This update improves the functionality of the impact agent running in windows 2000.
The specific flaw exists within the edit_lf_process resource of the AccuRev Reprise License Manager service. The issue lies in the ability to write arbitrary files with controlled data. An attacker could leverage this vulnerability to execute arbitrary code under the context of SYSTEM.
The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. This module works if map:map_yp_alias is set as the imap server address in config.php, which is not the default setting.
This update improves os detection and adds runtime cost.
This update improves os detection and adds runtime cost.
This update introduces an OS Command Injection Exploit for the "Wordpress Landing Pages" plugin.
This update introduces an exploit for Apache ActiveMQ. The vulnerable versions present a path traversal vulnerability in default instalations that allows writing files to arbitrary filesystem locations, with the permissions of the user running the ActiveMQ process.
This module leverages the vulnerability to install an agent. This exploit doesn't require authentication.
The vulnerability is only present when the application is running in a Windows system.
This module leverages the vulnerability to install an agent. This exploit doesn't require authentication.
The vulnerability is only present when the application is running in a Windows system.
This module exploits a vulnerability in the Linux apport application. The apport application can be forced to drop privileges to uid 0 and write a corefile anywhere on the system. This can be used to write a corefile with crafted contents in a suitable location to gain root privileges.
This updates improves the way some files are cleaned up after a failed exploitation attempt.
This updates improves the way some files are cleaned up after a failed exploitation attempt.
A specially crafted argument to makeMeasurement will leave objects in an inconsistent state and can produce a Buffer Overflow. This data can later be retrieved via a call to dumpMeasureData.
Finally using NSendApprovalToAuthorEnabled method it is possible to bypass the Javascript API restrictions.
Finally using NSendApprovalToAuthorEnabled method it is possible to bypass the Javascript API restrictions.
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."
This module exploit three different vulnerabilities in Symantec Endpoint Protection Manager (SEPM) in order to install an agent on a vunlerable target machine.
CVE-2015-1486 allows unauthenticated attackers access to SEPM.
CVE-2015-1487 allows reading and writing arbitrary files, resulting in the execution of arbitrary commands with 'NT Service\semsrv' privileges.
CVE-2015-1489 allows the execution of arbitrary OS commands with 'NT Authority\SYSTEM' privileges.
CVE-2015-1486 allows unauthenticated attackers access to SEPM.
CVE-2015-1487 allows reading and writing arbitrary files, resulting in the execution of arbitrary commands with 'NT Service\semsrv' privileges.
CVE-2015-1489 allows the execution of arbitrary OS commands with 'NT Authority\SYSTEM' privileges.
This module exploits a vulnerability in "atmfd.dll" Windows driver by loading a crafted OTF font.
This update adds support to Windows 8 and Windows 2012.
This update adds support to Windows 8 and Windows 2012.