CORE Impact Pro Exploits and Security Updates

When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.

Use the controls below to navigate CORE Impact exploits and other modules.

Released Date Title Description Vulnerabilty Categorysort descending Platform
11.18.2009 MSRPC _LlsrLicenseRequestW Remote Heap Overflow Exploit (MS09-064) This module exploits a remote heap-based overflow in the Microsoft Windows License Logging Service by sending a specially crafted RPC request. CVE-2009-2523 Exploits/Remote Windows
04.15.2014 OpenSSL TLS Heartbeat Read Overrun Memory Disclosure Exploit Update A missing boundary check in the TLS Heartbeat extension in OpenSSL can be abused by remote attackers to read up to 64 kb of memory from the server. This memory disclosure vulnerability can be used by remote unauthenticated attackers to obtain sensitive information from the affected server, including private keys and session cookies. This update adds features to the module, like the ability to read 64 kb of data from vulnerable services, reporting the results in the Module Output window, and saving the memory dumps to disk. It also improves the compatibility with OpenSSL services and adds support for FTPS. CVE-2014-0160 Exploits/Remote Linux
03.19.2012 Kingview SCADA HMI HistorySvr Heap Overflow Exploit Update KingView Scada is vulnerable to a buffer overflow error in the HistorySvr.exe module when processing malformed packets sent to port 777/TCP. This update adds new indirection using shell32.dll version 6.0.0.2900.5512. CVE-2011-0406 Exploits/Remote Windows
06.02.2009 Apple CUPS HP-GL2 filter Remote Code Execution Exploit Update This module exploits a specific flaw in the Hewlett-Packard Graphics Language filter. Inadequate bounds checking on the pen width and pen color opcodes result in an arbitrary memory overwrite allowing for the execution of arbitrary code as the "hgltops" process uid. -Linux Support added CVE-2008-3641 Exploits/Remote Linux, Mac OS X
06.21.2007 MSRPC Samba Command Injection exploit update This update adds support for Debian, Ubuntu, and Mac OS-X 10.4. This module exploits a command injection vulnerability in the function _AddPrinterW in Samba 3, reached through an AddPrinter remote request. CVE-2007-2447 Exploits/Remote Linux, OpenBSD, FreeBSD, Mac OS X
05.22.2011 NetSupport Manager Agent Buffer Overflow Exploit This module exploits a stack based buffer overflow in Netsupport Agent via a long control hostname to TCP port 5405. CVE-2011-0404 Exploits/Remote Linux, Mac OS X
03.12.2008 MSRPC UMPNPMGR MS05-039 exploit update This module exploits a stack buffer overflow in the Microsoft Windows Plug and Play service and installs an agent (MS05-039). This update fixes a problem when launching the exploit with the PROTO parameter set to 139/SMB or 445/SMB (instead of the default value ANY). CVE-2005-1983 Exploits/Remote Windows
12.01.2009 FreeBSD Dynamic Linker Privilege Escalation Exploit The vulnerability is caused due to the "_rtld()" function in libexec/rtld-elf/rtld.c not correctly clearing certain dangerous environment variables before executing suid root processes, which can be exploited to execute arbitrary code with root privileges. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-4147 Exploits/Remote FreeBSD
09.22.2009 Phpmyadmin Server_databases Remote Code Execution Exploit Update This updates provides more readable log messages when specific errors occur and improves the reliability of the exploit. CVE-2008-4096 Exploits/Remote Linux
09.21.2010 Integard Home and Pro Remote Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the handling of HTTP POST requests. This may allow execution of arbitrary code by sending an overly long, specially crafted HTTP POST request to the server. NOCVE-9999-45121 Exploits/Remote Windows
08.10.2010 Chuggnutt HTML to Text Converter Remote Code Execution Exploit This module exploits a Chuggnutt HTML to Text Converter preg_replace using eval switch in multiple web applications in order to install an agent. Currently, this module supports AtMail Open and RoundCube Webmail. Exploits/Remote Windows, Linux
10.29.2006 MSRPC SRVSVC NetrpPathCanonicalize (MS06-040) exploit update 2 This module exploits a remotely exploitable vulnerability in Windows' Server Service (MS06-040) over Microsoft DCERPC (ports 139 and 445). This update adds support for windows 2003 sp0. CVE-2006-3439 Exploits/Remote Windows
02.03.2013 Novell eDirectory ndsd Remote Buffer Overflow Exploit This module exploits a remote buffer overflow in Novell eDirectory by sending a malformed packet to the 524/TCP port. CVE-2012-0432 Exploits/Remote Linux
03.17.2008 Trend Micro OfficeScan Buffer Overflow Exploit The vulnerability is caused due to a boundary error within Trend Micro OfficeScan Corporate Edition when processing passwords with cgiChkMasterPwd.exe vulnerable module. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to this module. CVE-2008-1365 Exploits/Remote Windows
09.29.2010 Microsoft Windows Print Spooler Service Impersonation Exploit (MS10-061) This module exploits a vulnerability in the "Print Spooler" service. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-2729 Exploits/Remote Windows
07.05.2009 phpScheduleit 1.2.10 Remote Code Execution Exploit Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via the start_date parameter. CVE-2008-6132 Exploits/Remote Windows, Linux
08.27.2007 RSH Daemon for Windows Remote Buffer Overflow Exploit This module exploits a stack-based buffer overflow vulnerability in the Windows RSH application (rshd.exe). The module sends a specially crafted packet to port 514/tcp and installs an agent if successful. CVE-2007-4005 Exploits/Remote Windows
07.21.2013 MinaliC Webserver GET Buffer Overflow Exploit The vulnerability is caused due to a boundary error in the handling of HTTP "GET" requests. This can be exploited to cause a buffer overflow by sending a specially crafted overly long request. This request must avoid some special characters in order to cause the overflow. NOCVE-9999-58667 Exploits/Remote Windows
06.20.2011 Sun Java Runtime Environment Trusted Methods Chaining Exploit The specific flaw exists within the code responsible for ensuring proper privileged execution of methods. If an untrusted method in an applet attempts to call a method that requires privileges, Java will walk the call stack and for each entry verify that the method called is defined within a class that has that privilege. However, this does not take into account an untrusted object that has extended the trusted class without overwriting the target method. Additionally, this can be bypassed by abusing a similar trust issue with interfaces. An attacker can leverage these insecurities to execute vulnerable code under the context of the user invoking the JRE. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime. Authentication is not required to exploit this vulnerability. CVE-2010-0840 Exploits/Remote Windows, Linux, Mac OS X
03.03.2013 freeSSHd SSH Server Authentication Bypass Remote Code Execution Exploit A vulnerability in the freeSSHd SSH Server allows remote attackers to bypass authentication via a crafted session. This module exploits the vulnerability and installs an agent into the target host. CVE-2012-6066 Exploits/Remote Windows
05.19.2008 Debian OpenSSL Predictable Random Number Generation Exploit This module exploits the random number generator in Debian's OpenSSL package being predictable. This vulnerability is used to generate SSH keys and to install an agent into the target host. CVE-2008-0166 Exploits/Remote Linux
01.27.2010 OracleDB AUTH_SESSKEY Remote Buffer Overflow Exploit Update This module exploits a vulnerability in the Oracle Database Server. The vulnerability is triggered when the server processes a long string inside the AUTH_SESSKEY property resulting in a stack-based buffer overflow. This update adds support for Windows 2003 SP2 and Oracle 10.2.0.4. CVE-2009-1979 Exploits/Remote Windows
10.20.2010 Mantis Manage_proj_page Remote Code Execution Exploit Update 3 This update adds support for Solaris platforms. CVE-2008-4687 Exploits/Remote Solaris, Linux, Windows, AIX, Mac OS X
01.24.2012 FreeFTPD User Command Buffer Overflow Exploit An internal memory buffer may be overrun while handling long "USER" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the FreeFTPdService.exe process. CVE-2005-3683 Exploits/Remote Windows
07.05.2011 HP Data Protector Client EXEC_SETUP Remote Code Execution Exploit This module exploits a design flaw in HP Data Protector by sending a specially crafted EXEC_SETUP request. The specific flaw exists within the implementation of the EXEC_SETUP command. This command instructs a Data Protector client to download and execute a setup file. A malicious attacker can instruct the client to access a file off of a share thus executing arbitrary code under the context of the current user. CVE-2011-0922 Exploits/Remote Windows
03.18.2007 OpenBSD IPv6 mbuf Remote Exploit This module exploits a buffer overflow vulnerability in the OpenBSD kernel; the exploit uses fragmented ICMPv6 packets to take complete control of a target system. CVE-2007-1365 Exploits/Remote OpenBSD
04.13.2011 DATAC RealWin STARTPROG Buffer Overflow Exploit DATAC RealWin is prone to a buffer overflow vulnerability when handling On_FC_SCRIPT_FCS_STARTPROG packets with an overly long string. CVE-2011-1563 Exploits/Remote Windows
07.13.2008 Sun ONE Web Server-NSS challenge overflow exploit update A heap overflow in Netscape Network Security Services (NSS) library used by the Sun ONE Web Server is exploited remotely gaining control of the execution flow on the target host. This package updates the exploit. CVE-2004-0826 Exploits/Remote Solaris
02.15.2010 UplusFtp Multiple Remote Buffer Overflow Exploit The vulnerability is caused due to a boundary error when handling some commands. This can be exploited to cause a stack-based buffer overflow via an overly long command string, passed to the affected server. NOCVE-9999-42111 Exploits/Remote Windows
09.18.2008 Now SMS MMS Gateway Web Authorization Buffer Overflow Exploit update A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the web interface of Now SMS MMS Gateway. This version add support for Windows 2003 and all systems with DEP enabled. CVE-2008-0871 Exploits/Remote Windows

Pages