CORE Impact Pro Exploits and Security Updates

When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.

Use the controls below to navigate CORE Impact exploits and other modules.

Released Date Title Description Vulnerabilty Categorysort descending Platform
06.18.2009 Microsoft Windows Print Spooler Load Library Vulnerability Exploit (MS09-022) This module takes advantage of an insufficient library path check in spoolsv.exe service loading a dll with system user privileges. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-0230 Exploits/Local Windows
10.22.2007 Windows Macrovision (SECDRV.SYS) Memory Corruption Exploit Update This module exploits a vulnerability in Windows XP and Windows 2003 when the 0xCA002813 function is invoked with a specially crafted parameter. The IOCTL 0xCA002813 handler in the SECDRV.SYS device driver in Macrovision products, installed by default in Windows XP and Windows 2003, allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. This update corrects the CVE number and adds Windows 2003 as Supported System. CVE-2007-5587 Exploits/Local Windows
01.23.2013 Panda Internet Security Binary Planting Privilege Escalation Exploit This module exploits a privilege escalation vulnerability in Panda Internet Security. NOCVE-9999-56047 Exploits/Local Windows
08.30.2012 FreeBSD NFS Client Privilege Escalation Exploit The NFS client subsystem in FreeBSD fails to correctly validate the length of a parameter provided by the user when a filesystem is mounted. This may cause a kernel stack overflow that can be exploited by local users to gain root privileges. CVE-2010-2020 Exploits/Local FreeBSD
05.18.2011 Mac OS X i386_set_ldt Vulnerability Local Privilege Escalation Exploit This module exploits a vulnerability on "i386_set_ldt" function of "mach_kernel" creating a "call gate" entry in the LDT. CVE-2011-0182 Exploits/Local Mac OS X
11.07.2007 Xen Pygrub Command Injection exploit This module exploits a command injection error in tools/pygrub/src/GrubConf.py. This can be exploited by "root" users of a guest domain to execute arbitrary commands in domain 0 via specially crafted entries in grub.conf when the guest system is booted. CVE-2007-4993 Exploits/Local Linux
03.30.2009 Anti Keylogger Elite Privilege Escalation Exploit This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges. CVE-2008-5049 Exploits/Local Windows
08.16.2010 Microsoft Windows CreateWindow Function Callback Exploit (MS10-048) Update This update adds support to Microsoft Windows 2003. This module exploits a vulnerability on win32k.sys when the "CreateWindow" function is called. CVE-2010-1897 Exploits/Local Windows
06.25.2013 Linux Kernel perf_swevent_init Privilege Escalation Exploit This module exploits a vulnerability in the Linux kernel. The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call. CVE-2013-2094 Exploits/Local Linux
01.19.2012 Microsoft Windows TrueType Font Parsing Vulnerability Local Exploit (MS11-087) This module exploits a Windows kernel heap overflow vulnerability when a crafted TTF file is processed by Windows kernel. CVE-2011-3402 Exploits/Local Windows
02.24.2011 Anti Keylogger Elite Privilege Escalation Exploit Update 2 This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges. This update improves the checks to verify whether the vulnerable application is installed or not. CVE-2008-5049 Exploits/Local Windows
06.15.2011 PolicyKit pkexec Race Condition Exploit This module exploits a local race-condition vulnerability in PolicyKit, which allows local users to execute arbitrary code with root privileges. CVE-2011-1485 Exploits/Local Linux
08.18.2009 Microsoft IIS MS08-006 Exploit update 3 This module exploits a stack buffer overflow vulnerability present in Microsoft Internet Information Server versions 5.1 through 6.0. This update makes the name of the file used random to improve reliability, as well as avoid a system error when the file is used. It also adds the possibility of deploying multiple agents. CVE-2008-0075 Exploits/Local Windows
05.20.2009 FreeBSD Telnetd Privilege Escalation Exploit Local attackers can exploit this issue to execute arbitrary code with superuser privileges. Successfully exploiting this issue will facilitate in the complete compromise of affected computers. CVE-2009-0641 Exploits/Local FreeBSD
10.20.2010 FreeBSD pseudofs NULL Pointer Dereference Privilege Escalation Exploit Due to failure to handle exceptional conditions, a NULL pointer is dereferenced by the FreeBSD kernel allowing to overwrite arbitrary kernel memory. This module exploits the vulnerability to install an agent with root privileges. CVE-2010-4210 Exploits/Local FreeBSD
07.04.2012 FreeBSD Sysret Instruction Privilege Escalation Exploit On Intel CPUs, sysret to non-canonical addresses causes a fault on the sysret instruction itself after the stack pointer is set to guest value but before the current privilege level (CPL) is changed. FreeBSD is vulnerable to this issue due to insufficient sanity checks when returning from a system call. This module exploits the vulnerability and installs an agent with root privileges. CVE-2012-0217 Exploits/Local FreeBSD
10.17.2011 Microsoft WINS Input Validation Exploit (MS11-070) Update This module adds support to Microsoft Windows 2008. This module exploits a vulnerability on Microsoft WINS service sending crafted UDP packets to the WINS-RPC local port. CVE-2011-1984 Exploits/Local Windows
06.03.2009 FreeBSD ktimer Local Privilege Escalation Exploit FreeBSD is prone to a local privilege-escalation vulnerability because it fails to adequately bounds-check user-supplied data. An attacker can exploit this vulnerability to run arbitrary code with elevated privileges. CVE-2009-1041 Exploits/Local FreeBSD
11.14.2010 Microsoft Windows Task Scheduler Service Privilege Escalation Exploit This module exploits a privilege escalation vulnerability in the Microsoft Windows Task Scheduler Service. This vulnerability is currently exploited by the Stuxnet malware. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-3338 Exploits/Local Windows
10.23.2007 Linux X.org composite exploit This module exploits a buffer overflow condition on local X.org servers with the composite extension activated. CVE-2007-4730 Exploits/Local Linux
08.01.2006 Linux vixie-cron exploit do_command.c in Vixie cron (vixie-cron) 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in /etc/security/limits.conf CVE-2006-2607 Exploits/Local Linux
09.11.2011 Microsoft WINS Input Validation Exploit (MS11-070) This module exploits a vulnerability on Microsoft WINS service sending crafted UDP packets to the WINS-RPC local port. CVE-2011-1984 Exploits/Local Windows
12.02.2013 Microsoft Windows NDProxy DeviceIoControl Vulnerability Exploit This module exploits a vulnerability in Windows kernel ("ndproxy.sys" driver) by calling to the "DeviceIoControl" function with crafted parameters. CVE-2013-5065 Exploits/Local Windows
07.18.2013 Microsoft Windows Win32k Read AV Vulnerability (MS13-053) This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk. This is only a documentation update of the original module "Microsoft Windows Win32k pprFlattenRec Vulnerability Exploit". CVE-2013-3660 Exploits/Local Windows
12.28.2008 Mac OS X smcFanControl Local Privilege Escalation Exploit This module exploits a buffer overflow vulnerability in smcFanControl on Apple Mac OS X 10.4.x when the software is installed with setuid root. An attacker can exploit this vulnerability to obtain root privileges. CVE-2008-6252 Exploits/Local Mac OS X
05.21.2009 ElbyCDIO IO Driver Privilege Escalation Exploit This module exploits a vulnerability in ElbyCDIO.SYS driver when handling a specially crafted IOCTL request. The vulnerability allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. CVE-2009-0824 Exploits/Local Windows
07.13.2014 Linux Kernel n_tty_write Privilege Escalation Exploit This module exploits a vulnerability in the Linux Kernel. The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local attackers to escalate privileges triggering a race condition involving read and write operations with long strings. CVE-2014-0196 Exploits/Local Linux
10.15.2012 Microsoft Windows Sysret Instruction Privilege Escalation Exploit (MS12-042) On Intel CPUs, sysret to non-canonical addresses causes a fault on the sysret instruction itself after the stack pointer is set to guest value but before the current privilege level (CPL) is changed. Windows is vulnerable due to the way the Windows User Mode Scheduler handles system requests. This module exploits the vulnerability and installs an agent with root privileges. CVE-2012-0217 Exploits/Local Windows
06.07.2009 SSDT Cleaner for IMPACT SDT Cleaner is a tool that intends to clean the SSDT (system service descriptor table) from hooks. The SDT Cleaner allows you to clean hooks installed by Anti-Virus and Firewalls. Exploits/Tools Windows
04.23.2013 PHP Parsing Variant Buffer Overflow Exploit A Buffer overflow against the com_print_typeinfo function in PHP running on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types. CVE-2012-2376 Exploits/Tools Windows

Pages