This module exploits a integer overflow vulnerability in the xpdf and libpoppler software included in most linux distributions. The vulnerability is caused by a integer overflow in the predictor calculation, which causes a buffer overflow in the stack of the StreamPredictor::getNextLine() function. The exploit is triggered when an unsuspecting user opens a specially crafted file distributed via an email.
This module exploits a heap-based buffer overflow vulnerability in the OpenOffice software included in most linux distributions. The vulnerability is caused by the prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten. The exploit is triggered when an unsuspecting user opens a specially crafted file distributed via an email.
This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by exploiting a vulnerability in VLC 0.86, which allows user-assisted remote attackers to execute code via a crafted OGG file that triggers format string and overwrites a subroutine pointer during rendering.
This module exploits a buffer overflow vulnerability in the T38FaxRateManagement parameter when parsing SIP/SDP requests in 1.4.x prior to 1.4.3.
After successful exploitation a agent will be installed. The process being exploited is usually run as root.
After successful exploitation a agent will be installed. The process being exploited is usually run as root.
This module exploits a stack-based buffer overflow vulnerability in the SOCKS proxy included in the Sun Java Web Proxy Server. The exploit sends specially crafted packets during the SOCKS connection negotiation and installs an agent if successful.
This update adds support for Debian, Ubuntu, and Mac OS-X 10.4. This module
exploits a command injection vulnerability in the function _AddPrinterW in
Samba 3, reached through an AddPrinter remote request.
exploits a command injection vulnerability in the function _AddPrinterW in
Samba 3, reached through an AddPrinter remote request.
This module exploits a buffer overflow vulnerability when parsing RPC requests through the LSA RPC interface in Samba 3.x. The exploit is triggered by sending a specially crafted RPC LsarLookupSids request to a vulnerable computer.
This module exploits a buffer overflow vulnerability in the Apache Tomcat JK Web Server Connector and installs an agent. An attacker can use an overly long URL to trigger a buffer overflow in the URL work map routine (map_uri_to_worker()) in the mod_jk.so library, resulting in the compromise of the target system.
This module exploits a stack-based buffer overflow vulnerability in the PostScript processor included in GNOME Evince. The vulnerability is caused by the get_next_text() function not properly validating overly long fields in a PostScript file. The exploit is triggered when an unsuspecting user opens a specially crafted file distributed via an email.
This module exploits a stack buffer overflow vulnerability in the Sourcefire Snort DCE/RPC preprocessor. An unauthenticated, remote attacker can exploit this vulnerability to execute arbitrary code with the privileges of the Snort process.