Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Date Title Description Vulnerabilty Categorysort descending Platform
03.30.2009 Anti Keylogger Elite Privilege Escalation Exploit This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges. CVE-2008-5049 Exploits/Local Windows
12.25.2006 Mac OS X Mach Exception Handling exploit update An error handling mechanism in the kernel of Mac OS X, provides the ability to control programs when certain types of errors are encountered. This module uses this mechanism to execute arbitrary code in privileged programs if an error is encountered. This update adds support for Mac OS X (i386) CVE-2006-4392 Exploits/Local
11.02.2010 GNU ld.so Arbitrary Dlopen Privilege Escalation Exploit The GNU C dynamic linker (ld.so) is prone to a local privilege- escalation vulnerability. This module exploits the vulnerability to install an agent with root privileges. CVE-2010-3856 Exploits/Local Linux
11.07.2011 Trend Micro InterScan Web Security Suite Privilege Escalation Exploit This module exploits a local vulnerability in Trend Micro IWSS to gain elevated privileges on the affected computer. NOCVE-9999-50131 Exploits/Local Solaris, Linux
05.21.2009 ElbyCDIO IO Driver Privilege Escalation Exploit This module exploits a vulnerability in ElbyCDIO.SYS driver when handling a specially crafted IOCTL request. The vulnerability allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. CVE-2009-0824 Exploits/Local Windows
10.26.2009 Anti Keylogger Elite Privilege Escalation Exploit Update This module exploits a vulnerability in Anti keylogger elite when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x002224A4 handler in the AKEProtect.sys device driver in Anti Keylogger Elite allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain system privileges. This update improves the checks to verify whether the vulnerable application is installed or not. CVE-2008-5049 Exploits/Local Windows
01.23.2013 Panda Internet Security Binary Planting Privilege Escalation Exploit This module exploits a privilege escalation vulnerability in Panda Internet Security. NOCVE-9999-56047 Exploits/Local Windows
06.03.2009 FreeBSD ktimer Local Privilege Escalation Exploit FreeBSD is prone to a local privilege-escalation vulnerability because it fails to adequately bounds-check user-supplied data. An attacker can exploit this vulnerability to run arbitrary code with elevated privileges. CVE-2009-1041 Exploits/Local FreeBSD
07.02.2007 TrueCrypt Privilege Escalation Exploit This module exploits a vulnerability in TrueCrypt 4.x when the software is installed with setuid root. An attacker can exploit this vulnerability to obtain root privileges. This exploit mounts a temporary, especially crafted TrueCrypt volume in the /lib/tls directory and executes a setuid application to bypass security controls and execute an agent as root. CVE-2007-1738 Exploits/Local Linux
08.30.2012 FreeBSD NFS Client Privilege Escalation Exploit The NFS client subsystem in FreeBSD fails to correctly validate the length of a parameter provided by the user when a filesystem is mounted. This may cause a kernel stack overflow that can be exploited by local users to gain root privileges. CVE-2010-2020 Exploits/Local FreeBSD
11.07.2011 Microsoft Windows AFD AfdJoinLeaf Privilege Escalation Exploit Update (MS11-080) The Ancillary Function Driver (AFD.sys) present in Microsoft Windows is vulnerable to an arbitrary pointer overwrite. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by sending a specially crafted IOCTL to the vulnerable driver. This update adds support for Windows 2003. CVE-2011-2005 Exploits/Local Windows
02.21.2011 Sun SunScreen Firewall Privilege Escalation Exploit The SunScreen Firewall is prone to a vulnerability that allows the execution of arbitrary commands as the root user. This module exploits the vulnerability and installs an agent with root privileges. CVE-2011-0902 Exploits/Local Solaris
05.07.2008 Microsoft IIS MS08-006 Exploit update This module exploits a stack buffer overflow vulnerability in Microsoft Internet Information Server 5.1 through 6.0. This update adds support for 2003 Enterprise Sp1 and bypasses DEP in already supported platforms. CVE-2008-0075 Exploits/Local Windows
03.05.2006 CSRSS facename exploit This module exploits a stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process. Allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value. CVE-2005-0551 Exploits/Local Windows
09.10.2007 WinPcap NPF.SYS IOCTL Handler Privilege Escalation Exploit Windows 2003 Support This module exploits a vulnerability in WinPcap. The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters. This update adds support for Windows 2003. CVE-2007-3681 Exploits/Local Windows
09.24.2014 Microsoft Windows Ancillary Function Driver Double Free Vulnerability Exploit (MS14-040) Update 2 This module exploits a double-free vulnerability in "afd.sys" by calling to "AfdTransmiteFile" function with crafted parameters. This update adds support to Impact 2014 R2. CVE-2014-1767 Exploits/Local Windows
07.20.2008 Mac OS X pppd Plugin Loading Privilege Escalation Exploit The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check. CVE-2007-0752 Exploits/Local Mac OS X
10.15.2012 Microsoft Windows Sysret Instruction Privilege Escalation Exploit (MS12-042) On Intel CPUs, sysret to non-canonical addresses causes a fault on the sysret instruction itself after the stack pointer is set to guest value but before the current privilege level (CPL) is changed. Windows is vulnerable due to the way the Windows User Mode Scheduler handles system requests. This module exploits the vulnerability and installs an agent with root privileges. CVE-2012-0217 Exploits/Local Windows
07.04.2012 FreeBSD Sysret Instruction Privilege Escalation Exploit On Intel CPUs, sysret to non-canonical addresses causes a fault on the sysret instruction itself after the stack pointer is set to guest value but before the current privilege level (CPL) is changed. FreeBSD is vulnerable to this issue due to insufficient sanity checks when returning from a system call. This module exploits the vulnerability and installs an agent with root privileges. CVE-2012-0217 Exploits/Local FreeBSD
10.21.2008 ZoneAlarm VSDATANT IOCTL Handler Privilege Escalation Exploit Update This module exploits a vulnerability in ZoneAlarm products when the 0x8400000F function is invoked with a specially crafted parameter. The IOCTL 0x8400000F handler in the VSDATANT.SYS device driver in ZoneAlarm products allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain escalated privileges. This update adds support for Windows XP SP3. CVE-2007-4216 Exploits/Local Windows
06.11.2007 Microsoft Windows GDI Kernel Local Privilege Escalation Exploit This module exploits a vulnerability in the way that Microsoft Windows manages GDI kernel structures in shared memory. An attacker could remap a global shared memory section that is defined to be read-only to read-write allowing them to execute arbitrary code and gain additional privileges on the target system. CVE-2006-5758 Exploits/Local Windows
11.18.2007 Linux ptrace x86_64 ia32syscall emulation exploit This module exploits a vulnerability in Linux for x86_64. The IA32 system call emulation functionality does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to trigger an out-of-bounds access to the system call table using the %RAX register and escalate privileges. CVE-2007-4573 Exploits/Local Linux
03.14.2012 Linux mem_write Local Privilege Escalation Due to insuficient checks when accessing the memory of a process vi /proc/PID/mem the linux kernel is prone to a privilige escalation. CVE-2012-0056 Exploits/Local Linux
08.23.2010 Microsoft Windows CreateWindow Function Callback Exploit (MS10-032) Update 2 This update adds support to Microsoft Windows Vista and Microsoft Windows 2008. This module exploits a vulnerability in win32k.sys when a "window" is created. CVE-2010-0485 Exploits/Local Windows
12.03.2014 Linux Kernel libfutex Privilege Escalation Exploit This module exploits a vulnerability in the Linux Kernel. The futex_requeue function in kernel/futex.c in the Linux kernel does not ensure that calls have two different futex addresses, which allows local attackers to gain privileges via a crafted FUTEX_REQUEUE command. CVE-2014-3153 Exploits/Local Linux
06.15.2014 Linux sudo env_reset Privilege Escalation Exploit A logical error in sudo when the env_reset option is disabled allows local attackers to define environment variables that were supposed to be blacklisted by sudo. This can be exploited by a local unprivileged attacker to gain root privileges by manipulating the environment of a command that the user is legitimately allowed to run with sudo. CVE-2014-0106 Exploits/Local Linux
09.20.2006 Linux suid_dumpable exploit The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions. CVE-2006-2451 Exploits/Local Linux
03.21.2012 PAM Motd Privilege Escalation Exploit Update The PAM MOTD module in Ubuntu does not correctly handle path permissions when creating user file stamps. A local attacker can exploit this to gain root privileges. This update improves the reliability of the exploit. CVE-2010-0832 Exploits/Local Linux
05.07.2009 Sun xVM VirtualBox Exploit This module exploits a local privilege escalation vulnerability in certain packages shipped with Sun xVM VirtualBox for the Linux platform. CVE-2009-0876 Exploits/Local Linux
02.21.2011 Panda Global Protection AppFlt.sys Privilege Escalation Exploit This module exploits a memory corruption vulnerability in the AppFlt.sys driver of Panda Global Protection when handling a specially crafted IOCTL request. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges. NOCVE-9999-46949 Exploits/Local Windows

Pages