Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Date Title Description Vulnerabilty Categorysort descending Platform
09.03.2014 Microsoft Windows Ancillary Function Driver Double Free Vulnerability Exploit (MS14-040) Update This module exploits a double-free vulnerability in "afd.sys" by calling to "AfdTransmiteFile" function with crafted parameters. This module adds support to Microsoft Windows 2003, Windows Vista, Windows 2008 and Windows 8.1 CVE-2014-1767 Exploits/Local Windows
11.15.2007 Xen Pygrub Command Injection exploit for Impact 7.5 This module exploits a command injection error in tools/pygrub/src/GrubConf.py. This can be exploited by "root" users of a guest domain to execute arbitrary commands in domain 0 via specially crafted entries in grub.conf when the guest system is booted. CVE-2007-4993 Exploits/Local Linux
08.18.2009 Microsoft IIS MS08-006 Exploit update 3 This module exploits a stack buffer overflow vulnerability present in Microsoft Internet Information Server versions 5.1 through 6.0. This update makes the name of the file used random to improve reliability, as well as avoid a system error when the file is used. It also adds the possibility of deploying multiple agents. CVE-2008-0075 Exploits/Local Windows
05.20.2009 FreeBSD Telnetd Privilege Escalation Exploit Local attackers can exploit this issue to execute arbitrary code with superuser privileges. Successfully exploiting this issue will facilitate in the complete compromise of affected computers. CVE-2009-0641 Exploits/Local FreeBSD
06.03.2009 FreeBSD ktimer Local Privilege Escalation Exploit FreeBSD is prone to a local privilege-escalation vulnerability because it fails to adequately bounds-check user-supplied data. An attacker can exploit this vulnerability to run arbitrary code with elevated privileges. CVE-2009-1041 Exploits/Local FreeBSD
05.07.2008 Microsoft IIS MS08-006 Exploit update This module exploits a stack buffer overflow vulnerability in Microsoft Internet Information Server 5.1 through 6.0. This update adds support for 2003 Enterprise Sp1 and bypasses DEP in already supported platforms. CVE-2008-0075 Exploits/Local Windows
01.04.2011 win32api update Update for win32api module which adds 2 new wrappers. Exploits/Local
09.10.2007 WinPcap NPF.SYS IOCTL Handler Privilege Escalation Exploit Windows 2003 Support This module exploits a vulnerability in WinPcap. The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. This update adds support for Windows 2003. CVE-2007-3681 Exploits/Local Windows
08.01.2014 Microsoft Windows MQAC.sys Arbitrary Write Local Privilege Escalation Exploit The MQ Access Control Driver (mqac.sys) present in Microsoft Windows is vulnerable to an arbitrary pointer overwrite. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by sending a specially crafted IOCTL (0x1965020F) to the vulnerable driver. CVE-2014-4971 Exploits/Local Windows
10.26.2009 Anti Keylogger Elite Privilege Escalation Exploit Update This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges. This update improves the checks to verify whether the vulnerable application is installed or not. CVE-2008-5049 Exploits/Local Windows
08.28.2013 Agnitum Outpost Security Suite Privilege Escalation Exploit This module exploits a vulnerability in Agnitum Outpost Security Suite acs.exe service server when handling a specially crafted request, sent to the acsipc_server named pipe. Attackers can leverage this issue to execute arbitrary code with elevated privileges in the context of the acs.exe server process. NOCVE-9999-59314 Exploits/Local Windows
12.27.2005 SuSE Linux chfn exploit This module exploits a vulnerability in SuSE chfn command and escalates privileges to root. CVE-2005-3503 Exploits/Local Linux
10.13.2008 ZoneAlarm VSDATANT IOCTL Handler Privilege Escalation Exploit This module exploits a vulnerability in ZoneAlarm products when the 0x8400000F function is invoked with a specially crafted parameter. The IOCTL 0x8400000F handler in the VSDATANT.SYS device driver in ZoneAlarm products allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain escalated privileges. CVE-2007-4216 Exploits/Local Windows
09.17.2014 Adobe Reader X AdobeCollabSync Buffer Overflow Sandbox Bypass Exploit This module allows an agent running in the context of AcroRd32.exe with Low Integrity Level/AppContainer Integrity Level to escalate privileges in order to install a new agent that will run with Medium Integrity Level. CVE-2013-2730 Exploits/Local Windows
04.03.2014 Oracle VirtualBox VBoxSF.sys IOCTL_MRX_VBOX_DELCONN Privilege Escalation Exploit The VBoxSF.sys driver is a component of VirtualBox Guest Additions, which is in charge of providing the 'Shared Folders' feature offered by Oracle VirtualBox. This driver doesn't properly validate a pointer when handling the IOCTL_MRX_VBOX_DELCONN IoControl. This allows an unprivileged user in a Windows Guest OS with VirtualBox Guest Additions installed to gain SYSTEM privileges within the Guest OS. CVE-2014-0405 Exploits/Local Windows
05.21.2009 ElbyCDIO IO Driver Privilege Escalation Exploit This module exploits a vulnerability in ElbyCDIO.SYS driver when handling a specially crafted IOCTL request. The vulnerability allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. CVE-2009-0824 Exploits/Local Windows
02.21.2011 Sun SunScreen Firewall Privilege Escalation Exploit The SunScreen Firewall is prone to a vulnerability that allows the execution of arbitrary commands as the root user. This module exploits the vulnerability and installs an agent with root privileges. CVE-2011-0902 Exploits/Local Solaris
10.16.2013 Microsoft Windows Win32k NULL Page Vulnerability Exploit (MS13-081) This module exploits a vulnerability in "win32k.sys" by calling to the "TrackPopupMenuEx" function. CVE-2013-3881 Exploits/Local Windows
06.24.2013 Microsoft Windows Win32k pprFlattenRec Vulnerability Exploit Update This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk. This update adds support to Microsoft Windows 8. CVE-2013-3660 Exploits/Local Windows
08.21.2006 Ubuntu 5.10 Password Recovery Escalation Exploit The Ubuntu 5.10 installer does not properly clear passwords from the installer log file (questions.dat), and leaves the log file with world-readable permissions, which allows local users to gain privileges CVE-2006-1183 Exploits/Local Linux
10.14.2008 AIX update_flash PATH Usage Exploit update This package updates the AIX update_flash PATH Usage Exploit. CVE-2006-2647 Exploits/Local AIX
07.17.2013 Novell Client 2 NICM.SYS Privilege Escalation Exploit This module exploits a vulnerability in the NICM.SYS driver shipped with Novell Client 2 when handling specially crafted IOCTL requests. CVE-2013-3956 Exploits/Local Windows
07.18.2010 FreeBSD mount Local Privilege Escalation Exploit Update FreeBSD is prone to multiple stack-based buffer-overflow vulnerabilities because the kernel fails to perform adequate boundary checks on user-supplied data. If the system is configured to allow unprivileged users to mount file systems, it is possible for a local adversary to exploit this vulnerability and execute code in the context of the kernel. This update fixs some issues and adds validations pre-explotation. CVE-2008-3531 Exploits/Local FreeBSD
11.02.2010 GNU ld.so Arbitrary Dlopen Privilege Escalation Exploit The GNU C dynamic linker (ld.so) is prone to a local privilege- escalation vulnerability. This module exploits the vulnerability to install an agent with root privileges. CVE-2010-3856 Exploits/Local Linux
02.21.2007 Windows Image Acquisition CmdLine exploit The Window Image Acquisition (WIA) Service in Microsoft Windows XP allows local users to gain privileges via a stack overflow when processing the bsCmdLine parameter of the IWiaDevMgr::RegisterEventCallbackProgram function. CVE-2007-0210 Exploits/Local Windows
08.16.2010 Microsoft Windows CreateWindow Function Callback Exploit (MS10-048) Update This update adds support to Microsoft Windows 2003. This module exploits a vulnerability on win32k.sys when the "CreateWindow" function is called. CVE-2010-1897 Exploits/Local Windows
10.21.2012 Microsoft Windows Sysret Instruction Privilege Escalation Exploit (MS12-042) Update On Intel CPUs, sysret to non-canonical addresses causes a fault on the sysret instruction itself after the stack pointer is set to guest value but before the current privilege level (CPL) is changed. Windows is vulnerable due to the way the Windows User Mode Scheduler handles system requests. This module exploits the vulnerability and installs an agent with system privileges. This update fixes an issue in the documentation. CVE-2012-0217 Exploits/Local Windows
07.10.2012 Microsoft Windows Win32k Keyboard Layout Vulnerability Exploit (MS12-047) This update replaces the exploit modules for MS12-034. Also it adds support for 64bit versions of Microsoft Windows 2003, Vista and 2008. This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters. When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption. CVE-2012-1890 Exploits/Local Windows
11.18.2007 Linux ptrace x86_64 ia32syscall emulation exploit This module exploits a vulnerability in Linux for x86_64. The IA32 system call emulation functionality does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to trigger an out-of-bounds access to the system call table using the %RAX register and escalate privileges. CVE-2007-4573 Exploits/Local Linux
10.27.2011 Microsoft Windows AFD AfdConnect Privilege Escalation Exploit (MS11-046) The Ancillary Function Driver (AFD.sys) present in Microsoft Windows is vulnerable to an arbitrary pointer overwrite. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by sending a specially crafted IOCTL to the vulnerable driver. CVE-2011-1249 Exploits/Local Windows

Pages