This module exploits a remote heap overflow in the Helix DNA Server (rmserver.exe) by sending a specially crafted RTSP packet to the 554/TCP port.
A stack overflow found in RabidHamster R4's web server by supplying a malformed HTTP request when generating a log.
This module exploits a buffer overflow vulnerability in Quick TFTP Server Pro when processing a very large mode field in a read or write request and installs an agent if successful. This vulnerability can be exploited remotely by sending a very long TFTP Error Packet to both service or standalone versions.
This module exploit PureFTPd service using Bash Command Injection Vulnerability (CVE 2014-6278). The module works if the service is handling the incoming authentication connections via a bash script.
This module exploit PureFTPd service using Bash Command Injection Vulnerability (CVE 2014-6271). The module works if the service is handling the incoming authentication connections via a bash script.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing PSOProxy. The vulnerability is caused due to a boundary error within PSOProxy when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
This module exploits a buffer overflow vulnerability during the processing of requested resources to cause a stack-based buffer overflow by requesting a resource with an overly long name.
This module exploits a remote vulnerability in the TCPUploadServer service included in the Movicon 11 application to install an agent by writing and running an executable file.
An off-by-two heap overflow exists in ProFTPD 1.2.7 to 1.2.9rc1 and 1.2.7p to 1.2.9rc1p. This bug can only be exploited if there is a writable directory on the FTP server. This module uses two different techniques in order to exploit the bug, depending on the glibc version (new glibc versions use a modified malloc implementation). Once the bug has been exploited, full root capabilities are regained (chroot can therefore be broken thanks to the appropriate module).
The vulnerability is caused due to a boundary error while reading Telnet IAC. This can be exploited to cause a stack-based buffer overflow by sending an overly long, specially-crafted telnet IAC to the affected server.