This module exploits the following vulnerability: during a null pointer dereference in relation with special crafted IP datagrams. If the firewall handles such a packet the kernel panics.

This module exploits the following vulnerability, as described by the CVE database: "A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice."

This module exploits a vulnerability in ISC DHCP Server. The vulnerability is caused due to the improper handling of DHCP requests within dhcpd in the "cons_options()" function in options.c. This causes a stack-based buffer corruption by sending a specially crafted DHCP request specifying a maximum message size smaller than 278 bytes. This module, if successful, will leave the DHCP daemon unavailable.

This module exploits a NULL pointer dereference in NVIDIA Reality Server Software, when a crafted package is send to port 1935.

This module shuts down the novell-tftp.exe server because it fails to properly handle user-supplied malformed packets.

nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.

This module exploits a vulnerability in the Microsoft Windows NAT Helper Component (ipnathlp.dll) when Internet Connection Sharing is enabled, sending a specially crafted DNS query.

This module exploits an improperly memory free by sending a specially crafted RPC packet to cause a DoS condition on the target machine.

This module exploits a stack buffer overflow in the Microsoft Windows Plug and Play service and crashes services.exe.

This module exploits an incorrect check in the MIDL_user_allocate function of MSDTCPRXY.DLL to crash the MSDTC service.