This module exploits a buffer overflow in the FTP server in Microsoft Internet Information Server (IIS) via a crafted NLST command that uses wildcards.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

This module exploits a remote denial of service condition by sending a specially crafted SMB 2.0 packet to the target machine. Windows Vista and 7 are affected by this problem.



This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

This module exploits a vulnerability in Oracle WebLogic IIS Connector when sending a specially crafted POST message with a specially JSESSIONID cookie.

This exploit forces the IIS process inetinfo.exe to throw an unhandled exception. IIS' behavior depends on the operating system version, its configuration and the system-wide debugger specified in the registry.



By default under Windows 2000 Advanced Server 2000 the server will automatically restart. Under Windows 2000 Professional a message box will pop up in the console and the server will not be restarted until a user presses [OK].



WARNING: This is an early release module.

This is not the final version of this module.

It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

This update applies missing attributes to a small number of exploits to ensure they are correctly selected by the Rapid Penetration Test Wizards.

This update corrects a typo defining invalid characters for the egg in some remote exploits, and improves the reliability of Now SMS MMS Gateway Web Authorization Buffer Overflow Exploit on Windows 2000 targets.

A vulnerability exists in the TinyMCE editor, included in the tiny browser plugin, which allows uploading files without authentication. This can be exploited to upload files with multiple extensions and execute arbitrary PHP code.

This update improves the way Denial of Service exploits show their success status in their module log output.

This module exploits a buffer overflow vulnerability in the Intel Alert Originator service by sending a specially crafted packet to the 38292/TCP port.

Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition (aka SugarCRM) before 5.2f allows remote authenticated users to execute arbitrary code by uploading a file with only an extension in its name, then accessing the file via a direct request to a modified filename under cache/modules/Emails/, as demonstrated using .php as the entire original name.