Microsoft Windows Private Communications Transport Protocol Buffer Overrun Vulnerability

Microsoft Windows Private Communications Transport Protocol Buffer Overrun Vulnerability

CORE has developed a working commercial exploit for their IMPACT
product. This exploit is not otherwise publicly available or known
to be circulating in the wild.

Exploit code has been released for the Metasploit framework.

The following exploit has been released, an updated version is available that includes connect-back shell support and other fixes:

/data/vulnerabilities/exploits/iis5x_ssl_pct.pm
/data/vulnerabilities/exploits/THCIISSLame.c
/data/vulnerabilities/exploits/windows_ssl_pct.pm