This Metasploit module exploits a file retrieval vulnerability in EasyCafe Server. The vulnerability can be triggered by sending a specially crafted packet (opcode 0x43) to the 831/TCP port. This Metasploit module has been successfully tested on EasyCafe Server version 2.2.14 (Trial mode and Demo mode) on Windows XP SP3 and Windows 7 SP1. Note that the server will throw a popup messagebox if the specified file does not exist.
33d40a2aa040357554a8308847a479cb0f61d14ed8afe5d9bd0a74c18bb67185
This Metasploit module exploits a vulnerability in the WebNews web interface of SurgeNews on TCP ports 9080 and 8119 which allows unauthenticated users to download arbitrary files from the software root directory; including the user database, configuration files and log files. This Metasploit module extracts the administrator username and password, and the usernames and passwords or password hashes for all users. This Metasploit module has been tested successfully on SurgeNews version 2.0a-13 on Windows 7 SP 1 and 2.0a-12 on Ubuntu Linux.
73764b44f63d2549636f9a072cfc6159cd3fc1782b3972e02ed0b63dd113c7dc
This Metasploit module exploits a denial of service flaw in the Microsoft Windows SMB client on Windows 7 and Windows Server 2008 R2. To trigger this bug, run this module as a service and forces a vulnerable client to access the IP of this system as an SMB server. This can be accomplished by embedding a UNC path (\\HOST\share\something) into a web page if the target is using Internet Explorer, or a Word document otherwise.
9beedad3e3c3103e0197e08fdbc451bf1f5445929f6c5022c987a0616228427c
This Metasploit module exploits an out of bounds function table dereference in the SMB request validation code of the SRV2.SYS driver included with Windows Vista, Windows 7 release candidates (not RTM), and Windows 2008 Server prior to R2. Windows Vista without SP1 does not seem affected by this flaw.
eb306cad88b29720e7dac7d13bc441bdf247266d948c8cc0122be192d6f3a8f2