Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Date Title Description Vulnerabilty Categorysort descending Platform
07.18.2010 mDNSResponder buffer overflow exploit Update This module exploits a buffer overflow vulnerability in the mDNSResponder service running on certain versions of Apple Mac OS X. The vulnerability is exploited remotely by sending a specially crafted UPnP Internet Gateway Device (IGD) packet and installing an agent. This update adds port parameter. CVE-2007-2386 Exploits/Remote Mac OS X
07.25.2011 ActiveFax Server FTP Buffer Overflow Exploit ActiveFax Server's FTP service has a remote buffer overflow vulnerability that can be exploited by an authenticated atacker. NOCVE-9999-48689 Exploits/Remote Windows
05.04.2010 Microsoft WINS Name Validation Exploit Update Exploits a buffer overflow vulnerability in Microsoft WINS server. This update improves the reliability of the exploit when using Reuse Connection method. CVE-2004-0567 Exploits/Remote Windows
11.21.2012 Samba LsarSetInformationPolicy Request Remote Buffer Overflow Exploit Update 2 This module exploits a heap overflow vulnerability in Samba Server by sending a crafted request packet via DCERPC call. This update adds support to Debian 5 (32 bits and 64 bits). CVE-2012-1182 Exploits/Remote Linux
01.13.2010 Savant Web Server Remote Buffer Overflow Exploit A remote buffer-overflow vulnerability affects Savant Web Server. This issue occurs because the application fails to validate the length of user-supplied strings before copying them into finite process buffers. CVE-2005-0338 Exploits/Remote Windows
04.28.2008 Arkeia Network Backup buffer overflow exploit update This package updates the Arkeia Network Backup exploit. CVE-2005-0491 Exploits/Remote Windows, Linux
05.02.2013 BigAnt IM Server DDNF Username Buffer Overflow Exploit BigAnt IM Server is vulnerable to a buffer-overflow within the AntDS.exe component when handling an overly long username. NOCVE-9999-57633 Exploits/Remote Windows
11.17.2008 MSRPC Server Service Remote Buffer Overflow Exploit (MS08-067) Update 2 This module exploits a vulnerability in the Microsoft Windows Server service sending a specially crafted RPC request. This update adds support for Windows 2003 Enterprise Edition sp2 with DEP enabled. CVE-2008-4250 Exploits/Remote Windows
07.10.2012 Microsoft Windows Print Spooler Service Impersonation Exploit (MS10-061) Update 3 This update adds support to Microsoft Windows 2003 64 bits, Microsoft Windows Vista 64 bits, Microsoft Windows 2008 64 bits and Microsoft Windows Seven 64 bits. This module exploits a vulnerability in the "Print Spooler" service. CVE-2010-2729 Exploits/Remote Windows
02.07.2012 SlimFTPd LIST Command Remote Buffer Overflow Exploit SlimFTPd server is prone to a stack buffer overflow when sending a LIST command with an overly-long argument. The attacker needs to be authenticated, so a successful login is required for the exploit to work. CVE-2005-2373 Exploits/Remote Windows
12.01.2011 AWStats migrate Remote Code Execution Exploit The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter. CVE-2006-2237 Exploits/Remote Solaris, Linux, Mac OS X
04.21.2008 SurgeMail Mail Server Exploit update This module exploits a buffer overflow in SurgeMail Mail Server and installs an agent into the target host. A buffer overflow vulnerability is located in the function which handles the real CGI executables. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to this module. This exploit perform three attempts to disable DEP in XP SP2 and Windows 2003. CVE-2008-1054 Exploits/Remote Windows
03.10.2014 OracleDB TNS Listener Remote Poisoning Vulnerability Exploit Oracle Database Server is prone to a remote vulnerability that allows attackers to poison the data handled by the remote 'TNS Listener' component of the application. This module tries to verify if the vulnerability is present in the 'TNS Listener' component of the database server, without deploying an agent. If a database instance name is supplied, it will be used to check for the vulnerability against the TNS listener of the target, but this could affect future client connections, as long as the module is running. If no database instance name is supplied, the module will try to register a random name. CVE-2012-1675 Exploits/Remote Windows, Linux
05.19.2010 Vermillion FTP Daemon Buffer Overflow Exploit Update 2 The vulnerability is caused due to a boundary error with the handling of PORT commands. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted command passed to the affected server. This update fix the Connect to connection method for some virtual machines. NOCVE-9999-41966 Exploits/Remote Windows
09.04.2007 Sun Java Web Start JNLP Stack Buffer Overflow Exploit This module exploits a stack-based buffer overflow vulnerability in the javaws.exe program and deploys an agent when successful. The exploit triggers a vulnerability in the Java Runtime Environment allowing an attacker to execute arbitrary code on the remote machine. CVE-2007-3655 Exploits/Remote Windows
05.30.2010 HP OpenView NNM getnnmdata Hostname CGI Buffer Overflow Exploit This module exploits a stack-based buffer overflow in the getnnmdata.exe CGI application, a component of HP OpenView Network Node Manager, by sending an HTTP request with an invalid value for the Hostname parameter. CVE-2010-1555 Exploits/Remote Windows
09.09.2007 SIDVault LDAP Server Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the LDAP service (sidvault.exe) of the SIDVault LDAP application. The exploit triggers a stack-based buffer overflow by sending a specially crafted packet to port 389/TCP of the vulnerable system and installs an agent if successful. CVE-2007-4566 Exploits/Remote Windows
04.29.2009 Belkin BullDog Plus UPS-Service Buffer Overflow Exploit The UPS management software contains a built-in web server which allows for remote management of the UPS. The management interface is protected by a username and password and the authentication is performed via Basic authentication. There is a small stack-based overflow in the base64 decoding routine which handles the Basic authentication data. NOCVE-9999-37026 Exploits/Remote Windows
05.22.2013 SAP Netweaver Message Server _MsJ2EE_AddStatistics Memory Corruption Exploit The Message Server component of SAP Netweaver is prone to a memory corruption vulnerability when the _MsJ2EE_AddStatistics function handles a specially crafted request with iflag value 0x0c MS_J2EE_SEND_TO_CLUSTERID, or 0x0d MS_J2EE_SEND_BROADCAST. This vulnerability can be exploited by remote unauthenticated attackers to execute arbitrary code on the vulnerable server. CVE-2013-1592 Exploits/Remote Windows
01.26.2011 Golden FTP Server PASS Buffer Overflow Exploit This vulnerability on installations of Golden FTP Server is due to a boundary error with the handling of passwords. This can be exploited to cause a stack-based buffer overflow via the use of overly long, specially-crafted passwords passed to the affected server. CVE-2006-6576 Exploits/Remote Windows
10.28.2009 Novell eDirectory Network Request Buffer Overflow Exploit A boundary error exists in the dhost.dll component of Novell eDirectory post authentication when processing list of modules. This can be exploited to cause a stack-based buffer overflow via a specially crafted request with an overly long module name. WARNING:This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-4653 Exploits/Remote Windows
03.19.2012 AT TFTP Server Long Filename Buffer Overflow Exploit Update The vulnerability is caused due to a boundary error during the processing of TFTP Read/Write request packet types. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet with an overly long filename field. This update ensures that the program receives all data. CVE-2006-6184 Exploits/Remote Windows
10.07.2014 Bash Environment Variables Remote Code Execution Exploit for SSH A vulnerability in GNU Bash when processing trailing strings after function definitions in the values of environment variables allows remote attackers to execute arbitrary code via a crafted environment. This vulnerability can be leveraged to bypass restricted SSH access (i.e. when the SSH server forces the execution of a specific command, ignoring any command supplied by the client, either by specifying a 'ForceCommand' directive in the 'sshd_config' file, or by using the 'command' keyword in the 'authorized_keys' file) when the default shell for the user is Bash, allowing the remote attacker to execute arbitrary commands on the vulnerable system. The module included leverages this vulnerability to install an agent. CVE-2014-6271 Exploits/Remote Linux
08.20.2008 IBM Lotus Domino Accept-Language Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the Lotus Domino HTTP server (nHTTP.exe) by sending a specially crafted GET request. CVE-2008-2240 Exploits/Remote Windows
01.08.2013 IBM Director CIM Server Remote Code Execution Exploit IBM Director is prone to a remote code execution vulnerability that affects the CIM server. Attackers can leverage this issue to execute arbitrary code with elevated privileges in the context of the CIM server process. CVE-2009-0880 Exploits/Remote Windows
06.01.2011 OracleDB CSA Remote Code Execution Exploit This module exploits a vulnerability in the Client System Analyzer component of the Oracle Database Server. CVE-2010-3600 Exploits/Remote Windows, Linux
02.16.2011 SIELCO SISTEMI Winlog Malformed Packet Stack Buffer Overflow Exploit Stack-based buffer overflow in Sielco Sistemi Winlog when Run TCP/IP server is enabled, allows remote attackers to execute arbitrary code via a crafted 0x02 opcode to TCP port 46823. CVE-2011-0517 Exploits/Remote Windows
09.28.2011 Procyon Core Server HMI Scada Coreservice Buffer Overflow Exploit Vulnerability in the coreservice.exe component of Procyon Core Server versions 1.13 and below. While processing a password, the application fails to do proper bounds checking before copying data into a buffer on the stack. This causes a buffer overflow and allows it to overwrite a structured exception handling record, allowing for unauthenticated remote code execution. CVE-2011-3322 Exploits/Remote Windows
06.12.2007 Apache Tomcat buffer overflow exploit This module exploits a buffer overflow vulnerability in the Apache Tomcat JK Web Server Connector and installs an agent. An attacker can use an overly long URL to trigger a buffer overflow in the URL work map routine (map_uri_to_worker()) in the mod_jk.so library, resulting in the compromise of the target system. CVE-2007-0774 Exploits/Remote Linux
02.27.2011 HP Performance Insight helpmanager Servlet Remote Code Execution Exploit This module exploits an insufficient input validation and authentication error to upload and execute an arbitrary .JSP file in HP Performance Insight. CVE-2010-0447 Exploits/Remote Windows

Pages