This module exploits a buffer overflow vulnerability in the handling of Error Packet for overwrite all the .bss section and some portion of the .idata section. An agent is installed if successful. This vulnerability can be exploited remotely by sending a very long TFTP Error Packet in service or standalone version.
This module exploits a buffer overflow vulnerability in the handling of Error Packet for overwrite all the .bss section and some portion of the .idata section. and installs an agent if successful. This vulnerability can be exploited remotely by sending a very long TFTP Error Packet in service or standalone version.
This module exploits a stack based buffer overflow on Sysax Multi Server when parsing an overly long username at the beginning of an SSH session.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing Sync Breeze Server. A remote user can send specially crafted data to TCP port 9121 to trigger a stack overflow and execute arbitrary code on the target system.
A vulnerability exists in the ManagementAgentServer.putFile XMLRPC call exposed by the as_agent.exe service, which allows for uploading arbitrary files under the server root. This module abuses the auto deploy feature in the JBoss as_ste.exe instance in order to achieve remote code execution. Abused services listen on a single machine deployment, and also in the backend role in a multiple machine deployment.
The AMS2 (Alert Management Systems 2) component of multiple Symantec products is prone to a remote command-execution vulnerability because the software fails to adequately sanitize user-supplied input. A remote user can send specially crafted data to TCP port 12174 to execute arbitrary commands on the target system.
This module exploits a buffer overflow vulnerability in Symantec Client Security 3.x and Symantec Antivirus Corporate Edition 10.x that allows a remote un-authenticated attacker to compromise the target system and obtain system privileges.
This module exploits a remote buffer overflow in the awhost32 service included in the Symantec PCAnywhere application by sending a crafted packet with a long username to TCP port 5361.
This module exploits a buffer overflow vulnerability in the Intel Alert Originator service by sending a specially crafted packet to the 38292/TCP port.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the Centennial Software XFERWAN component. Authentication is not required to exploit this vulnerability.