A buffer overflow vulnerability exists in the Private Communications Transport (PCT) protocol. Systems running any Microsoft SSL capable service are vulnerable.
This module exploits a vulnerability in Microsoft SQL Server. After successful exploitation an agent will be installed.
This module exploits a vulnerability in the Microsoft SQL Server. After successful exploitation an agent will be installed. If the attack was not successful, the server might stop responding (one-shot-exploit).
Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 encodings that cause arbitrary heap data to be overwritten.
This vulnerability allows remote attackers to execute arbitrary code on installations of Soulseek Server, which can be exploited by malicious people to compromise a vulnerable system. Soulseek Server is prone to a stack-based buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data. Specifically, this issue occurs when performing a direct peer file search.
This module exploits a remote stack-based buffer overflow in pdmwService by sending a malformed packet to the 30000/TCP port.
This module exploits a vulnerability in the SolarWinds Storage Manager Server. The LoginServlet page available on port 9000 is vulnerable to SQL injection via the loginName field. An attacker can send a specially crafted username and execute arbitrary SQL commands leading to remote code execution.
This module exploits a remote buffer overflow in the SNMPc Network Manager by sending a specially crafted Trap packet with a long Community String to the UDP port 164 and installs an agent if successful.
There is a buffer overflow vulnerability in the Microsoft Windows Messenger service. This allows an attacker to execute arbitrary code with System privileges. The vulnerability is triggered by sending a malformed message to the vulnerable host. Manipulating the length of the packet allows portions of the heap memory to be overwritten with user defined data.
SlimFTPd server is prone to a stack buffer overflow when sending a LIST command with an overly-long argument. The attacker needs to be authenticated, so a successful login is required for the exploit to work.