Exploits a stack buffer overflow in the Lotus Domino IMAP Server after authentication. This exploit creates a subscription to a mailbox with a long name in the IMAP server, and then sends a LSUB command that triggers the overflow. After trying to deploy an agent, the module tries to unsubscribe from the mailbox. If the module is unable to unsubscribe it will try again the next time the module is run against the same target. The IMAP server may crash. In that case the user will still be subscribed to the mailbox and the server will crash again when the user sends a LSUB command. The module has an option called ACTION to unsubscribe from the mailbox and stop this behavior.
Exploits a stack buffer overflow in the Lotus Domino IMAP Server.
This module exploits a buffer overflow vulnerability in Light HTTPD Daemon. This vulnerability can be exploited remotely by sending a specially crafted packet to port TCP/3000.
This module exploits a file upload vulnerability in the LANDesk Lenovo ThinkManagement Console. Unrestricted file upload in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console allows remote attackers to execute arbitrary code by uploading a file with an executable extension via a PutUpdateFileCore command in a RunAMTCommand SOAP request.
This module exploits a buffer overflow vulnerability in the Alert Service (aolnsrvr.exe) component of LANDesk Management Suite 8.7 and installs an agent if successful. This vulnerability can be exploited remotely by sending a specially crafted packet to port UDP/65535.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing Kolibri Web Server. The vulnerability is caused due to a boundary error within Kolibri Web Server when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing Kolibri Web Server. The vulnerability is caused due to a boundary error within Kolibri Web Server when processing HTTP POST Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability.
An internal memory buffer may be overrun while handling "HEAD" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the Kolibri webserver process (Kolibri.exe).
KingView Scada is vulnerable to a buffer overflow error in the HistorySvr.exe module when processing malformed packets sent to port 777/TCP. This update adds new indirection using shell32.dll version 6.0.0.2900.5512.
Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.