This module exploits a privilege escalation vulnerability on VMware Fusion.

WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

This module exploits a vulnerability in Avast Antivirus ASWMON.SYS driver when handling a specially crafted IOCTL request. The vulnerability allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters.

There is an authentication vulnerability in the Windows debugging subsystem (smss). This allows any user to obtain a handle with any access of any process running. With this handle an agent is injected in a SYSTEM process.

The update fixes an issue using Import *

This module exploits a vulnerability in Microsoft Message Queue Service driver (MQAC.SYS). The IOCTL handler in the MQAC.SYS device driver allows local users to overwrite memory via malformed Interrupt Request Packet (Irp) parameters.

XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler. This allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls.

This module exploits a stack buffer overflow vulnerability present in Microsoft Internet Information Server versions 5.1 through 6.0.



This update makes the name of the file used random to improve reliability, as well as avoid a system error when the file is used. It also adds the possibility of deploying multiple agents.

FreeBSD is prone to multiple stack-based buffer-overflow vulnerabilities because the kernel fails to perform adequate boundary checks on user-supplied data.



If the system is configured to allow unprivileged users to mount file

systems, it is possible for a local adversary to exploit this

vulnerability and execute code in the context of the kernel.

This module exploits a race condition vulnerability in PulseAudio on Linux systems to gain elevated privileges.

This Update adds support to Microsoft Windows XP and 2003.



This module takes advantage of an insufficient library path check in spoolsv.exe service to load a dll from an arbitrary directory with System user privileges.

This module exploits a vulnerability in the way that Microsoft Windows manages the RPCSS service and improperly isolates processes running under the NetworkService or LocalService accounts. This can be exploited to execute arbitrary code with System privileges.