This module exploits a remote command execution vulnerability in the Zope web application server used by Plone, by sending a specially crafted HTTP request to the affected web site.



The vulnerability exists because it is possible to remotely invoke the popen2 function from the Python os package with arbitrary arguments in the context of the affected server. This can be exploited by remote unauthenticated attackers to execute arbitrary code on the vulnerable machine.

This module sends HTTP requests with specially crafted data making the

PHP interpreter to consume lot of resources. This attack prevents the

victim server from processing requests from legitimate clients and

probably will make the server non-operational.



This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

A buffer overflow in libtelnet/encrypt.c in Inetutils and Heimdal implementations of telnetd allows remote attackers to execute arbitrary code with root permissions via a long encryption key.



This update adds support for Debian and newer FreeBSD platforms.

A buffer overflow in libtelnet/encrypt.c in Inetutils and Heimdal implementations of telnetd allows remote attackers to execute arbitrary code with root permissions via a long encryption key. This update adds support for Debian and newer FreeBSD platforms.

Buffer overflow in libtelnet/encrypt.c in various implementations of telnetd allows remote attackers to execute arbitrary code with root permissions via a long encryption key.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

A backdoor introduced in the source code of MyBB allows remote unauthenticated attackers to execute arbitrary code on systems running vulnerable installations of MyBB.



This update adds support for the Solaris platform.

A backdoor introduced in the source code of MyBB allows remote unauthenticated attackers to execute arbitrary code on systems running vulnerable installations of MyBB.

Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via the start_date parameter.

This update adds support for the Solaris and FreeBSD platforms.

With this update, RPT will prioritize newer exploits when attacking a target.

This module exploits a stack overflow vulnerability in proftpd in order to install an agent. The vulnerability is within the function pr_netio_telnet_gets(). The issue is triggered when processing specially crafted Telnet IAC packets delivered to the FTP server.