This module exploits a stack based buffer overflow vulnerability in Sun Java SE in JDK and JRE when the HsbParser.getSoundBank function in jsound.dll handles a specially crafted .JAR file.
This module abuses the scripting functionality in Blender to trigger remote code execution via a blender file with an embedded python script.
A vulnerability has been identified in ISC BIND, which could be exploited by remote attackers to cause a denial of service. This issue is caused due to the "dns_db_findrdataset()" function failing when the prerequisite section of a dynamic update message contains a record of type "ANY" and where at least one RRset for this FQDN exists on the server, which could allow attackers to cause a vulnerable server to exit when receiving a specially crafted dynamic update message sent to a zone for which the server is the master.
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation (sock_sendpage function) on a PF_PPPOX socket
This module exploits a XSS vulnerability in JOnAS which allows IMPACT Pro to perform remote command injection impersonating an administrator and uploading a plugin to the JOnAS server.
This module runs a web server waiting for a JOnAS administrator to connect to it. When the client connects, it will retrieve their JOnAS cookie and try to install an agent on the JOnAS server by installing a custom plugin in JOnAS.
This module runs a web server waiting for a JOnAS administrator to connect to it. When the client connects, it will retrieve their JOnAS cookie and try to install an agent on the JOnAS server by installing a custom plugin in JOnAS.
This updates provides more readable log messages when specific errors occur and improves the reliability of the exploit.
This update applies missing attributes to a small number of exploits to ensure they are correctly selected by the Rapid Penetration Test Wizards.
A vulnerability exists in the TinyMCE editor, included in the tiny browser plugin, which allows uploading files without authentication. This can be exploited to upload files with multiple extensions and execute arbitrary PHP code.
This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary errors in the customdictionaryopen() method in Javascript api. This can be exploited to cause a heap overflow when a specially crafted PDF file is opened.
This update corrects the CVE number for this exploit.
This update corrects the CVE number for this exploit.
A vulnerability has been reported in Nagios, which can be exploited by malicious users to potentially compromise a vulnerable system.
Input passed to the "ping" parameter in statuswml.cgi is not properly sanitized before being used to invoke the ping command. This can be exploited to inject and execute arbitrary shell commands.
Additional research revealed that this parameter is vulnerable to Cross-Site Request Forgery. This module exploits the XSRF vulnerability in order to install an agent using the command injection vulnerability.
Input passed to the "ping" parameter in statuswml.cgi is not properly sanitized before being used to invoke the ping command. This can be exploited to inject and execute arbitrary shell commands.
Additional research revealed that this parameter is vulnerable to Cross-Site Request Forgery. This module exploits the XSRF vulnerability in order to install an agent using the command injection vulnerability.