This module exploits a vulnerability in OpenBSD crontab entries that allow arbitrary commands execution as root. To exploit the vulnerability this exploit will create an agent in the target filesystem which will be automatically executed later (with root privileges) by a crontab vulnerable security entry (/etc/daily | mail). Once the agent gets executed, it is possible to connect to it. If the exploit succeeds, a new agent will be installed with root privileges.

Sends a shutdown command to the AJP12 Connector that will bring the whole Tomcat server down.

This module sends HTTP requests with specially crafted data making the PHP process consume lot of resources. This attack prevents the victim server from processing requests from legitimate clients and probably will make the server non-operational. The PATH parameter must point to a PHP web page, which they normally have a ".php" extension.

XMM exceptions in the OpenBSD kernel are not correctly handled, resulting in a kernel panic.

This module exploits the following vulnerability: during a null pointer dereference in relation with special crafted IP datagrams. If the firewall handles such a packet the kernel panics.

This module exploits the following vulnerability, as described by the CVE database: "A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice."

This module exploits a vulnerability in ISC DHCP Server. The vulnerability is caused due to the improper handling of DHCP requests within dhcpd in the "cons_options()" function in options.c. This causes a stack-based buffer corruption by sending a specially crafted DHCP request specifying a maximum message size smaller than 278 bytes. This module, if successful, will leave the DHCP daemon unavailable.