Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Date Titlesort descending Description Vulnerabilty Category Platform
02.22.2013 Sparklabs Viscosity Python Exec Local Privilege Escalation Exploit The setuid-set ViscosityHelper binary insecurely executes certain scripts and can be exploited to gain escalated privileges via symlink attacks. CVE-2012-4284 Exploits/Local Mac OS X
08.01.2012 SQL Injection Analyzer Update Test a web page's parameters trying to detect potential SQL Injection vulnerabilities. The module can be configured to look for vulnerabilities in GET & POST parameters and cookies. This update adds an additional trigger to the FAST set of SQL injection triggers for the SQL Injection analyzer to use. Exploits/SQL Injection/Analyzer
10.22.2012 SQL Injection Analyzer Update 2 Test a web page's parameters trying to detect potential SQL Injection vulnerabilities. this update is for 12.5. Exploits/SQL Injection/Analyzer
10.29.2006 SQL Server Hello exploit update This module exploits a vulnerability in Microsoft SQL Server. This update improves the exploit reliability and adds support for Windows 2003 CVE-2002-1123 Exploits/Remote Windows
02.04.2009 Squid Web Proxy Cache HTTP Version Number DoS This module sends HTTP requests that causes the Squid Web Proxy to stop running. NOCVE-9999-35968 Denial of Service/Remote Linux
01.11.2011 SquirrelMail map_yp_alias Command Injection Exploit The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. This module works if map:map_yp_alias is set as the imap server address in config.php, which is not the default setting. CVE-2009-1579 Exploits/Remote Solaris, AIX, Linux
06.07.2009 SSDT Cleaner for IMPACT SDT Cleaner is a tool that intends to clean the SSDT (system service descriptor table) from hooks. The SDT Cleaner allows you to clean hooks installed by Anti-Virus and Firewalls. Exploits/Tools Windows
05.28.2009 Steamcast GET Request Remote Buffer Overflow Exploit A boundary error can be exploited to cause a stack-based buffer overflow by sending a specially crafted GET HTTP request with an overly long path to the web server. CVE-2008-0550 Exploits/Remote Windows
05.27.2009 Ston3d Player Command Injection Exploit This module exploits a remote command injection vulnerability in Ston3DWebPlayer and Ston3DStandalonePlayer via an specially crafted STK file. CVE-2009-1792 Exploits/Client Side Windows, Linux
02.22.2010 Sudoedit Privilege Escalation Exploit Exploits a missing verification of the path in the command "sudoedit", provided by the sudo package. This can be exploited to e.g. execute any command as root including a shell, allowing an unprivileged process to elevate privileges to root. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-0426 Exploits/Local Solaris, AIX, Linux, FreeBSD, OpenBSD, Mac OS X
07.22.2010 Sudoedit Privilege Escalation Exploit Update This module exploits a missing verification of the path in the command "sudoedit", provided by the sudo package. This can be exploited to execute any command as root including a shell, allowing an unprivileged process to elevate its privileges to root. This update adds OSX 10.6 (Snow Leopard) as supported target. CVE-2010-0426 Exploits/Local Solaris, AIX, Linux, FreeBSD, OpenBSD, Mac OS X
07.16.2012 SugarCRM CE unserialize PHP Code Execution Exploit The vulnerability is caused by scripts using "unserialize()" with user controlled input. This can be exploited to execute arbitrary PHP code via the "__destruct()" method of the "SugarTheme" class or passing an ad-hoc serialized object through the $_REQUEST['current_query_by_page'] input variable. CVE-2012-0694 Exploits/Remote Solaris, Linux, Mac OS X
08.17.2009 SugarCRM Remote Code Execution Exploit Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition (aka SugarCRM) before 5.2f allows remote authenticated users to execute arbitrary code by uploading a file with only an extension in its name, then accessing the file via a direct request to a modified filename under cache/modules/Emails/, as demonstrated using .php as the entire original name. CVE-2009-2146 Exploits/Remote Linux, Solaris, Mac OS X
11.30.2011 SugarCRM Remote Code Execution Exploit Update This update adds support for Solaris and Mac OS X platforms CVE-2009-2146 Exploits/Remote Linux, Solaris, Mac OS X
12.06.2009 SumatraPDF Shading Pattern Processing Buffer Overflow Exploit The vulnerabilities are caused due to boundary errors within the "pdf_loadtype4shade()", "pdf_loadtype5shade()", "pdf_loadtype6shade()", and "pdf_loadtype7shade()" functions. This can be exploited to cause stack-based buffer overflows. CVE-2009-1605 Exploits/Client Side Windows
02.21.2010 Sun Java AWT Library setDiffICM Buffer Overflow Exploit This module exploits a buffer overflow in the AWT library in Sun Java JRE when a specially crafted parameter is passed to the setDiffICM function. CVE-2009-3869 Exploits/Client Side Windows
06.29.2009 Sun Java Calendar Deserialization Exploit This module exploits a deserialization bug in several Java Runtime Environments. CVE-2008-5353 Exploits/Client Side Windows, Mac OS X, Linux
11.18.2009 Sun Java getSoundBank Buffer Overflow Exploit This module exploits a stack based buffer overflow vulnerability in Sun Java SE in JDK and JRE when the HsbParser.getSoundBank function in jsound.dll handles a specially crafted .JAR file. CVE-2009-3867 Exploits/Client Side Windows, Linux
06.23.2011 Sun Java RMIConnectionImpl Deserialization Privilege Escalation Exploit This module exploits a privilege escalation vulnerability in Sun Java. The specific flaw exists within the deserialization of RMIConnectionImpl objects. Due to a lack of privilege checks during deserialization it is possible to supply privileged code in the ClassLoader of a constructor being deserialized. This allows for a remote attacker to call system level Java functions without proper sandboxing. Exploitation of this can lead to remote system compromise under the context of the currently logged in user. CVE-2010-0094 Exploits/Client Side Windows, Linux, Mac OS X
06.20.2011 Sun Java Runtime Environment Trusted Methods Chaining Exploit The specific flaw exists within the code responsible for ensuring proper privileged execution of methods. If an untrusted method in an applet attempts to call a method that requires privileges, Java will walk the call stack and for each entry verify that the method called is defined within a class that has that privilege. However, this does not take into account an untrusted object that has extended the trusted class without overwriting the target method. Additionally, this can be bypassed by abusing a similar trust issue with interfaces. An attacker can leverage these insecurities to execute vulnerable code under the context of the user invoking the JRE. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime. Authentication is not required to exploit this vulnerability. CVE-2010-0840 Exploits/Remote Windows, Linux, Mac OS X
01.21.2010 Sun Java System Web Server Digest DoS Multiple vulnerabilities have been identified in Sun Java System Web Server, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system. These issues are caused by buffer overflow errors when processing malformed "TRACE" or "OPTIONS" requests, or overly long "Authorization: Digest" headers, which could be exploited by attackers to crash an affected server or execute arbitrary code. This exploit forces the server process to throw an unhandled exception and be restarted. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-0387 Denial of Service/Remote Solaris, Windows, Linux, AIX
01.26.2010 Sun Java System Web Server Webdav Stack Overflow This module exploits a buffer overflow vulnerability in the Sun Web Server Webdav service when parsing OPTION requests. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-0361 Exploits/Remote Windows
10.17.2007 Sun Java Web Console format string exploit This module exploits a format string vulnerability in the Sun Java Web Console and installs an agent. CVE-2007-1681 Exploits/Remote Solaris
06.28.2007 Sun Java Web SOCKS Proxy Authentication Exploit This module exploits a stack-based buffer overflow vulnerability in the SOCKS proxy included in the Sun Java Web Proxy Server. The exploit sends specially crafted packets during the SOCKS connection negotiation and installs an agent if successful. CVE-2007-2881 Exploits/Remote Linux
04.14.2010 Sun Java Web Start Arbitrary Command Line Injection Exploit This module exploits a command injection vulnerability within the launch() function in the Java Deployment Toolkit. CVE-2010-1423 Exploits/Client Side Windows
07.21.2010 Sun Java Web Start Arbitrary Command Line Injection Exploit Update Argument injection vulnerability in the URI handler in Java Deployment Toolkit allows remote attackers to execute arbitrary code via the -J argument to javaws.exe, which is processed by the launch method. This update adds support for Windows Vista and Windows 7. CVE-2010-1423 Exploits/Client Side Windows
09.04.2007 Sun Java Web Start JNLP Stack Buffer Overflow Exploit This module exploits a stack-based buffer overflow vulnerability in the javaws.exe program and deploys an agent when successful. The exploit triggers a vulnerability in the Java Runtime Environment allowing an attacker to execute arbitrary code on the remote machine. CVE-2007-3655 Exploits/Remote Windows
07.13.2008 Sun ONE Web Server-NSS challenge overflow exploit update A heap overflow in Netscape Network Security Services (NSS) library used by the Sun ONE Web Server is exploited remotely gaining control of the execution flow on the target host. This package updates the exploit. CVE-2004-0826 Exploits/Remote Solaris
09.28.2005 Sun Solaris Printd Arbitrary File Deletion Exploit Sun Solaris printd is affected by an arbitrary file deletion vulnerability. This module exploits this vulnerability. CVE-2005-4797 Exploits/Tools Solaris
02.21.2011 Sun SunScreen Firewall Privilege Escalation Exploit The SunScreen Firewall is prone to a vulnerability that allows the execution of arbitrary commands as the root user. This module exploits the vulnerability and installs an agent with root privileges. CVE-2011-0902 Exploits/Local Solaris

Pages