Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer", possibly a buffer overflow.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing NaviCOPA. The vulnerability is caused due to a boundary error within the handling of HTTP GET requests. This may allow execution of arbitrary code by sending an overly long, specially crafted HTTP GET request to the server.

After successful exploitation an agent will be installed.

This module exploits a remote buffer-overflow in MySQL servers using the yaSSL library. The overflow is located in the 'ProcessOldClientHello' function on the yaSSL library.

This module exploits a remote buffer-overflow in MySQL servers using the yaSSL library. The overflow is located in the 'ProcessOldClientHello' function on the yaSSL library.

MySQL server has been reported prone to a buffer overflow vulnerability when handling user passwords of excessive size. The issue presents itself, due to a lack of sufficient bounds checking performed when processing MySQL user passwords. A password greater that 16 characters may overrun the bounds of a reserved buffer in memory and corrupt adjacent memory. An attacker with global administrative privileges on an affected MySQL server may potentially exploit this condition to have arbitrary supplied instructions executed in the context of the MySQL server. This exploit takes advantage of the described vulnerability in order to install an agent.

MySQL is reported prone to multiple vulnerabilities that can be exploited together by a remote authenticated attacker to execute arbitrary code. This exploit takes advantage of an input validation vulnerability that can be exploited by remote users that have INSERT and DELETE privileges on the 'mysql' administrative database.

A backdoor introduced in the source code of MyBB 1.6.4 allows remote unauthenticated attackers to execute arbitrary PHP code on systems running vulnerable installations of MyBB.

This module exploits a stack buffer overflow in the Workstation Service. This service is accessible via several RPC transports: TCP ports 139 and 445.

This module exploits a stack buffer overflow in the Workstation Service. This service is accessible via several RPC transports: TCP ports 139 and 445, dynamically assigned TCP or UDP ports over 1024. When a dynamic port is selected this exploit will try ports in the range from 1024 to 1056, where the WKSSVC is usually listening.