This module exploits a buffer overflow vulnerability in the database service (fbserver.exe) of the FireBird SQL application. The exploit triggers a stack-based buffer overflow by sending a specially crafted packet with a malformed "username" value to port 3050/TCP of the vulnerable system and installs an agent if successful.

This module exploits a stack buffer overflow vulnerability in the Sourcefire Snort DCE/RPC preprocessor. An unauthenticated, remote attacker can exploit this vulnerability to execute arbitrary code with the privileges of the Snort process.



This update adds support for Redhat Enterprise Linux 4 and FreeBSD 6.2 on Impact 7.5

This update adds support for Linux, Freebsd and additional MySQL versions.

This update adds the CVE number of the vulnerability to the module.

This update adds the vulnerability name to reports.

This module installs an agent using a remote command-injection vulnerability located in the database server.

This module exploits a remote buffer-overflow in MySQL servers using yaSSL.

This module exploits a command injection error in the function runScripts in vdccm (SynCE daemon), reached through an information message remote request.

This module exploits a vulnerability in ISC DHCP Server. The vulnerability is caused due to the improper handling of DHCP requests within dhcpd in the cons_options() function in options.c. This causes a stack-based buffer corruption by sending a specially crafted DHCP request specifying a maximum message size smaller than 278 bytes.



This update adds support for Linux.

The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism.