Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Date Titlesort ascending Description Vulnerabilty Category Platform
07.17.2014 Apache Struts 2 devMode OGNL Remote Code Execution Exploit Update The best practice for web applications built on top of the Apache Struts 2 framework is to switch off Developer Mode (struts.devMode parameter in the struts.xml configuration file) before going into production. When devMode is left enabled, attackers can gain remote code execution by setting the 'debug=command' URL parameter and sending OGNL expressions through the 'expression' URL parameter. This module takes advantage of this misconfiguration scenario in order to deploy an agent in the target system. This update fixes the CVE identifier associated with the vulnerability exploited by this module. CVE-2012-0394 Exploits/Remote Windows, Mac OS X, Linux
07.11.2014 Apache Struts 2 devMode OGNL Remote Code Execution Exploit The best practice for web applications built on top of the Apache Struts 2 framework is to switch off Developer Mode (struts.devMode parameter in the struts.xml configuration file) before going into production. When devMode is left enabled, attackers can gain remote code execution by setting the 'debug=command' URL parameter and sending OGNL expressions through the 'expression' URL parameter. This module takes advantage of this misconfiguration scenario in order to deploy an agent in the target system. NOCVE-9999-62986 Exploits/Remote Windows, Mac OS X, Linux
10.27.2013 Apache Struts 2 DefaultActionMapper redirect Remote Code Execution Exploit Update The DefaultActionMapper class in Apache Struts2 supports a method for short-circuit navigation state changes by prefixing parameters with "action:" or "redirect:". The information contained in these prefixes is not properly sanitized before being evaluated as OGNL expressions on the server side, which allows remote attackers to execute arbitrary Java code on the server. This module exploits the vulnerability in any web application built on top of vulnerable versions of the Apache Struts 2 framework. CVE-2013-2251 Exploits/Remote Windows, Linux, Mac OS X
08.12.2013 Apache Struts 2 DefaultActionMapper redirect Remote Code Execution Exploit The DefaultActionMapper class in Apache Struts2 supports a method for short-circuit navigation state changes by prefixing parameters with "action:" or "redirect:". The information contained in these prefixes is not properly sanitized before being evaluated as OGNL expressions on the server side, which allows remote attackers to execute arbitrary Java code on the server. This module exploits the vulnerability in any web application built on top of vulnerable versions of the Apache Struts 2 framework. CVE-2013-2251 Exploits/Remote Windows, Linux, Mac OS X
02.09.2012 Apache Range Header DoS Update A denial of service vulnerability has been found in the way the multiple overlapping ranges are handled by the Apache HTTPD server. This update fixes an issue when launching the module from an agent running in a Linux system. CVE-2011-3192 Denial of Service/Remote Solaris, AIX, Linux, Windows
08.26.2011 Apache Range Header DoS A denial of service vulnerability has been found in the way the multiple overlapping ranges are handled by the Apache HTTPD server. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2011-3192 Denial of Service/Remote Solaris, AIX, Linux, Windows
02.05.2008 Apache Mod_rewrite Remote Buffer Overflow Exploit This module exploits an Off-by-one error in the LDAP scheme handling in the Rewrite module (mod_rewrite) in Apache and installs an agent into the target host. CVE-2006-3747 Exploits/Remote
04.06.2008 Apache mod_php Exploit Update 2 This update fixes an issue with the 'reuse connection' mode on Impact V7.5 CVE-2002-0081 Exploits/Remote Linux
07.27.2010 Apache mod_isapi Denial of Service Exploit The Apache HTTP Server, commonly referred to as Apache, is a popular open source web server software. mod_isapi is a core module of the Apache package that implements the Internet Server extension API. The extension allows Apache to serve Internet Server extensions (ISAPI .dll modules) for Microsoft Windows based hosts. By sending a specially crafted request followed by a reset packet it is possible to trigger a vulnerability in Apache mod_isapi that will unload the target ISAPI module from memory. However function pointers still remain in memory and are called when published ISAPI functions are referenced. This results in a dangling pointer vulnerability. CVE-2010-0425 Denial of Service/Remote Windows
06.21.2009 Apache Incomplete Header DoS This module creates a large number of connections to the Apache server that are left opened preventing it from accepting legitimate requests. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. NOCVE-9999-38787 Denial of Service/Remote Windows
01.26.2011 Apache Chunked Encoding Exploit Update This package fixes a bug in the Apache chunked encoding exploit. CVE-2002-0392 Exploits/Remote OpenBSD, Windows
12.18.2007 Apache - OpenSSL SSLv2 exploit update This update fixes an incompatibility issue between this exploit and latest Python versions. CVE-2002-0656 Exploits/Remote Linux
07.22.2009 AOL Radio IWinAmpActiveX ConvertFile() Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in AOL Radio ActiveX to install an agent. NOCVE-9999-38369 Exploits/Client Side Windows
02.14.2011 AOL Desktop RTX Buffer Overflow Exploit A buffer overflow in AOL Desktop allows an attacker to execute arbitrary code via crafted .RTX file. NOCVE-9999-46983 Exploits/Client Side Windows
08.28.2008 Anzio Web Print Object Buffer Overflow Exploit This module exploits a vulnerability in the PWButtonXControl1.ocx control included in the Anzio Web Print Object application. The exploit is triggered when the mainuri property processes a long string argument resulting in a stack-based buffer overflow. This module runs a malicious web site on the CORE IMPACT Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. CVE-2008-3480 Exploits/Client Side Windows
02.24.2011 Anti Keylogger Elite Privilege Escalation Exploit Update 2 This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges. This update improves the checks to verify whether the vulnerable application is installed or not. CVE-2008-5049 Exploits/Local Windows
10.26.2009 Anti Keylogger Elite Privilege Escalation Exploit Update This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges. This update improves the checks to verify whether the vulnerable application is installed or not. CVE-2008-5049 Exploits/Local Windows
03.30.2009 Anti Keylogger Elite Privilege Escalation Exploit This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges. CVE-2008-5049 Exploits/Local Windows
03.07.2012 Android Webkit Floating Point Datatype Exploit WebKit in Android 2.1 does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation. Exploits/Client Side/Mobile
11.29.2010 Amazon Kindle for PC wintab32 DLL Hijacking Exploit Amazon Kindle for PC is prone to a vulnerability that may allow execution of wintab32.dll if this dll is located in the same folder than .AZW file. NOCVE-9999-45894 Exploits/Client Side Windows
01.18.2011 Amaya Web Browser BDO HTML TAG Buffer Overflow Exploit Update This module exploits a vulnerability caused by boundary errors in Amaya Web Browser within the processing of a BDO HTML tag that has an overly long DIR attribute, allowing an attacker to cause a stack overflow in order to execute arbitrary code. This update fixes an issue when using the option "Generate File". CVE-2008-5282 Exploits/Client Side Windows
01.28.2009 Amaya Web Browser BDO HTML TAG Buffer Overflow Exploit This module exploits a vulnerability caused due to boundary errors in Amaya Web Browser within the processing of BDO HTML tag having an overly long DIR attribute, allowing an attacker to cause a stack overflow in order to execute arbitrary code. CVE-2008-5282 Exploits/Client Side Windows
12.05.2010 Altova MapForce 2011 Enterprise Edition dwmapi DLL Hijacking Exploit Altova MapForce 2011 Enterprise Edition is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .MFD file. NOCVE-9999-46106 Exploits/Client Side Windows
12.02.2010 Altova Diffdog 2011 dwmapi DLL Hijacking Exploit Altova Diffdog 2011 is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .DBDIF file. NOCVE-9999-46105 Exploits/Client Side Windows
12.02.2010 Altova DatabaseSpy 2011 dwmapi DLL Hijacking Exploit Altova DatabaseSpy 2011 is prone to a vulnerability that may allow the execution of any library file named dwmapi.dll, if this dll is located in the same folder than a .QPRJ file. NOCVE-9999-46104 Exploits/Client Side Windows
01.24.2012 Altarsoft Audio Converter WAV File Buffer Overflow Exploit Altarsoft Audio Converter is prone to a buffer overflow when parsing malformed WAV files. NOCVE-9999-50621 Exploits/Client Side Windows
10.28.2008 Alt-N Security Gateway Remote Buffer Overflow Exploit Update 2 This module exploits a stack-based buffer overflow in the Alt-N Security Gateway by sending a specially crafted HTTP request to the TCP port 4000. This update add the CVE number. CVE-2008-4193 Exploits/Remote Windows
10.23.2008 Alt-N Security Gateway Remote Buffer Overflow Exploit Update This module exploits a stack-based buffer overflow in the Alt-N Security Gateway by sending a specially crafted HTTP request to the TCP port 4000. This module adds support for Windows 2000 Professional SP4. CVE-2008-4193 Exploits/Remote Windows
09.24.2008 Alt-N Security Gateway Remote Buffer Overflow Exploit This module exploits a stack-based buffer overflow in the Alt-N Security Gateway by sending a specially crafted HTTP request to the TCP port 4000. CVE-2008-4193 Exploits/Remote Windows
10.28.2013 Aloaha PDF Suite Buffer Overflow Exploit Aloaha PDF Suite is prone to a security vulnerability when processing PDF files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing Aloaha users to open a specially crafted PDF file. CVE-2013-4978 Exploits/Client Side Windows

Pages