This module exploits a command injection vulnerability in HP Client Automation. The flaw exists within the radexecd.exe component which listens by default on TCP port 3465. When handling a remote execution request the process does not properly authenticate the user issuing the request. The command to be executed is also not properly sanitized. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of SYSTEM.



Authentication is not required to exploit this vulnerability.

A vulnerability in ElasticSearch versions 1.4.0 to 1.4.2 allows execution of unsandboxed Groovy code. This module installs an OS agent in vulnerable targets.

The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. This module works if map:map_yp_alias is set as the imap server address in config.php, which is not the default setting.



This update improves os detection and adds runtime cost.

This update introduces an OS Command Injection Exploit for the "Wordpress Landing Pages" plugin.

This module exploits a vulnerability in the Linux apport application. The apport application can be forced to drop privileges to uid 0 and write a corefile anywhere on the system. This can be used to write a corefile with crafted contents in a suitable location to gain root privileges.



This updates improves the way some files are cleaned up after a failed exploitation attempt.

Zimbra is vulnerable to a Local File Inclusion vulnerability that allows attacker to get LDAP credentials which we may use for upload a JSP file allowing us to install an agent.



This update workarounds a problem when proxying and using HTTPSConnection.

The Usermin Control Panel is vulnerable to command injection due to the function get_signature in usermin/mailbox/mailbox-lib.pl, which calls open() without any prior validation.



This vulnerability allows authenticated users to execute arbitrary code on the affected Usermin versions.

The fdctrl_handle_drive_specification_command() function in the code that emulates the Floppy Disk Controller in QEMU does not properly reset the index within a buffer when processing user-controlled data, leading to a heap-based buffer overflow in the QEMU process that runs on the Host system.



An attacker running code within a Guest operating system can exploit this vulnerability in order to escape from the QEMU virtual machine and execute arbitrary code on the Host operating system.



This update adds support for exploiting 64-bit guest systems.

This module exploits a vulnerability while handling TKEY queries in the BIND service to cause a DoS.

Zimbra is vulnerable to a Local File Inclusion vulnerability that allows attacker to get LDAP credentials which we may use for upload a JSP file allowing us to install an agent.