Windows tcpip.sys is susceptible to a remote buffer overflow vulnerability. This module exploits the vulnerability and installs an agent on the target machine. This exploit is unreliable as depending on the activity on the target machines some will crash before an agent is installed. The module sends several thousands IP packets in the lapse of a few seconds. If the target doesn't receive most of the packets (due to network congestion or other causes), the exploit will fail. Only some specific kernel versions are supported by this module.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 SMTP Server Module (mercurys.dll) when processing arguments to the AUTH CRAM-MD5 command. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command.
This module allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 PH Server Module (mercuryh.dll). This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a fixed size memory buffer. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
This module allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 IMAPD Server Module (mercuryi.dll). This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a fixed size memory buffer. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
MediaWiki with DjVU or PDF file upload allows a remote attackers to execute arbitrary commands by exploting a bug in the with parameter in thumb.php while previewing the uploaded file.
This module exploits a remote command execution vulnerability in the service.exe service included in the Measuresoft ScadaPro application by sending a sequence of malformed packets to the 11234/TCP port.
This module exploits a buffer overflow vulnerability in the mDNSResponder service running on certain versions of Apple Mac OS X. The vulnerability is exploited remotely by sending a specially crafted UPnP Internet Gateway Device (IGD) packet and installing an agent.
This module exploits a stack-based buffer overflow in the MDaemon Email Server Server 9.64
This module exploits a buffer overflow in MDaemon IMAP server.
This module sends a 'USER' command at the service producing a heap buffer overflow and installs an agent.