A directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server allows remote attackers who are able to access the console manager to create files on arbitrary locations of the filesystem. This can be abused to gain execution of arbitrary code by sending special HTTP requests to the JMX Console.

This module exploits a missing verification of the path in the command "sudoedit", provided by the sudo package. This can be exploited to execute any command as root including a shell, allowing an unprivileged process to elevate its privileges to root.



This update adds OSX 10.6 (Snow Leopard) as supported target.

This module exploits a buffer overflow vulnerability in the T38FaxRateManagement parameter when parsing SIP/SDP requests in 1.4.x prior to 1.4.3.

This update improves the reliability of the module.

This module exploits a buffer overflow in Mozilla Firefox when parsing a malformed UTF-8 encoded URL.



This update appends info to the "Supported systems notes" section.

The JMX-Console web application in JBoss Enterprise Application Platform performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method. This module will exploit this vulnerability to deploy an agent by uploading a JSP file to the target server.

This module exploits a remote command execution vulnerability found in UnrealIRCd by using an unauthorized backdoor.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

Multiple MicroWorld eScan products are vulnerable to a remote command-execution vulnerability because they fail to properly sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary commands with superuser privileges. Successful attacks will completely compromise affected computers. The issue affects the following products versions prior to 4.1.x: eScan for Linux Desktop, eScan for Linux File Servers, MailScan for Linux Mail servers, WebScan for Linux Proxy Servers.

The 'udev' Linux application is prone to a local privilege-escalation vulnerability because it fails to properly handle netlink messages.



Local attackers may exploit this issue to gain elevated privileges, which may lead to a complete compromise of the system.



This update fixs a module's bug.

MySQL compiled with yaSSL is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

A vulnerability has been identified in ISC BIND, which could be exploited by remote attackers to cause a denial of service. This issue is caused due to the "dns_db_findrdataset()" function failing when the prerequisite section of a dynamic update message contains a record of type "ANY" and where at least one RRset for this FQDN exists on the server, which could allow attackers to cause a vulnerable server to exit when receiving a specially crafted dynamic update message sent to a zone for which the server is the master.



This update adds more supported platforms to the exploit.