CANVAS Vulnerability Modules

CANVAS contains a number of vulnerability modules, each exploiting a particular vulnerability or set of vulnerabilities. While no exploit is perfect, these modules have been tested and shown to work on Immunity's testbed vulnerable systems. You may use these modules to analyze the risk posed to your systems by a hacker exploiting these weaknesses. Unlike a vendor's vulnerability announcement, these modules will demonstrate the actual risks you suffer, and allow you to test your defenses in depth, IDS systems, or other remedial measures.
  • MS Workstation Stack Overflow
  • Frontpage Chunked Encoding Bug
  • IAWebMail Stack Overflow
  • Sadmind
  • MS RPC Heap Overflow (Beta)
  • MS RPC Stack Overflow (MS03-026)
  • Abyss Webserver Heap Overflow (1.1.6 or less)
  • WebAdmin Stack Overflow (2.0.4 or less)
  • CACOPHONY (Windows Media Services Stack Overflow)
  • Samba Trans2 Stack Overflow
  • DEADDROP - RealServer 8.0.2-9.0.2 Heap Overflow (0day)
  • IIS .printer overflow
  • IIS .hta overflow
  • Solaris xdr_array() heap overflow
  • IIS 5.0 WebDav Overflow
  • Solaris /bin/login overflow
  • ColdFusion Heap Overflow
  • Microsoft Content Server Authentication Overflow
  • Microsoft RPC Locator Stack Overflow
  • Automatic SQL Injection for MS SQL Server
  • Microsoft SQL Server 2000 Hello Buffer Overflow.
  • Microsoft IIS ASP Chunked Overflow
  • Microsoft IIS MSADC Heap Overflow
  • Microsoft SQL Server 2000 Resolver Stack Overflow
  • mstask.exe remote DoS Proof of Concept (0day)
  • Microsoft SQL Server Resolver Ping
  • MS-RPC routines for binding and sending requests
  • And more!!!!!


 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 


CANVAS is a trademark of Immunity INC. HyperSec Consulting Group is a Consulting Partner
and Reseller for the territory of Latin America. HyperSec Consulting Group.

Profile::

   Public-20040226

DataBase::

  HyperSec Consulting Gr.

Engine::

  1.0-stable