This module exploits a heap overflow bug in Samba Server by sending a crafted request packet via DCERPC call.
The spywall/blocked_file.php script of Symantec Web Gateway allows remote unauthenticated users to upload files with arbitrary extensions. This can be abused by attackers to execute arbitrary PHP code on vulnerable systems.
This module exploits a remote format string vulnerability in FireFly Media Server by sending a sequence of HTTP requests to the 3689/TCP port.
The vulnerability is caused by scripts using "unserialize()" with user controlled input. This can be exploited to execute arbitrary PHP code via the "__destruct()" method of the "SugarTheme" class or passing an ad-hoc serialized object through the $_REQUEST['current_query_by_page'] input variable.
Unsafe type handling performed by the AtomicReferenceArray class of the Oracle Java Runtime Environment can be abused to cause a type confusion error.
This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
This module exploits a remote code execution vulnerability in Symantec Web Gateway by using a log injection and a local file inclusion to run an arbitrary PHP script.
This module exploits an argument injection vulnerability in PHP up to version 5.3.12 and 5.4.2 when running as a standalone CGI processor and takes advantage of the -d flag to achieve remote code execution.
This update adds support for FreeBSD, OpenBSD, RedHat and Windows platforms.
This update adds support for FreeBSD, OpenBSD, RedHat and Windows platforms.
This module triggers a stack corruption vulnerability in Asterisk by sending a malformed packet to the 8088/TCP port.
There is a buffer overflow in the script-fu server component of GIMP
(the GNU Image Manipulation Program) when sending a crafted package to the port 10008.
(the GNU Image Manipulation Program) when sending a crafted package to the port 10008.
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the SamrChangePassword function, when the "username map script" smb.conf option is enabled.
This update adds Solaris support.
This update adds Solaris support.