This module exploits a vulnerability in Citrix NetScaler server. Citrix NetScaler is prone to a memory-corruption vulnerability when handling certain SOAP requests.
The bdfReadCharacters() function in the libXfont component of X.Org is prone to a stack-based buffer overflow vulnerability when parsing a specially crafted BDF font file.
This vulnerability can be exploited by a local unprivileged attacker to gain root privileges.
This vulnerability can be exploited by a local unprivileged attacker to gain root privileges.
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
This module exploits a vulnerability in FreeBSD.
The FreeBSD virtual memory system allows files to be memory-mapped. All or parts of a file can be made available to a process via its address space.
The process can then access the file using memory operations rather than filesystem I/O calls. Due to insufficient permission checks in the virtual memory system, a tracing process (such as a debugger) may be able to modify portions of the traced process's address space to which the traced process itself does not have write access.
The FreeBSD virtual memory system allows files to be memory-mapped. All or parts of a file can be made available to a process via its address space.
The process can then access the file using memory operations rather than filesystem I/O calls. Due to insufficient permission checks in the virtual memory system, a tracing process (such as a debugger) may be able to modify portions of the traced process's address space to which the traced process itself does not have write access.
This module exploits a kernel memory corruption in the Linux compatibility layer.
The NFS client subsystem in FreeBSD fails to correctly validate the length of a parameter provided by the user when a filesystem is mounted. This may cause a kernel stack overflow that can be exploited by local users to gain root privileges.
On Intel CPUs, sysret to non-canonical addresses causes a fault on the sysret instruction itself after the stack pointer is set to guest value but before the current privilege level (CPL) is changed. FreeBSD is vulnerable to this issue due to insufficient sanity checks when returning from a system call. This module exploits the vulnerability and installs an agent with root privileges.
This module exploits an argument injection vulnerability in PHP up to version 5.3.12 and 5.4.2 when running as a standalone CGI processor and takes advantage of the -d flag to achieve remote code execution.
This update adds support for FreeBSD, OpenBSD, RedHat and Windows platforms.
This update adds support for FreeBSD, OpenBSD, RedHat and Windows platforms.
This module exploits an argument injection vulnerability in PHP up to version 5.3.12 and 5.4.2 when running as a standalone CGI processor and takes advantage of the -d flag to achieve remote code execution.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This module sends HTTP requests with specially crafted data making the
PHP interpreter to consume lot of resources. This attack prevents the
victim server from processing requests from legitimate clients and
probably will make the server non-operational.
This is update fixes an issue when launching the module from an agent running in a linux system.
PHP interpreter to consume lot of resources. This attack prevents the
victim server from processing requests from legitimate clients and
probably will make the server non-operational.
This is update fixes an issue when launching the module from an agent running in a linux system.