0.91.2 Remote Root Exploit 14465 R D eliteboy
2007-11-29 Apple QuickTime 7.2/7.3 RSTP Response Universal Exploit (win/osx) 13197 R D Subreption LLC.
2007-10-24 Jakarta Slide <= 2.1 RC1 Remote File Disclosure Exploit 8918 R D kcope
2007-10-22 LiteSpeed Web Server <= 3.2.3 Remote Source Code Disclosure Vuln 9079 R D Tr3mbl3r
2007-10-14 Apache Tomcat (webdav) Remote File Disclosure Exploit 21237 R D eliteboy
2007-09-12 Apple Quicktime (Multiple Browsers) Command Execution PoC (0day) 12953 R D X pdp
2007-09-10 Lighttpd <= 1.4.16 FastCGI Header Overflow Remote Exploit 8656 R D Mattias Bengtsson
2007-08-07 BIND 9 DNS Cache Poisoning Exploit (v0.3beta) 20871 R D posedge
2007-06-22 Apache mod_jk 1.2.19/1.2.20 Remote Buffer Overflow Exploit 15899 R D eliteboy
2007-04-11 MiniWebsvr 0.0.7 Remote Directory Transversal Exploit 7090 R D shinnai
2007-04-03 HP Mercury Quality Center 9.0 build 9.1.0.4352 SQL Execution Exploit 6167 R D Isma Khan
2007-03-27 Oracle 10g KUPM$MCP.MAIN SQL Injection Exploit v2 6793 R D bunker
2007-03-27 Oracle 10g KUPM$MCP.MAIN SQL Injection Exploit 7801 R D bunker
2007-03-23 Ethernet Device Drivers Frame Padding Info Leakage Exploit (Etherleak) 4649 R D Jon Hart
2007-03-10 PHP <= 5.2.0 ext/filter FDF Post Filter Bypass Exploit 9378 R D Stefan Esser
2007-03-07 mod_security <= 2.1.0 (ASCIIZ byte) POST Rules Bypass Vulnerability 6248 R D Stefan Esser
2007-03-04 PHP 4.4.3 - 4.4.6 phpinfo() Remote XSS Vulnerability 15497 R D Stefan Esser
2007-02-26 Oracle 10g KUPW$WORKER.MAIN SQL Injection Exploit v2 7985 R D bunker
2007-02-26 Oracle 10g KUPV$FT.ATTACH_JOB SQL Injection Exploit v2 6389 R D bunker
2007-02-26 Oracle 9i/10g DBMS_METADATA.GET_DDL SQL Injection Exploit v2 7962 R D bunker
2007-02-26 Oracle 9i/10g ACTIVATE_SUBSCRIPTION SQL Injection Exploit v2 6354 R D bunker
2007-02-23 Oracle 9i/10g DBMS_METADATA.GET_DDL SQL Injection Exploit 9430 R D bunker
2007-02-22 Oracle 10g KUPW$WORKER.MAIN Grant/Revoke dba Permission Exploit 7698 R D bunker
2007-02-22 Oracle 10g KUPV$FT.ATTACH_JOB Grant/Revoke dba Permission Exploit 7095 R D bunker
2007-02-13 Portable OpenSSH <= 3.6.1p-PAM / 4.1-SUSE Timing Attack Exploit 12643 R D Marco Ivaldi
2007-02-05 Oracle 9i/10g DBMS_EXPORT_EXTENSION SQL Injection Exploit 8337 R D bunker
2007-01-01 Apple Quicktime (rtsp URL Handler) Stack Buffer Overflow Exploit 10295 R D MoAB
2006-12-19 Oracle <= 9i / 10g (extproc) Local/Remote Command Execution Exploit 12976 R D Marco Ivaldi
2006-11-23 Oracle <= 9i / 10g (read/write/execute) Exploitation Suite 12163 R D Marco Ivaldi
2006-11-14 Links 1.00pre12 (smbclient) Remote Code Execution Exploit 7711 R D X Teemu Salmela
2006-07-28 Mozilla Firefox <= 1.5.0.4 Javascript Navigator Object Code Execution PoC 21721 R D X H D Moore
2006-07-23 Apache Tomcat < 5.5.17 Remote Directory Listing Vulnerability 24802 R D ScanAlert Security
2006-07-21 Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2) 7522 R D bannedit
2006-07-15 Webmin < 1.290 / Usermin < 1.220 Arbitrary File Disclosure Exploit (perl) 27559 R D UmZ
2006-07-09 Webmin < 1.290 / Usermin < 1.220 Arbitrary File Disclosure Exploit 17944 R D joffer
2006-05-17 RealVNC 4.1.0 - 4.1.1 (VNC Null Authentication) Vulnerability Scanners 54707 R D class101
2006-05-16 RealVNC 4.1.0 - 4.1.1 (VNC Null Authentication) Auth Bypass Patch/EXE 55465 RM D redsand
2006-05-15 RealVNC 4.1.0 - 4.1.1 (Null Authentication) Auth Bypass Exploit (meta) 32289 RM D H D Moore
2006-03-22 BomberClone < 0.11.6.2 (Error Messages) Remote Buffer Overflow Exploit 7581 RM D esca zoo
2005-12-12 Mozilla Firefox <= 1.04 compareTo() Remote Code Execution Exploit 12859 RM D X Aviv Raff
2005-11-04 WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (meta) 11780 RM D David Maciejak
2005-10-20 Veritas NetBackup <= 6.0 (bpjava-msvc) Remote Exploit (linux) 9215 R D Kevin Finisterre
2005-08-30 HP OpenView Network Node Manager <= 7.50 Remote Exploit 6868 R D Lympex
2005-05-21 Mozilla Firefox view-source:javascript url Code Execution Exploit 15511 R D X mikx
2005-03-14 LimeWire 4.1.2 - 4.5.6 Inappropriate Get Request Remote Exploit 8133 R D lammat
2005-02-18 Knox Arkeia Server Backup 5.3.x Remote Root Exploit 5060 RM D John Doe
2005-02-09 ELOG <= 2.5.6 Remote Shell Exploit 5782 R D n4rk0tix
2005-01-08 Webmin Web Brute Force v1.5 (cgi-version) 13695 R D ZzagorR
2005-01-08 Webmin BruteForce + Command Execution v1.5 12187 R D ZzagorR
2004-12-22 Webmin BruteForce and Command Execution Exploit 10466 R D Di42lo
2004-12-15 wget <= 1.9 Directory Traversal Exploit 6205 R D jjminar
2004-07-10 MySQL 4.1/5.0 zero-length password Auth. Bypass Exploit 19200 R D Eli Kara
2004-06-25 CVS Remote Entry Line Heap Overflow Root Exploit (Linux/FreeBSD) 6687 R D Ac1dB1tCh3z
2003-08-25 Real Server 7/8/9 Remote Root Exploit (Windows & Linux) 6039 RM D Johnny Cyberpunk
2003-07-28 Apache 1.3.x mod_mylo Remote Code Execution Exploit 26848 R D Carl Livitt
2002-05-01 SSH (x2) Remote Root Exploit 23413 R D Teso
2000-12-21 HP OpenView OmniBack II Generic Remote Exploit 5871 RM D DiGiT
2000-11-21 wu-ftpd 2.6.0 Remote Root Exploit 8119 R D venglin

[ multiple - local ]
-::DATE -::DESCRIPTION -::HITS -::AUTHOR
2009-08-25 HyperVM File Permissions Local Vulnerability 2602 R D Xia Shing Zee
2009-08-24 Multiple BSD Operating Systems setusercontext() Vulnerabilities 1786 R D kcope
2009-07-09 xscreensaver 5.01 Arbitrary File Disclosure Symlink Attack Vulnerability 4916 R D kcope
2009-07-02 Oracle 10g SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit 6017 R D Sumit Siddharth
2009-05-07 PHP mb_ereg(i)_replace() Evaluate Replacement String Vulnerability 4804 R D 80vul
2009-04-16 Oracle APEX 3.2 Unprivileged DB users can see APEX password hashes 3298 R D Alexander Kornbrust
2009-02-18 Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (meta) 11574 R D Sh2kerr
2009-02-16 Enomaly ECP / Enomalism < 2.2.1 Multiple Local Vulnerabilities 2835 R D Sam Johnston
2009-01-06 Oracle 10g SYS.LT.REMOVEWORKSPACE SQL Injection Exploit 3173 R D Sh2kerr
2009-01-06 Oracle 10g SYS.LT.MERGEWORKSPACE SQL Injection Exploit 3292 R D Sh2kerr
2009-01-06 Oracle 10g SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit 4423 R D Sh2kerr
2009-01-02 PHP <= 5.2.8 gd library - imageRotate() Information Leak Vulnerability 7298 R D Hamid Ebadi
2008-12-22 CUPS < 1.3.8-4 (pstopdf filter) Privilege Escalation Exploit 5818 R D Jon Oberheide
2008-12-17 PHP python extension safe_mode Bypass Local Vulnerability 6391 R D Amir Salmani
2008-11-20 PHP 5.2.6 (error_log) safe_mode Bypass Vulnerability 11641 R D SecurityReason
2008-11-15 Sudo <= 1.6.9p18 (Defaults setenv) Local Privilege Escalation Exploit 10399 R D kcope
2008-01-28 Oracle 10g R1 pitrig_drop PLSQL Injection (get users hash) 6561 R D Sh2kerr
2008-01-28 Oracle 10g R1 pitrig_truncate PLSQL Injection (get users hash) 6899 R D Sh2kerr
2008-01-28 Oracle 10g R1 xdb.xdb_pitrig_pkg PLSQL Injection (change sys password) 8387 R D Sh2kerr
2007-10-27 Oracle 10g/11g SYS.LT.FINDRICSET Local SQL Injection Exploit 5632 R D bunker
2007-10-27 Oracle 10g/11g SYS.LT.FINDRICSET Local SQL Injection Exploit (2) 7226 R D bunker
2007-10-27 Oracle 10g LT.FINDRICSET Local SQL Injection Exploit (IDS evasion) 8716 R D Sh2kerr
2007-10-23 Oracle 10g CTX_DOC.MARKUP SQL Injection Exploit 9208 R D Sh2kerr
2007-09-10 PHP <= 4.4.7 / 5.2.3 MySQL/MySQLi Safe Mode Bypass Vulnerability 23493 R D Mattias Bengtsson
2007-07-19 Oracle 9i/10g evil views Change Passwords Exploit (CVE-2007-3855) 8982 R D bunker
2007-03-23 PHP 5.2.1 unserialize() Local Information Leak Exploit 6780 R D Stefan Esser
2007-03-09 PHP 4.4.6 cpdf_open() Local Source Code Discslosure PoC 6994 R D rgod
2007-03-07 PHP <= 5.2.1 substr_compare() Information Leak Exploit 6216 R D Stefan Esser
2007-03-04 PHP < 4.4.5 / 5.2.1 php_binary Session Deserialization Information Leak 6855 R D Stefan Esser
2007-03-04 PHP < 4.4.5 / 5.2.1 WDDX Session Deserialization Information Leak 5994 R D Stefan Esser
2007-01-23 Oracle 10g SYS.DBMS_CDC_IMPDP.BUMP_SEQUENCE PL/SQL Injection 7900 R D Joxean Koret
2007-01-23 Oracle 10g SYS.KUPW$WORKER.MAIN PL/SQL Injection Exploit 6243 R D Joxean Koret
2007-01-23 Oracle 10g SYS.KUPV$FT.ATTACH_JOB PL/SQL Injection Exploit 5849 R D Joxean Koret
2006-06-18 Sun iPlanet Messaging Server 5.2 HotFix 1.16 Root Password Disclosure 5684 R D php0t
2006-04-26 Oracle <= 10g Release 2 (DBMS_EXPORT_EXTENSION) Local SQL Exploit 9880 R D N1V1Hd
2006-03-05 LibTiff 3.7.1 (BitsPerSample Tag) Local Buffer Overflow Exploit 5929 R D Agustin Gianni
2005-07-25 vim 6.3 < 6.3.082 (modlines) Local Command Execution Exploit 7281 R D Georgi Guninski
2004-11-14 Multiple AntiVirus (zip file) Detection Bypass Exploit 6499 R D oc192
2001-03-04 Progress Database Server 8.3b (prodb) Local Root Exploit 4778 R D the itch
1996-08-13 Linux & BSD umount Local Root Exploit 5188 R D bloodmask

[ multiple - dos ]
-::DATE -::DESCRIPTION -::HITS -::AUTHOR
2009-09-21 Snort < 2.8.5 Unified1 Output Denial of Service Exploit 8457 R D Pablo Rincon Crespo
2009-09-11 FreeRadius < 1.1.8 Remote Packet of Death Exploit (CVE-2009-3111) 11118 R D Matthew Gillespie
2009-08-18 Safari 4.0.2 (WebKit Parsing of Floating Point Numbers) BOF PoC 1489 R D Leon Juranic
2009-08-01 VirtualBox 2.2 - 3.0.2 r49928 Local Host Reboot PoC 3117 R D Tadas Vilkeliskis
2009-07-30 ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC 4403 R D kcope
2009-07-17 Sguil/PADS Remote Server Crash Vulnerability 2330 R D Ataraxia
2009-07-17 Real Helix DNA RTSP and SETUP Request Handler Vulnerabilities 2103 R D Core Security
2009-07-15 Multiple Web Browsers Denial of Service Exploit (1 bug to rule them all) 3258 R D Thierry Zoller
2009-07-09 MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth) 4522 R D kcope
2009-07-02 Apple Safari 4.x JavaScript Reload Remote Crash Exploit 4350 R D SkyOut
2009-06-22 Multiple HTTP Server Low Bandwidth Denial of Service #2 4409 R D evilrabbi
2009-06-17 Multiple HTTP Server Low Bandwidth Denial of Service (slowloris.pl) 10518 R D RSnake
2009-06-15 Apple Safari & Quicktime Denial of Service Vulnerability 2348 R D Thierry Zoller
2009-06-12 Asterisk IAX2 Resource Exhaustion via Attacked IAX Fuzzer 2523 R D Blake Cornell
2009-06-04 OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit 5232 R D Jon Oberheide
2009-06-01 Apache mod_dav / svn Remote Denial of Service Exploit 15431 R D kcope
2009-05-29 Mozilla Firefox 3.0.10 (KEYGEN) Remote Denial of Service Exploit 6346 R D Thierry Zoller
2009-05-29 Adobe Acrobat <= 9.1.1 Stack Overflow Crash PoC (osx/win) 5540 R D Saint Patrick
2009-05-26 Mozilla Firefox (unclamped loop) Denial of Service Exploit 3953 R D Thierry Zoller
2009-05-18 OpenSSL <= 0.9.8k, 1.0.0-beta2 DTLS Remote Memory Exhaustion DoS 6489 R D Jon Oberheide
2009-05-15 Eggdrop/Windrop 1.6.19 ctcpbuf Remote Crash Vulnerability 5367 R D Thomas Sader
2009-05-13 ipsec-tools racoon frag-isakmp Denial of Service PoC 3081 R D mu-b
2009-05-08 Mortbay Jetty <= 7.0.0-pre5 Dispatcher Servlet Denial of Service Exploit 2537 R D ikki
2009-04-14 Steamcast 0.9.75b Remote Denial of Service Exploit 1729 R D ksa04
2009-04-03 IBM DB2 < 9.5 pack 3a Malicious Connect Denial of Service Exploit 2092 R D Dennis Yurichev
2009-04-03 IBM DB2 < 9.5 pack 3a Malicious Data Stream Denial of Service Exploit 2363 R D Dennis Yurichev
2009-04-01 XBMC 8.10 (GET Requests) Multiple Remote Buffer Overflow PoC 2572 R D n00b
2009-03-31 Sun Calendar Express Web Server (DoS/XSS) Multiple Remote Vulns 2532 R D Core Security
2009-03-30 Wireshark <= 1.0.6 PN-DCP Format String Exploit PoC 4760 R D THCX Labs
2009-03-30 Opera 9.64 (7400 nested elements) XML Parsing Remote Crash Exploit 4375 R D Ahmed Obied
2009-03-25 Mozilla Firefox XSL Parsing Remote Memory Corruption PoC 0day 25277 R D Guido Landi
2009-03-19 ModSecurity < 2.5.9 Remote Denial of Service Vulnerability 3520 R D Juan Galiana Lara
2009-03-19 SW-HTTPD Server 0.x Remote Denial of Service Exploit 2892 R D Jonathan Salwan
2009-03-16 Mozilla Firefox 3.0.7 OnbeforeUnLoad DesignMode Dereference Crash 7931 R D X SkyLined
2009-03-03 Yaws < 1.80 (multiple headers) Remote Denial of Service Exploit 2296 R D Praveen Darshanam
2009-02-23 Mozilla Firefox 3.0.6 (BODY onload) Remote Crash Exploit 17291 R D X SkyLined
2009-02-09 Squid < 3.1 5 HTTP Version Number Parsing Denial of Service Exploit 8029 R D Praveen Darshanam
2009-01-19 D-Bus Daemon < 1.2.4 (libdbus) Denial of Service Exploit 2668 R D Jon Oberheide
2009-01-16 MPlayer 1.0rc2 TwinVQ Stack Buffer Overflow PoC 3950 R D sCORPINo
2009-01-14 Oracle TimesTen Remote Format String PoC 4214 R D Joxean Koret
2009-01-06 SeaMonkey <= 1.1.14 (marquee) Denial of Service Exploit 3300 R D StAkeR
2009-01-05 Safari (Arguments) Array Integer Overflow PoC (New Heap Spray) 5773 R D X SkyLined
2009-01-02 VMware <= 2.5.1 (Vmware-authd) Remote Denial of Service Exploit 5678 R D laurent gaffié
2009-01-01 Konqueror 4.1 XSS / Remote Crash Vulnerabilities 4698 R D StAkeR
2008-12-23 Psi Jabber Client (8010/tcp) Remote Denial of Service Exploit (win/lin) 3460 R D Sha0
2008-12-23 Getleft 1.2 Remote Buffer Overflow Proof of Concept 3341 R D Koshi
2008-12-19 Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit 4660 R D Jon Oberheide
2008-12-15 Amaya Web Browser 10.0.1/10.1-pre5 (html tag) Buffer Overflow PoC 3469 R D webDEViL
2008-12-03 ClamAV < 0.94.2 (JPEG Parsing) Recursive Stack Overflow PoC 3896 R D ilja van sprundel
2008-10-22 LibSPF2 < 1.2.8 DNS TXT Record Parsing Bug Heap Overflow PoC 2676 R D Dan Kaminsky
2008-09-29 Wireshark 1.0.x Malformed .ncf packet capture Local Denial of Service 3845 R D Shinnok
2008-09-16 QuickTime 7.5.5 / ITunes 8.0 Remote off by one Crash Exploit 10278 R D securfrog
2008-09-16 Postfix < 2.4.9, 2.5.5, 2.6-20080902 (.forward) Local DoS Exploit 3422 R D Albert Sellares
2008-08-23 VLC 0.8.6i MMS Protocol Handling Heap Overflow PoC 4982 R D g_
2008-08-16 VLC 0.8.6i tta File Parsing Heap Overflow PoC 4891 R D g_
2008-08-13 Ventrilo <= 3.0.2 NULL pointer Remote DoS Exploit 8695 R D Luigi Auriemma
2008-08-13 Ruby <= 1.9 (regex engine) Remote Socket Memory Leak Exploit 5209 R D laurent gaffié
2008-08-10 Sun xVM VirtualBox < 1.6.4 Privilege Escalation Vulnerability PoC 3589 R D Core Security
2008-07-31 F-PROT antivirus 6.2.1.4252 (malformed archive) Infinite Loop DoS Exploit 3977 R D kokanin
2008-07-19 Oracle Internet Directory 10.1.4 Remote Preauth DoS Exploit 5927 R D Joxean Koret
2008-07-12 reSIProcate 1.3.2 Remote Denial of Service PoC 2820 R D Mu Security
2008-07-08 Multiple Vendors Malicious SVG File Denial of Service PoC 4068 R D Kristian Hermansen
2008-06-05 Asterisk (SIP channel driver / in pedantic mode) Remote Crash Exploit 5561 R D Armando Oliveira
2008-06-01 Samba (client) receive_smb_raw() Buffer Overflow Vulnerability PoC 7082 R D Guido Landi
2008-05-27 PHP 5.2.6 sleep() Local Memory Exhaust Exploit 8977 R D Gogulas
2008-03-24 snircd <= 1.3.4 (send_user_mode) Denial of Service Vulnerability 3666 R D Chris Porter
2008-03-17 Apple Safari (webkit) Remote Denial of Service Exploit (iphone/osx/win) 9798 R D X Georgi Guninski
2008-03-10 ASG-Sentry <= 7.0.0 Multiple Remote Vulnerabilities 3799 R D Luigi Auriemma
2008-02-26 Apple Mac OS X xnu <= 1228.3.13 ipv6-ipcomp Remote kernel DoS PoC 7937 R D mu-b
2008-02-19 X.Org xorg-server <= 1.1.1-48.13 Probe for Files Exploit PoC 5397 R D vl4dZ
2008-01-28 Oracle 10g R1 xdb.xdb_pitrig_pkg Buffer Overflow Exploit (PoC) 6981 R D Sh2kerr
2008-01-09 McAfee E-Business Server Remote pre-auth Code Execution / DoS PoC 4359 R D Leon Juranic
2008-01-06 Half-Life CSTRIKE Server 1.6 Denial of Service Exploit (no-steam) 15436 R D Eugene Minaev
2007-12-23 OpenSSL < 0.9.7l / 0.9.8d SSLv2 Client Crash Exploit 9602 R D Noam Rathaus
2007-11-23 Apple QuickTime 7.2/7.3 RTSP Response Remote SEH Overwrite PoC 11871 R D h07
2007-11-09 MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability 16512 R D Kristian Hermansen
2007-11-02 Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit 8795 R D RoMaNSoFt
2007-10-23 DNS Recursion bandwidth amplification Denial of Service PoC 7544 R D Shadow
2007-10-22 Mozilla Firefox <= 2.0.0.7 Remote Denial of Service Exploit 13687 R D BugReport.IR
2007-10-16 GCALDaemon <= 1.0-beta13 Remote Denial of Service Exploit 5165 R D ikki
2007-09-19 Sun jre1.6.0_X isInstalled.dnsResolve Function Overflow PoC 8126 R D X YAG KOHHA
2007-09-03 Apple Quicktime < 7.2 SMIL Remote Integer Overflow PoC 5248 R D David Vaartjes
2007-08-06 PHP mSQL (msql_connect) Local Buffer Overflow PoC 6851 R D NetJackal
2007-07-31 Asterisk < 1.2.22, 1.4.8 IAX2 channel driver Remote Crash Exploit 4588 R D tenkei_ev
2007-07-18 Asterisk < 1.2.22 / 1.4.8 / 2.2.1 chan_skinny Remote Denial of Service 4199 R D fbffff
2007-07-14 PHP 5.2.3 glob() Denial of Service Exploit 12389 R D shinnai
2007-07-12 PHP 5.2.3 bz2 com_print_typeinfo() Denial of Service Exploit 8399 R D shinnai
2007-06-06 DRDoS - Distributed Reflection Denial of Service 8897 R D whoppix
2007-05-08 Opera 9.10 alert() Remote Denial of Service Exploit 7106 R D X Dj7xpl
2007-05-04 Multiple vendors ZOO file decompression Infinite Loop DoS PoC 3845 R D Jean-Sébastien
2007-04-23 Opera 9.2 (torrent File) Remote Denial of Service Exploit 7224 R D n00b
2007-04-13 Ettercap-NG 0.7.3 Remote Denial of Service Exploit 6333 R D evilrabbi
2007-04-11 Gran Paradiso 3.0a3 non-existent applet Denial of Service Exploit 6489 R D X shinnai
2007-03-29 Mozilla Firefox 2.0.0.3 / Gran Paradiso 3.0a3 DoS Hang / Crash Exploit 12110 R D shinnai
2007-03-25 Asterisk <= 1.2.16 / 1.4.1 SIP INVITE Remote Denial of Service Exploit 5091 R D MADYNES
2007-03-08 Snort 2.6.1.1/2.6.1.2/2.7.0 (fragementation) Remote DoS Exploit 6223 R D Antimatt3r
2007-03-04 PHP wddx_deserialize() String Append Crash Exploit 4527 R D Stefan Esser
2007-03-04 Asterisk <= 1.2.15 / 1.4.0 pre-auth Remote Denial of Service Exploit 4321 R D fbffff
2007-03-01 PHP 4 Userland ZVAL Reference Counter Overflow Exploit PoC 5827 R D Stefan Esser
2007-02-23 Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit 7397 R D Trirat Puttaraksa
2007-01-08 Opera <= 9.10 JPG Image DHT Marker Heap Corruption Vulnerabilities 10661 R D posidron
2006-12-19 Intel 2200BG 802.11 Beacon frame Kernel Memory Corruption Exploit 5245 R D Breno Silva Pinto
2006-12-18 wget <= 1.10.2 (Unchecked Boundary Condition) Denial of Service Exploit 6053 R D Federico L. Bossi Bonin
2006-12-10 Sophos Antivirus CHM File Heap Overflow PoC 3952 R D Damian Put
2006-12-10 Sophos Antivirus CHM Chunk Name Length Memory Corruption PoC 3580 R D Damian Put
2006-12-10 Sophos / Trend Micro Antivirus RAR File Denial of Service PoC 4276 R D Damian Put
2006-11-27 PHP <= 4.4.4/5.1.6 htmlentities() Local Buffer Overflow PoC 7217 R D Nick Kezhaya
2006-10-31 Mozilla Firefox <= 1.5.0.7/ 2.0 (createRange) Remote DoS Exploit 12228 R D X Gotfault Security
2006-10-19 Asterisk <= 1.0.12 / 1.2.12.1 (chan_skinny) Remote Heap Overflow (PoC) 5261 R D Noam Rathaus
2006-10-17 Clam AntiVirus <= 0.88.4 CHM Chunk Name Length DoS PoC 4157 R D Damian Put
2006-10-17 Clam AntiVirus <= 0.88.4 (rebuildpe) Remote Heap Overflow PoC 3909 R D Damian Put
2006-10-11 Kmail <= 1.9.1 (IMG SRC) Remote Denial of Service Vulnerability 5417 R D nnp
2006-09-27 OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit 27402 R D Tavis Ormandy
2006-09-05 dsock <= 1.3 (buf) Remote Buffer Overflow PoC 6535 R D X DaveK
2006-08-22 Mozilla Firefox <= 1.5.0.6 (FTP Request) Remote Denial of Service Exploit 13136 R D Tomas Kempinsky
2006-08-21 Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC 57570 R D Jacobo Avariento
2006-08-13 Opera 9 IRC Client Remote Denial of Service Exploit (c) 7059 R D Preddy
2006-08-13 Opera 9 IRC Client Remote Denial of Service Exploit (py) 5782 R D Preddy
2006-07-25 libmikmod <= 3.2.2 (GT2 loader) Local Heap Overflow PoC 5229 R D Luigi Auriemma
2006-07-01 Opera Web Browser 9.00 (iframe) Remote Denial of Service Exploit 6709 R D y3dips
2006-06-24 BitchX <= 1.1-final do_hook() Remote Denial of Service Exploit 5667 R D Federico L. Bossi Bonin
2006-06-21 Opera 9 (long href) Remote Denial of Service Exploit 10417 R D X N9
2006-06-02 Mozilla Firefox <= 1.5.0.4 (marquee) Denial of Service Exploit 14203 R D X n00b
2006-05-23 PunkBuster < 1.229 (WebTool Service) Remote Buffer Overflow DoS 6399 R D Luigi Auriemma
2006-05-23 netPanzer 0.8 rev 952 (frameNum) Server Terminiation Exploit 4789 R D Luigi Auriemma
2006-05-18 Mozilla Firefox <= 1.5.0.3 (Loop) Denial of Service Exploit 12852 R D X Gianni Amato
2006-05-17 libextractor <= 0.5.13 Multiple Heap Overflow PoC Exploits 5074 R D Luigi Auriemma
2006-04-24 Mozilla Firefox <= 1.5.0.2 (js320.dll/xpcom_core.dll) Denial of Service PoC 17697 R D X splices
2006-04-23 OpenTTD <= 0.4.7 (multiple vulnerabilities) Denial of Service Exploit 4503 R D Luigi Auriemma
2006-04-13 Mozilla Firefox <= 1.5.0.1, Camino <= 1.0 Null Pointer Dereference Crash 8487 R D X BuHa
2006-04-13 panic-reloaded TCP Denial of Service Tool 5531 R D hash
2006-03-28 RealPlayer <= 10.5 (6.0.12.1040-1348) SWF Buffer Overflow PoC 6212 R D Federico L. Bossi Bonin
2006-03-10 Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service 10741 R D str0ke
2006-02-11 Half-Life CSTRIKE Server <= 1.6 (non steam) Denial of Service Exploit 25219 R D Firestorm
2006-02-10 Invision Power Board <= 2.1.4 (Register Users) Denial of Service Exploit 29792 R D SkOd
2005-12-27 BZFlag <= 2.0.4 (undelimited string) Denial of Service Exploit 5542 R D Luigi Auriemma
2005-11-18 Macromedia Flash Plugin <= 7.0.19.0 (Action) Denial of Service Exploit 6858 R D BassReFLeX
2005-10-21 Net Portal Dynamic System <= 5.0 (register users) Denial of Service 5821 R D DarkFig
2005-10-17 Lynx <= 2.8.6dev.13 Remote Buffer Overflow Exploit (PoC) 5049 R D Ulf Harnhammar
2005-10-17 Mozilla (Firefox <= 1.0.7) (Mozilla <= 1.7.12) Denial of Service Exploit 10021 R D X Kubbo
2005-10-16 Mozilla (Firefox <= 1.0.7) (Thunderbird <= 1.0.6) Denial of Service Exploit 36099 R D X posidron
2005-10-16 Opera <= 8.02 Remote Denial of Service Exploit 7737 R D X posidron
2005-09-26 Mozilla Firefox <= 1.0.7 Integer Overflow Denial of Service Exploit 11306 R D X Georgi Guninski
2005-09-12 Snort <= 2.4.0 SACK TCP Option Error Handling Denial of Service Exploit 6628 R D nitr0us
2005-09-09 Mozilla Products (Host:) Buffer Overflow Denial of Service String 8938 R D X Tom Ferris
2005-08-23 Ventrilo <= 2.3.0 Remote Denial of Service Exploit (all platforms) 14060 R D Luigi Auriemma
2005-06-27 Stream / Raped Denial of Service Attack (win version) 4933 R D Marco Del Percio
2005-06-20 Apache <= 2.0.49 Arbitrary Long HTTP Headers Denial of Service 15831 R D Qnix
2005-06-09 Tcpdump bgp_update_print Remote Denial of Service Exploit 5102 R D simon
2005-05-21 TCP TIMESTAMPS Denial of Service Exploit 6268 R D Daniel Hartmeier
2005-05-07 Ethereal <= 0.10.10 (dissect_ipc_state) Remote Denial of Service Exploit 4954 R D Nicob
2005-04-26 Ethereal / tcpdump (rsvp_print) Infinite Loop Denial of Service Exploit 5536 R D vade79
2005-04-20 Multiple OS (win32/aix/cisco) Crafted ICMP Messages DoS Exploit 7505 R D houseofdabus
2005-04-19 PostgreSQL <= 8.01 Remote Reboot Denial of Service Exploit 5980 R D ChoiX
2005-03-14 Freeciv Server <= 2.0.0beta8 Denial of Service Exploit 4239 R D Nico Spicher
2005-03-08 Ethereal <= 0.10.9 "3G-A11" Remote Buffer Overflow Exploit 5405 R D Leon Juranic
2005-03-04 Apache <= 2.0.52 HTTP GET request Denial of Service Exploit 22830 R D GreenwooD
2005-02-24 WebConnect 6.4.4 - 6.5 Directory Traversal and Denial of Service Exploit 4473 R D Karak0rsan



send all submissions to submit[at]milw0rm.com [gpg]
Copyright © 2004-2009 milw0rm