A Remote Code Execution (RCE) vulnerability has been found in filter/tex/texed.php. Due to the fact this file does not properly check the input parameters, it is possible to exploit this vulnerability in order to execute arbitrary commands on the target server. In order to exploit this vulnerability register_globals must be enabled (in PHP), magic_quotes must be disabled, and the TeX Notation filter in Moodle must be turned on.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing MiniShare. The vulnerability is caused due to a boundary error within MiniShare when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on a server running MinaliC. The vulnerability is caused due to a boundary error within MinaliC when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
A memory corruption vulnerability in the ChkNtfSock function of wins.exe allows a privilege escalation.
A memory corruption vulnerability in the ChkNtfSock function of wins.exe allows remote code execution.
When the SMTP Client ( this module ) sends an email to "[email protected]", the SMTP Server tries to resolve the IP of "caronte.com" domain. In that moment, the SMTP Server sends a DNS request to the configured DNS Server. This module tries to send a response to the SMTP Server before the configured DNS Server does. As the vulnerable target doesn't check the DNS response "Transaction IDs", if a spoofed response is processed before that a real response the SMTP Server finishes sending an email to a SMTP Server indicated by the spoofed DNS response.
This module exploits a Windows kernel remote vulnerability on the srv.sys driver via a malformed SMB packet. It could allow an attacker to connect to a shared folder and send a specially crafted SMB message to an affected system exploiting the target and installing an agent.
This module exploits a vulnerability on srv2.sys via a SMB negociation packet.
This module exploits an impersonation vulnerability on "spoolsv.exe" ( Microsoft Windows Print Spooler ) by first sending a job to the shared printer which overwrites a DLL printer driver with an arbitrary one, and then another job which causes the shared printer to load it and install an agent on the target system.
This module exploits a buffer overflow vulnerability in the EnumeratePrintShares function in the Print Spooler Service in Microsoft Windows to install an agent in the target machine.