This module exploits a stack based buffer overflow handling the mail headers in the OWA (Outlook Web Access) service when processing meeting requests of Exchange Server clients (MS06-019).

This update excludes this exploit from rpt.

The Apache HTTP Server, commonly referred to as Apache, is a popular open source web server software. mod_isapi is a core module of the Apache package that implements the Internet Server extension API. The extension allows Apache to serve Internet Server extensions (ISAPI .dll modules) for Microsoft Windows based hosts. By sending a specially crafted request followed by a reset packet it is possible to trigger a vulnerability in Apache mod_isapi that will unload the target ISAPI module from memory. However function pointers still remain in memory and are called when

published ISAPI functions are referenced. This results in a dangling pointer vulnerability.

OpenBSD's PF is prone to a remote denial-of-service vulnerability.

Exploiting this issue allows remote attackers to cause a kernel panic on affected computers, denying further service to legitimate users.



This update improves reliability in Impact 10.

This module exploits a buffer overflow vulnerability in the T38FaxRateManagement parameter when parsing SIP/SDP requests in 1.4.x prior to 1.4.3.

This update improves the reliability of the module.

This module exploits a vulnerability in the CamShot Module (camshot.exe) that can be exploited to cause a stack-based buffer overflow by sending a specially crafted, overly long HTTP GET request to TCP port where the server is listening.

This module exploits a buffer overflow vulnerability in the mDNSResponder service running on certain versions of Apple Mac OS X. The vulnerability is exploited remotely by sending a specially crafted UPnP Internet Gateway Device (IGD) packet and installing an agent.

This update adds port parameter.

This module exploits a buffer overflow vulnerability in the EnumeratePrintShares function in the Print Spooler Service in Microsoft Windows to install an agent in the target machine.



This update adds TCP Spoofing Listener capabilities.

The vulnerability is caused due to a boundary error in the included web server when processing HTTP requests. This can be exploited to cause a stack-based buffer overflow via an overly long GET request.

This update adds shared folders detection.



This module exploits a vulnerability on srv.sys when it executes a rename command into shared folder using a long pathname.

Tembria Server vulnerability is caused due to an error in the processing of HTTP requests sent to the included web server.