This update fixes the failure when running this module on multiple systems.
GE Proficy Historian is prone to a Code execution vulnerability in the KeyScript ActiveX control from keyhelp.ocx. The function LaunchTriPane use the -decompile option and can be abused to write arbitrary files on the remote system.
This update adds support to Impact 12.5
This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters.
When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption.
This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters.
When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption.
This module exploits two vulnerabilities in HP SiteScope to gain remote code execution. The first vulnerability is an authentication bypass in the getSiteScopeConfiguration operation available through the APISiteScopeImpl AXIS service to grab the administrator credentials from the server running HP SiteScope. The second vulnerability is a directory traversal in the UploadFileHandler url that allows to upload files to the server into a directory that allows for scripting.
On Intel CPUs, sysret to non-canonical addresses causes a fault on the sysret instruction itself after the stack pointer is set to guest value but before the current privilege level (CPL) is changed. Windows is vulnerable due to the way the Windows User Mode Scheduler handles system requests. This module exploits the vulnerability and installs an agent with root privileges.
This update adds support to Debian 6.0.0 and adds support for attacking IPv6 targets.
This module exploits a heap overflow bug in Samba Server by sending a crafted request packet via DCERPC call.
This module exploits a heap overflow bug in Samba Server by sending a crafted request packet via DCERPC call.
This module exploits a vulnerability in the PlayerPT.ocx module included in the Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera application. The exploit is triggered when the SetSource() method processes a crafted argument resulting in a buffer overflow.
This update improves the xml of the module to be compatible with new product functionality.
This update improves the xml of the module to be compatible with new product functionality.
A Buffer Overflow exists in the Oracle Outside SDK when the XPM image processing method does not properly validate the length of chars_per_pixel string within XPM images. This suite is used for 3rd party applications like Quick View Plus.
TurboFTP Server is prone to a buffer-overflow when processing a malformed PORT command.
Type Confusion vulnerability in XGO.ocx ActiveX control in HP Lifecycle Management in the method SetShapeNodeType allowing user-specified memory to be used as an object.