LPRng contains a function, use_syslog(), that returns user input to a string in LPRng that is passed to syslog() as the format string. As a result, it is possible to corrupt the program's flow of execution by entering malicious format specifiers.

This module exploits a buffer overflow vulnerability in Light HTTPD Daemon. This vulnerability can be exploited remotely by sending a specially crafted packet to port TCP/3000.

This module exploits a header overflow vulnerability in lighttpd when using fast_cgi module in lighttpd before version 1.4.18. The vulnerability allows to modify PHP headers. This module modifies the SCRIPT_FILENAME PHP header to run arbitrary files in the PHP interpreter. This module will send a request to the server with a HTTP Referer header with PHP code that is written on the log file by the lighttpd server. Then the module searches for the lighttpd log file in the web server using the vulnerability. Then the module executes the lighttpd log file as a PHP script using the vulnerability, and installs a new agent in the server.

This module exploits a file upload vulnerability in the LANDesk Lenovo ThinkManagement Console. Unrestricted file upload in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console allows remote attackers to execute arbitrary code by uploading a file with an executable extension via a PutUpdateFileCore command in a RunAMTCommand SOAP request.

This module exploits a buffer overflow vulnerability in the Alert Service (aolnsrvr.exe) component of LANDesk Management Suite 8.7 and installs an agent if successful. This vulnerability can be exploited remotely by sending a specially crafted packet to port UDP/65535.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing Kolibri Web Server. The vulnerability is caused due to a boundary error within Kolibri Web Server when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing Kolibri Web Server. The vulnerability is caused due to a boundary error within Kolibri Web Server when processing HTTP POST Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.

An internal memory buffer may be overrun while handling "HEAD" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the Kolibri webserver process (Kolibri.exe).

KingView Scada is vulnerable to a buffer overflow error in the HistorySvr.exe module when processing malformed packets sent to port 777/TCP. This update adds new indirection using shell32.dll version 6.0.0.2900.5512.

Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.