The Madwifi driver under Linux is vulnerable to a remote kernel-mode stack-based buffer overflow. The vulnerability is triggered by one of these properly crafted information element: WPA, RSN, WME and Atheros OUI. Current madwifi driver (0.9.2) and all madwifi-ng drivers since r1504 are vulnerable. Madwifi 0.9.2.1 release corrects the issue. This module has been tested against Ubuntu 6.10 and is 100% reliable, doesn't crash the Wifi stack and can exploit the same machine multiple times without the need to reboot it. This module depends on the Lorcon2 library and only works on the Linux platform with a supported wireless card. Please see the Ruby Lorcon2 documentation (external/ruby-lorcon/README) for more information.
This module exploits a stack buffer overflow in the NetWare PKERNEL.NLM driver's CALLIT procedure. PKERNEL.NLM is installed by default on all NetWare servers to support NFS. The PKERNEL.NLM module runs in kernel mode so a failed exploit attempt can cause the operating system to reboot.
This module exploits a stack buffer overflow in the NetWare CIFS.NLM driver. Since the driver runs in the kernel space, a failed exploit attempt can cause the OS to reboot.
This module exploits a stack buffer overflow in Safenet SoftRemote IKE IreIKE.exe service. When sending a specially crafted udp packet to port 62514 an attacker may be able to execute arbitrary code. This module has been tested with Juniper NetScreen-Remote 10.8.0 (Build 20) using windows/meterpreter/reverse_ord_tcp payloads.
This module exploits a stack buffer overflow in Symantec Client Security 3.0.x. This module has only been tested against Symantec Client Security 3.0.2 build 10.0.2.2000.
The Blackorpheus ClanMemberSkript 1.0 application is vulnerable to a remote SQL injection attack. By exploiting an unescaped variable in the 'member.php' file, an attacker can insert malicious SQL code, such as a union operator, to retrieve passwords in plaintext.
This module exploits a buffer overflow in Trend Micro ServerProtect 5.58 Build 1060 EarthAgent.EXE. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.
This module exploits a buffer overflow in Trend Micro ServerProtect 5.58 Build 1060. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.
This module exploits a stack buffer overflow in Intel Alert Originator Service msgsys.exe. When an attacker sends a specially crafted alert, arbitrary code may be executed.
This module exploits a vulnerability in the CA CAM service by passing a long parameter to the log_security() function. The CAM service is part of TNG Unicenter. This module has been tested on Unicenter v3.1.
Services By CQR