This update improves reliability on Solaris.

A memory corruption vulnerability in the ChkNtfSock function of wins.exe allows remote code execution.

The WINS service listens on more than one UDP port (it listens on 42/udp and also on a dynamic UDP port).

This attack targets the dynamic udp port, thus it requires the identification of such dynamic port by the user.

This can be accomplished by running a port scanner module such as the 'Port Scanner - UDP' module.

Remote exploitation of a buffer overflow vulnerability in CitectSCADA allows for the remote execution of arbitrary code by attackers.

This module exploits a buffer overflow vulnerability in the database service (ibserver.exe) of the Borland InterBase 2007 application. The exploit triggers an integer overflow and causes a stack-based buffer overflow by sending a specially crafted packet to port 3050/TCP of the vulnerable system and installs an agent if successful.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing ASUS Remote Console.

This exploit disables DEP in the supported systems.

This module exploits a stack-based buffer overflow in the MDaemon Email Server 9.64.

This module exploits a buffer overflow vulnerability in the Apache Tomcat JK Web Server Connector and installs an agent. An attacker can use an overly long URL to trigger a buffer overflow in the URL work map routine (map_uri_to_worker()) in the mod_jk.so library, resulting in the compromise of the target system.



This package improves the reliability of the exploit.

This module exploits a stack-based buffer overflow in the MDaemon Email Server 9.64.

This update improves the reliability of the exploit.

This module exploits the random number generator in Debian's OpenSSL package being predictable. This vulnerability is used to generate SSH keys and to install an agent into the target host.