This module exploits a stack overflow in InterSystems Cache by sending a specially crafted GET request.
This module exploits a command injection vulnerability in Interactive Graphical SCADA System and install an agent into the target machine.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing Integard Home and Pro. The vulnerability is caused due to a boundary error within the handling of HTTP POST requests. This may allow execution of arbitrary code by sending an overly long, specially crafted HTTP POSTrequest to the server.
The flaw exists in the Remote Agent (CEServer.exe) that listens by default on TCP port 4322, the process can not perform any authentication and copy the packages designed to a fixed size buffer.
This module exploits a stack-based buffer overflow in the Ipswitch Imail Server 2006.0 and 2006.1
This module exploits a stack-based buffer overflow in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS).
This module exploits a buffer overflow present in RtlDosPathNameToNTName_U!ntdll.dll used by IIS WebDAV.
After successful exploitation, this module executes an agent as the unprivileged IUSR or IWAM user.
After successful exploitation an agent will be installed. The process being exploited is usually run as an IUSR or IWAM user, specially created for IIS to answer anonymous requests. If this condition is present, the newly deployed agent will run with an unprivileged user. In most cases, the RevertToSelf Win32 API call can be used, available with the RevertToSelf module (see "RevertToSelf") to replace the current process access token with the saved one, usually SYSTEM, thus, effectively gaining full control of the target host.
After successful exploitation an agent will be installed. The process being exploited is usually run as an IUSR or IWAM user, specially created for IIS to answer anonymous requests.