Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Date Title Description Vulnerabilty Categorysort descending Platform
09.06.2015 Magento eCommerce Web Sites Remote Code Execution Exploit Magento eCommerce Web Sites suffers from a Authentication Bypass Vulnerability, a Blind SQL Injection Vulnerability and a Remote File Inclusion Vulnerability. These 3 vulnerabilities, allows an attacker to gain arbitrary code execution on the affected system. CVE-2015-1397
12.15.2015 Joomla com_contenthistory SQL Injection This module exploits a SQL Injection vulnerability in Joomla which allows gathering of users and password hashes by parsing SQL output errors CVE-2015-7297 Linux
08.12.2014 Supported services list update This package updates the list of network service TCP and UDP ports known to the Impact exploits framework. Exploits/Remote
08.31.2011 Cisco NX-OS CDP Remote Exploit A vulnerability has been reported as Cisco Bug ID CSCtf08873 which states that a CDP packet with a long Device ID crashes CDPD on N7k. Our research indicated that the vulnerability corrupts the state of the heap, leading to an exploitable scenario, which allows to gain administrator privileges. This module exploits such vulnerability in order to install an agent. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. NOCVE-9999-48401 Exploits/Remote
04.14.2015 IBM Tivoli Storage Manager FastBackMount GetVaultDump Buffer Overflow Exploit The specific flaw exists within FastBackMount.exe which listens by default on TCP port 30051. When handling opcode 0x09 packets, the process blindly copies user supplied data into a stack-based buffer within CMountDismount::GetVaultDump. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user. CVE-2015-0119 Exploits/Remote Windows
09.30.2009 MS SMB 2.0 Negociate Protocol Request Remote BSOD Exploit Update This update improves the exploit reliability. This module exploits a vulnerability on srv2.sys via a SMB 2 malformed packet. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-3103 Exploits/Remote Windows
02.24.2010 Openftpd Server Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the authentication process. This can be exploited to cause a stack-based buffer overflow by sending an overly long, specially-crafted password to the affected server. NOCVE-9999-42236 Exploits/Remote Windows
09.24.2014 Bash Remote Code Execution Exploit This update includes a module exploiting a vulnerability found in Bash. When using the vulnerable Bash version as the interpreter for CGI pages, remote code execution through those pages is possible. CVE-2013-1966 Exploits/Remote Solaris, Linux, Windows
01.08.2008 MySQL yaSSL Exploit This module exploits a remote buffer-overflow in MySQL servers using yaSSL. CVE-2008-0226 Exploits/Remote Windows, Linux, FreeBSD
04.13.2014 HP Data Protector EXEC_BAR Remote Command Execution Exploit This module exploits a remote code execution vulnerability in HP Data Protector by sending a specially crafted EXEC_BAR request. CVE-2013-2347 Exploits/Remote Windows
03.19.2012 AT TFTP Server Long Filename Buffer Overflow Exploit Update The vulnerability is caused due to a boundary error during the processing of TFTP Read/Write request packet types. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet with an overly long filename field. This update ensures that the program receives all data. CVE-2006-6184 Exploits/Remote Windows
06.09.2013 MongoDB nativeHelper Remote Code Execution Exploit This module exploits a vulnerability in MongoDB server. An arbitrary value passed as a parameter to the nativeHelper function in MongoDB server allows an attacker to control the execution flows to achieve remote code execution. CVE-2013-1892 Exploits/Remote Linux
01.08.2013 IBM Director CIM Server Remote Code Execution Exploit IBM Director is prone to a remote code execution vulnerability that affects the CIM server. Attackers can leverage this issue to execute arbitrary code with elevated privileges in the context of the CIM server process. CVE-2009-0880 Exploits/Remote Windows
06.01.2011 OracleDB CSA Remote Code Execution Exploit This module exploits a vulnerability in the Client System Analyzer component of the Oracle Database Server. CVE-2010-3600 Exploits/Remote Windows, Linux
11.04.2014 exploitlib local privilege escalation update This update fixes an issue in the dynamic_fork mem_execute implementation used by some privilege escalation exploits. Exploits/Remote
03.09.2008 SurgeMail Mail Server Exploit This module exploits a buffer overflow in SurgeMail Mail Server and installs an agent into the target host. A buffer overflow vulnerability is located in the function which handles the real CGI executables. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to this module. CVE-2008-1054 Exploits/Remote Windows
07.28.2009 Wireshark PROFINET Dissector Format String Exploit Wireshark is prone to a format-string vulnerability. Attackers can leverage this issue to execute arbitrary code within the context of the vulnerable application. Failed attacks will likely cause denial-of-service conditions. CVE-2009-1210 Exploits/Remote Windows
06.08.2006 RealVNC 4.1.1 Authentication Exploit This exploit simulates a RealVNC client and establishes a connection with a Real VNC server without using a password. After that, it opens a console, writes the exploit and executes it in ntsd.exe CVE-2006-2369 Exploits/Remote Windows
11.29.2009 Microsoft Excel Featheader Record Memory Corruption Vulnerability Exploit (MS09-067) A remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files that include a malformed record object. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-3129 Exploits/Remote Windows
07.12.2007 Asterisk T.38 buffer overflow exploit This module exploits a buffer overflow vulnerability in the T38FaxRateManagement parameter when parsing SIP/SDP requests in 1.4.x prior to 1.4.3. After successful exploitation a agent will be installed. The process being exploited is usually run as root. CVE-2007-2293 Exploits/Remote Linux
10.27.2013 MS SMB 2.0 Negociate Protocol Request Remote Exploit Update 3 This module exploits a vulnerability in srv2.sys via a SMB 2 malformed packet. This Update adds support for attacking over IPv6 and additional support for Windows Server 2008 CVE-2009-3103 Exploits/Remote Windows
12.09.2008 AT TFTP Server Long Filename Buffer Overflow Exploit The vulnerability is caused due to a boundary error during the processing of TFTP Read/Write request packet types. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet with an overly long filename field. CVE-2006-6184 Exploits/Remote Windows
09.28.2011 Procyon Core Server HMI Scada Coreservice Buffer Overflow Exploit Vulnerability in the coreservice.exe component of Procyon Core Server versions 1.13 and below. While processing a password, the application fails to do proper bounds checking before copying data into a buffer on the stack. This causes a buffer overflow and allows it to overwrite a structured exception handling record, allowing for unauthenticated remote code execution. CVE-2011-3322 Exploits/Remote Windows
06.10.2008 CitectSCADA Buffer Overflow Exploit Remote exploitation of a buffer overflow vulnerability in CitectSCADA allows for the remote execution of arbitrary code by attackers. CVE-2008-2639 Exploits/Remote Windows
06.28.2007 Sun Java Web SOCKS Proxy Authentication Exploit This module exploits a stack-based buffer overflow vulnerability in the SOCKS proxy included in the Sun Java Web Proxy Server. The exploit sends specially crafted packets during the SOCKS connection negotiation and installs an agent if successful. CVE-2007-2881 Exploits/Remote Linux
04.06.2010 SAP MaxDB Malformed Handshake Request Exploit This module exploits a stack buffer overflow vulnerability in SAP MaxDB by sending a specially crafted packet to 7210/TCP port. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-1185 Exploits/Remote Windows
08.06.2009 Motorola Timbuktu Pro PlughNTCommand Stack Based Buffer Overflow Exploit This module exploits a remote stack-based buffer overflow in Motorola Timbuktu Pro by sending a long malformed string over the plughNTCommand named pipe. CVE-2009-1394 Exploits/Remote Windows
10.06.2011 HP iNode Management Center iNodeMngChecker Remote Code Execution Exploit The flaw exists within the iNodeMngChecker.exe component which listens by default on TCP port 9090. When handling the 0x0A0BF007 packet type the process blindly copies user supplied data into a fixed-length buffer on the stack. CVE-2011-1867 Exploits/Remote Windows
08.27.2015 Zimbra Collaboration Server skin Local File Include Exploit Update Zimbra is vulnerable to a Local File Inclusion vulnerability that allows attacker to get LDAP credentials which we may use for upload a JSP file allowing us to install an agent. This update workarounds a problem when proxying and using HTTPSConnection. CVE-2013-7091 Exploits/Remote Linux
06.29.2011 HP Data Protector Omniinet.exe Remote Buffer Overflow This module exploits a buffer overflow vulnerability in HP Data Protector by sending a specially crafted packet to the vulnerable Omniinet.exe service. CVE-2011-1865 Exploits/Remote Windows

Pages