NEW YORK, NY, July 11, 2002 – Core Security Technologies announces the release of version 1.1 of the company’s revolutionary risk assessment product, CORE IMPACT™, which professionalizes and streamlines the penetration testing process. In addition to enhanced reporting and logging functionality, the new version includes exploit modules for the CDE ToolTalk database server vulnerabilities announced yesterday (see CORE advisory published July 10, 2002), and other important recent vulnerabilities including the “Chunked Encoding” vulnerabilities that affect the two most widely used web server programs, Apache and Internet Information Server. Such new CORE IMPACT™ modules allow customers to better test and understand how the latest vulnerabilities could impact their business.
“Simply identifying what vulnerabilities exist on a network is necessary but far from sufficient,” said Ivan Arce, chief technology officer of Core Security Technologies. “Only by trying to actually exploit those vulnerabilities can an organization begin to understand the risk and potential business impact of an attack on their particular infrastructure. With CORE IMPACT™ we are providing our customers with a tool to do that more effectively and efficiently.”
CORE IMPACT™ is the master tool for penetration testing, consolidating in one application the ability to perform a test without being reliant on disparate software tools. It provides a powerful framework to streamline and professionalize the penetration testing practice, making it more efficient and reliable, and enabling customers to easily assess the true risks and ramifications of attack. The product increases the quality of such assessments, and by automating tedious and time-consuming test tasks it can also dramatically lower their cost.
The newly released version of CORE IMPACT™ includes improved reporting and logging functionality, new libraries, updated libraries and modules, and the following new modules:
> IIS .HTR ChunkedEncoding exploit: a remote exploit for web servers running MS Internet Information Server (IIS)
> Apache chunked encoding exploit: a remote exploit for the Apache web server running on OpenBSD
> IIS .ASP ChunkedEncoding exploit: a remote exploit for web servers running MS Internet Information Server (IIS)
> ToolTalk delete any file: a remote exploit for the Common Desktop Environment (CDE) package on Solaris
> ToolTalk format string exploit: a remote exploit for the Common Desktop Environment on Solaris
> IIS CGI Filename Decode exploit: a remote exploit for web servers running MS Internet Information Server (IIS)
> Windows debugging subsystem vulnerability: a local exploit for Windows
> rwalld format string exploit: a remote exploit for Solaris
> libsldap exploit: a local exploit for Solaris
> OpenSSH channel exploit: a local exploit for Linux and OpenBSD
> ntpd control message overflow exploit: a remote exploit for Linux
> lprng format string exploit: a remote exploit for Linux
> snmpXdmid exploit: a remote exploit for Solaris
> IIS ASP Server-Side Include exploit: a local exploit for Windows
> IIS FTP STAT DoS: a remote denial of service for IIS
> IIS SMTP BDAT DoS: a remote denial of service for IIS
> Tomcat server DoS: a remote denial of service for the Tomcat application server
> NetBIOS Name Table: a SMB information gathering module
> SMB Information Gathering: a SMB information gathering module
> Windows Service Pack discovery using SMTP: a Windows information gathering module
> NetBIOS Cache Corruption: a remote exploit for Windows
> Sniffed SMB data export module: a module to export sniffed NTLM hashes to an external file (to be used by third party password crackers like LC3, John the Ripper, etc)
> IIS Propfind: a MS Windows information gathering module
> TCP Proxy: a generic TCP proxy server
CORE IMPACT™ v1.1 is available now, runs on Microsoft Windows 2000 and has agent support for Linux, Windows 2000, NT, Sun Solaris, and OpenBSD. For more information about CORE IMPACT™ and Core Security Technologies please visit http://www.coresecurity.com.
About Core Security Technologies
Core Security Technologies is a company fully dedicated to Information Security. CORE provides state-of-the-art software products to Information Security consultants, network security integrators and the IT departments of large organizations. The company’s comprehensive solutions are designed to assess risk and protect and manage information assets. Headquartered in New York, CORE SECURITY TECHNOLOGIES can be reached at 212-461-2345 or on the Web at http://www.coresecurity.com.
# # #