The vulnerability is caused due to a boundary error within the handling of HTTP POST requests. This may allow execution of arbitrary code by sending an overly long, specially crafted HTTP POST request to the server.
This module exploits a remote memory corruption on IBM Tivoli Storage Manager FastBack by sending a specially crafted sequence of packets to the affected application.
An important vulnerability has been identified in ColdFusion version 8.0, 8.0.1, 9.0, 9.0.1 for Windows, Macintosh and UNIX. This directory traversal vulnerability could lead to information disclosure (CVE-2010-2861). Adobe has provided a solution for this reported vulnerability. It recomends that users update their product.
This module exploits a Chuggnutt HTML to Text Converter preg_replace using eval switch in multiple web applications in order to install an agent.
Currently, this module supports AtMail Open and RoundCube Webmail.
Currently, this module supports AtMail Open and RoundCube Webmail.
This module exploits a Windows kernel remote vulnerability on the srv.sys driver via a malformed SMB packet.
It could allow an attacker to connect to a shared folder and send a specially crafted SMB message to an affected system exploiting the target and installing an agent.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
It could allow an attacker to connect to a shared folder and send a specially crafted SMB message to an affected system exploiting the target and installing an agent.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
File Sharing Wizard is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
This module exploits an authentication bypass in the login.php in vulnerable versions of Oracle Secure Backup in order to execute arbitrary code via command injection parameters.
This module exploits a stack-based buffer overflow in the webappmon.exe CGI application, a component of HP OpenView Network Node Manager, by sending an HTTP request with an invalid value for the OvJavaLocale parameter.
This module exploits command injection vulnerability in Symantec AMS Intel Handler Service and install an agent into the target machine.
nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.