This module exploits a stack-based buffer overflow in the Ipswitch Imail Server 2006.0 and 2006.1
This module exploits a stack-based buffer overflow in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS).
This module exploits a buffer overflow present in RtlDosPathNameToNTName_U!ntdll.dll used by IIS WebDAV.
After successful exploitation, this module executes an agent as the unprivileged IUSR or IWAM user.
After successful exploitation an agent will be installed. The process being exploited is usually run as an IUSR or IWAM user, specially created for IIS to answer anonymous requests. If this condition is present, the newly deployed agent will run with an unprivileged user. In most cases, the RevertToSelf Win32 API call can be used, available with the RevertToSelf module (see "RevertToSelf") to replace the current process access token with the saved one, usually SYSTEM, thus, effectively gaining full control of the target host.
After successful exploitation an agent will be installed. The process being exploited is usually run as an IUSR or IWAM user, specially created for IIS to answer anonymous requests.
The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request.
This module exploits a vulnerability in the MSADCS.DLL library of the Microsoft Data Access Components (MDAC) used by the Microsoft IIS Server. By default remote access to this component is not granted but if the Remote Data Services (RDS) are enabled this exploit could be used to enter into the target machine. This exploit could be also used to escalate privileges in the target machine if the source agent is the same machine. After successful exploitation an agent will be installed.
After successful exploitation an agent will be installed. The process being exploited is usually run as an IUSR or IWAM user, specially created for IIS to answer anonymous requests. If this condition is present, the newly deployed agent will run with an unprivileged user.
Microsoft IIS is prone to a remote stack-based buffer-overflow vulnerability affecting the application's FTP server. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.