This module exploits an argument injection vulnerability in PHP up to version 5.3.12 and 5.4.2 when running as a standalone CGI processor and takes advantage of the -d flag to achieve remote code execution.



This update adds support for FreeBSD, OpenBSD, RedHat and Windows platforms.

This module exploits an argument injection vulnerability in PHP up to version 5.3.12 and 5.4.2 when running as a standalone CGI processor and takes advantage of the -d flag to achieve remote code execution.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

This module sends HTTP requests with specially crafted data making the

PHP interpreter to consume lot of resources. This attack prevents the

victim server from processing requests from legitimate clients and

probably will make the server non-operational.



This is update fixes an issue when launching the module from an agent running in a linux system.

This module sends HTTP requests with specially crafted data making the

PHP interpreter to consume lot of resources. This attack prevents the

victim server from processing requests from legitimate clients and

probably will make the server non-operational.



This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

This package fixes a bug in the Apache chunked encoding exploit.

OpenBSD's PF is prone to a remote denial-of-service vulnerability.

Exploiting this issue allows remote attackers to cause a kernel panic on affected computers, denying further service to legitimate users.



This update improves reliability in Impact 10.

This module exploits a missing verification of the path in the command "sudoedit", provided by the sudo package. This can be exploited to execute any command as root including a shell, allowing an unprivileged process to elevate its privileges to root.



This update adds OSX 10.6 (Snow Leopard) as supported target.

Exploits a missing verification of the path in the command "sudoedit", provided by the sudo package. This can be exploited to e.g. execute any command as root including a shell, allowing an unprivileged process to elevate privileges to root.



This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

Exploits an off-by-one bug in channel management code in OpenSSH.

This update excludes the module from automated attacks launched by the "Network Attack and Penetration" feature, since the module requires credentials of a known account on the vulnerable system, and hence won't work with default parameters.

OpenBSD is prone to a local denial-of-service vulnerability.

XMM exceptions are not correctly handled, resulting in a kernel panic.