Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Date Titlesort descending Description Vulnerabilty Category Platform
09.26.2011 ScadaTEC ModbusTagServer ZIP Buffer Overflow Exploit ScadaTEC ModbusTagServe has a buffer overflow when handling a project file bundled in a zip. CVE-2011-4535 Exploits/Client Side Windows
09.28.2011 ScadaTEC ScadaPhone ZIP Buffer Overflow Exploit ScadaTEC ScadaPhone has a buffer overflow when handling a project file bundled in a zip. NOCVE-9999-49299 Exploits/Client Side Windows
05.09.2013 Schneider Electric Accutech Manager Heap Overflow Exploit This module exploits a heap overflow vulnerability in the Schneider Electric Accutech Manager Server by sending a malformed packet to the 2537/TCP port to execute arbitrary code or crash the server. CVE-2013-0658 Exploits/Remote Windows
03.19.2013 Schneider Electric Interactive Graphical SCADA System Buffer Overflow Exploit This Stack-based buffer overflow exploits a vulnerability in Schneider Electric's Interactive Graphical SCADA System (IGSS) that allows remote attackers to execute arbitrary code by sending a specially crafted packet to TCP port-12397. CVE-2013-0657 Exploits/Remote Windows
05.21.2014 Schneider Electric OFS Client Buffer Overflow Exploit When a crafted configuration file is parsed by the client, it may cause a buffer overflow allowing the configuration file execute code on the target PC. CVE-2014-0774 Exploits/Client Side Windows
04.06.2014 Schneider Electric Serial Modbus Driver Buffer Overflow Exploit The vulnerability is a buffer overflow in Schneider Electric OPC factory Suite which bundle the vulnerable component Schneider Electric Modbus Serial Driver (ModbusDrv.exe). CVE-2013-0662 Exploits/Remote Windows
06.02.2009 SDP Downloader ASX Buffer Overflow Exploit SDP Downloader contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in SDP Downloader when handling crafted .ASX files. NOCVE-9999-38080 Exploits/Client Side Windows
08.02.2010 Serenity Audio Player Buffer Overflow Exploit Serenity Audio Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Serenity Audio Player when handling .M3U files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .M3U file. CVE-2009-4097 Exploits/Client Side Windows
02.07.2010 Serv-U Web Client HTTP Request Remote Buffer Overflow Exploit This module exploits a stack overflow in Serv-U Web Client by sending a specially crafted POST request. CVE-2009-4873 Exploits/Remote Windows
06.05.2013 Serva TFTPD Service Large Read Requests Parsing DoS The Serva32 TFTPD service is vulnerable to a buffer overflow vulnerability when parsing large read requests. When the application reads in a large buffer the application crashes. CVE-2013-0145 Denial of Service/Remote Windows
06.08.2011 Serva32 HTTP Server GET command DoS Serva32 is prone to a denial of service vulnerability when handling malformed GET commands. NOCVE-9999-48334 Denial of Service/Remote Windows
05.14.2012 Shadow Stream Recorder Buffer Overflow Exploit Shadow Stream Recorder is prone to a remote stack-based buffer-overflow vulnerability because the applications fail to perform adequate boundary checks on user-supplied input. NOCVE-9999-52135 Exploits/Client Side Windows
09.09.2007 SIDVault LDAP Server Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the LDAP service (sidvault.exe) of the SIDVault LDAP application. The exploit triggers a stack-based buffer overflow by sending a specially crafted packet to port 389/TCP of the vulnerable system and installs an agent if successful. CVE-2007-4566 Exploits/Remote Windows
02.16.2011 SIELCO SISTEMI Winlog Malformed Packet Stack Buffer Overflow Exploit Stack-based buffer overflow in Sielco Sistemi Winlog when Run TCP/IP server is enabled, allows remote attackers to execute arbitrary code via a crafted 0x02 opcode to TCP port 46823. CVE-2011-0517 Exploits/Remote Windows
03.25.2013 Siemens SIMATIC WinCC SCADA RegReader ActiveX Buffer Overflow Exploit An unspecified error in the RegReader ActiveX control can be exploited to cause a buffer overflow. CVE-2013-0676 Exploits/Client Side Windows
09.05.2013 SIEMENS Solid Edge SEListCtrlX ActiveX Memory Write Exploit Siemens Solid Edge SEListCtrlX ActiveX control is prone to an arbitrary memory write vulnerability because the application fails to perform adequate boundary checks on user-supplied data. NOCVE-9999-58736 Exploits/Client Side Windows
06.30.2011 Siemens Tecnomatix FactoryLink CSService Buffer Overflow Exploit A vulnerability found on Siemens FactoryLink vulnerability occurs when CSService.exe processes a CSMSG_ListFiles_REQ message, causing a stack overflow. NOCVE-9999-48567 Exploits/Remote Windows
12.02.2010 Silo wintab32 DLL Hijacking Exploit Silo is prone to a vulnerability that may allow the execution of any library file named wintab32.dll, if this dll is located in the same folder than a .SIB file. NOCVE-9999-45972 Exploits/Client Side Windows
10.19.2014 Simple SMB File Share Server This update adds a SMB file share server. This server is useful for serving files such as libraries or binary exectuables necessary for triggering or executing a remote attack. Exploits/Remote
07.26.2012 Simple Web Server GET Request Buffer Overflow Exploit The vulnerability is caused due to a boundary error within Simple Web Server when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. NOCVE-9999-53352 Exploits/Remote Windows
12.05.2010 SiSoftware Sandra dwmapi DLL Hijacking Exploit SiSoftware Sandra is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .SIS file. NOCVE-9999-46099 Exploits/Client Side Windows
06.14.2013 Sketchup MAC Pict Material Palette Stack Corruption Exploit Sketchup fails to validate the input when parsing an embedded MAC Pict texture, leading to an arbitrary stack offset overwrite and finally to an arbitrary code execution. CVE-2013-3664 Exploits/Client Side Windows
07.06.2010 Skype Extras Manager ActiveX Exploit This module exploits a buffer overflow vulnerability in the Extras Manager ActiveX Control included in Skype. This bug is currently being exploited in the wild. CVE-2009-4741 Exploits/Client Side Windows
02.07.2012 SlimFTPd LIST Command Remote Buffer Overflow Exploit SlimFTPd server is prone to a stack buffer overflow when sending a LIST command with an overly-long argument. The attacker needs to be authenticated, so a successful login is required for the exploit to work. CVE-2005-2373 Exploits/Remote Windows
06.29.2005 SMB MS05-027 DoS By sending a specially crafted SMB packet, this exploit performs a Denial of Service attack on the target machine. CVE-2005-1206 Denial of Service/Remote Windows
09.15.2013 SNMP OS Detect and Identity Verifier Update V2 This update extends the information gathered to include CVE-1999-0516 and CVE-1999-0517 when present in the target. Exploits/Remote
12.03.2008 SNMPc Trap Packet Remote Buffer Overflow Exploit This module exploits a remote buffer overflow in the SNMPc Network Manager by sending a specially crafted Trap packet with a long Community String to the UDP port 164 and installs an agent if successful. CVE-2008-2214 Exploits/Remote Windows
06.03.2007 SNORT SMB Fragmentation Buffer Overflow exploit This module exploits a stack buffer overflow vulnerability in the Sourcefire Snort DCE/RPC preprocessor. An unauthenticated, remote attacker can exploit this vulnerability to execute arbitrary code with the privileges of the Snort process. CVE-2006-5276 Exploits/Remote Linux, FreeBSD
01.28.2008 SNORT SMB Fragmentation Buffer Overflow Exploit Update This module exploits a stack buffer overflow vulnerability in the Sourcefire Snort DCE/RPC preprocessor. An unauthenticated, remote attacker can exploit this vulnerability to execute arbitrary code with the privileges of the Snort process. This update adds support for Redhat Enterprise Linux 4 and FreeBSD 6.2 on Impact 7.5 CVE-2006-5276 Exploits/Remote Linux, FreeBSD
02.22.2009 SNORT SMB Fragmentation Buffer Overflow Exploit Update 2 This module exploits a stack buffer overflow vulnerability in the Sourcefire Snort DCE/RPC preprocessor. An unauthenticated, remote attacker can exploit this vulnerability to execute arbitrary code with the privileges of the Snort process. This update improves the reliability for Redhat Enterprise Linux 4 and FreeBSD 6.2 on Impact 8.0 CVE-2006-5276 Exploits/Remote Linux, FreeBSD

Pages