This module exploits a specific flaw in the Hewlett-Packard Graphics Language

filter. Inadequate bounds checking on the pen width and pen color

opcodes result in an arbitrary memory overwrite allowing for the

execution of arbitrary code as the "hgltops" process uid.

This module exploits a stack-based buffer overflow in the Alt-N Security Gateway by sending a specially crafted HTTP request to the TCP port 4000.

This update add the CVE number.

This module exploits a vulnerability in the Microsoft Server service sending a specially crafted RPC request. WARNING: This is an early release module.

This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

This module exploits a stack-based buffer overflow in the Alt-N Security Gateway by sending a specially crafted HTTP request to the TCP port 4000.

This module adds support for Windows 2000 Professional SP4.

This module exploits the random number generator in Debian's OpenSSL package being predictable. This vulnerability is used to generate SSH keys and to install an agent into the target host.



This update contains:

-Corrections of some documentation issues.

-Performance optimizations.

-New parameter for user's preferences.

This module exploits a remote vulnerability on the FIND_FIRTS2 SMB subcommand on the srv.sys driver.

Active Directory, which is an essential component of the Windows 2000 architecture, presents organizations with a directory service designed for distributed computing environments. Active Directory allows organizations to centrally manage and share information on network resources and users while acting as the central authority for network security.

The directory services provided by Active Directory are based on the Lightweight Directory Access Protocol (LDAP) and thus Active Directory objects can be stored and retrieved using the LDAP protocol.

A vulnerability in Active Directory allows an attacker to crash and force a reboot of any Windows 2000 Server running the Active Directory service.

This module exploits a remote command injection in the SNA RPC service included in Microsoft Host Integration Server. A remote attacker can exploit this vulnerability to execute arbitrary code and completely compromise the computer.

This module exploits a buffer overflow vulnerability in RealWin SCADA Server. This vulnerability can be exploited remotely by sending a specially crafted packet to port TCP/910.

This module exploits a buffer overflow vulnerability in the ovalarmsrv module of the HP OpenView Network NodeManager application. The exploit triggers a stack-based buffer overflow by sending a specially crafted packet to port 2954/TCP of the vulnerable system and installs an agent if successful. This module works disabling DEP on Windows 2003 Enterprise Edition sp2 in the context of the vulnerable application.