This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing AVID Media Composer. A remote user can send specially crafted data to TCP port 4659/4660 (AvidPhoneticIndexer.exe) to trigger a stack overflow and execute arbitrary code on the target system.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing Avaya Windows Portable Device Manager (WinPDM). A remote user can send specially crafted data to UDP port 3217 (UniteHostRouter.EXE) to trigger a stack overflow and execute arbitrary code on the target system.
This module upload and execute a file in Avaya IP Office and installs an agent into the target host.
This module exploits a buffer overflow vulnerability during the processing of TFTP Read/Write request packet types. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet with an overly long filename field.
A path traversal vulnerability affects the Issue Collector plugin in Atlassian JIRA. This module exploits that vulnerability to achieve remote code execution. The installed agent will have SYSTEM privileges.
This module exploits a remote code execution vulnerability in the XWork component of Atlassian FishEye, by sending specially crafted HTTP requests to the port 8060/TCP. The ParametersInterceptor class of the XWork framework, part of the Struts 2 web framework, as shipped with Atlassian FishEye, does not properly restrict access to server-side objects. This can be exploited by remote unauthenticated attackers to modify server-side objects and finally execute arbitrary commands via specially crafted OGNL (Object-Graph Navigation Language) expressions.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing ASUS Remote Console. The vulnerability is caused due to a boundary error within ASUS Remote Console. A buffer-overflow vulnerability is located in the function which gets the data received from the client, store it in a stack buffer of about 1024 bytes and checks the presence of an end of line delimiter (carriage return).
This module exploits a buffer overflow vulnerability in the T38FaxRateManagement parameter when parsing SIP/SDP requests in 1.4.x prior to 1.4.3. After successful exploitation an agent will be installed. The process being exploited is usually run as root.
This exploit takes advantage of various vulnerabilities and default permissions in the affected versions of the Arkeia Network Backup Software. In the target setup the exploit attempts to gather specific information about the target: the remote operating system, the Arkeia Network Backup version, the target system's name; and attempts to download and analyze a loaded PE file by the Arkeia Network Backup Client to find certain patterns of reusable code loaded in memory. In the attack setup the exploit decides how the target will be exploited in the most successful way using the information gathered in the attack setup.
This module sends to the target a crafted NetWkstaTransportEnum SMB Request exploiting a heap overflow.