This module exploits a directory traversal vulnerability in the Document Conversions Launcher Service service included in the Microsoft Office SharePoint Server 2007 application by sending malformed packets. This module needs the hostname of the Document Conversions Launcher Service. In case the HOSTNAME parameter is left blank, this module first connects to the Document Conversions Load Balance Service to retrieve the hostnames of the registered Document Conversions Launcher Services.
Windows tcpip.sys is susceptible to a remote buffer overflow vulnerability. This module exploits the vulnerability and installs an agent on the target machine. This exploit is unreliable as depending on the activity on the target machines some will crash before an agent is installed. The module sends several thousands IP packets in the lapse of a few seconds. If the target doesn't receive most of the packets (due to network congestion or other causes), the exploit will fail. Only some specific kernel versions are supported by this module.
This module sends HTTP requests with specially crafted data making the ASP.NET subsystem consume lot of resources. This attack prevents the victim server from processing requests from legitimate clients and probably will make the server non-operational. The PATH parameter must point to a ASP.NET web page, wich they normally have a ".aspx" extension.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 SMTP Server Module (mercurys.dll) when processing arguments to the AUTH CRAM-MD5 command. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command.
This module allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 PH Server Module (mercuryh.dll). This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a fixed size memory buffer. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
This module allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 IMAPD Server Module (mercuryi.dll). This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a fixed size memory buffer. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
This module exploits a buffer overflow vulnerability in the mDNSResponder service running on certain versions of Apple Mac OS X. The vulnerability is exploited remotely by sending a specially crafted UPnP Internet Gateway Device (IGD) packet and installing an agent.
Subscribe to Impact