A Format string vulnerability in the nsrd RPC service within EMC NetWorker? allows remote attackers to execute arbitrary code via format string specifiers in a crafted message.

This update adds Linux Support.

This module exploits a default password vulnerability in Symantec Messaging Gateway.

A Format string vulnerability in the nsrd RPC service within EMC NetWorker? allows remote attackers to execute arbitrary code via format string specifiers in a crafted message.

Libdbus 1.5.x and earlier, when used in setuid processes not clearing the environment variables, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable.

This update adds support to Debian 6.0.0 and adds support for attacking IPv6 targets.



This module exploits a heap overflow bug in Samba Server by sending a crafted request packet via DCERPC call.

An AccessControlContext attribute in the java.beans.Statement class of Oracle Java can be overwritten by unprivileged applets by using specially crafted Java Beans Expressions and Statements, even when the AccessControlContext attribute is declared as final.

This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

The "compat_alloc_user_space" function, which belongs to the 32-bit compatibility layer for 64-bit versions of Linux, can produce a stack pointer underflow when it's called with an arbitrary length input. This vulnerability can be used by local unprivileged users to corrupt the kernel memory in order to gain root privileges.

An AccessControlContext attribute in the java.beans.Statement class of Oracle Java can be overwritten by unprivileged applets by using specially crafted Java Beans Expressions and Statements, even when the AccessControlContext attribute is declared as final.

This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

This module exploits a vulnerability in Linux for x86-64. The IA32 system call emulation functionality does not zero-extend the EAX register after the 32bit entry path to ptrace is used, which might allow local users to trigger an out-of-bounds access to the system call table using the RAX register and escalate privileges.



This vulnerability is a regression of CVE-2007-4573.

An error in the way the bytecode verifier of Java validates field access instructions when preparing to JIT-compile a method can be abused to cause a type confusion vulnerability. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.