A boundary error in the Unite Host Router service (UniteHostRouter.exe) when processing certain requests can be exploited to cause a stack-based buffer overflow.
Serva32 is prone to a denial of service vulnerability when handling malformed GET commands.
This module exploits a remote code execution vulnerability in HP Rational Quality Manager by using an undocumented user account to upload an arbitrary file.
This module exploits a vulnerability on Microsoft WINS service by sending a request packet followed by a RESET connection packet.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs
or have limited functionality and may not have complete or accurate documentation.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs
or have limited functionality and may not have complete or accurate documentation.
By including shell meta characters within the second parameter to the 'urt_test_url' XML-RPC methodCall, an attacker can execute arbitrary commands. The service typically runs with root privileges.
This module hangs the BakBone NetVault SmartDisk Server because it fails to properly handle user-supplied malformed packets.
This module exploits a remote code execution vulnerability in Tomcat Web Server by using an default user account to upload an arbitrary file.
This module exploits a vulnerability in the Client System Analyzer component of the Oracle Database Server.
This module exploits a remote stack-based buffer overflow in IGSSdataServer by sending a malformed packet to the 12401/TCP port.
This version add CVE.
This version add CVE.
This module exploits a path traversal vulnerability in Novell ZENworks Asset Management.
The specific flaw exists within a servlet provided within the Novell Zenworks distribution for uploading files. When processing the path name for the file, the servlet will allow a user to inject path traversal entities into the filename. Then, when the servlet downloads the provided file, the destination will store it to the user-provided location.
The specific flaw exists within a servlet provided within the Novell Zenworks distribution for uploading files. When processing the path name for the file, the servlet will allow a user to inject path traversal entities into the filename. Then, when the servlet downloads the provided file, the destination will store it to the user-provided location.