CORE Impact Pro Exploits and Security Updates
When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.
Use the controls below to navigate CORE Impact exploits and other modules.
|07.03.2014||Microsoft Windows TCP TimeStamp Option Vulnerability DoS (MS14-031)||This module exploits a vulnerability in "tcpip.sys" by sending a large number of TCP packets with the Time Stamp option enabled.||CVE-2014-1811||Denial of Service/Remote||Windows|
|07.11.2014||Apache Struts 2 devMode OGNL Remote Code Execution Exploit||The best practice for web applications built on top of the Apache Struts 2 framework is to switch off Developer Mode (struts.devMode parameter in the struts.xml configuration file) before going into production. When devMode is left enabled, attackers can gain remote code execution by setting the 'debug=command' URL parameter and sending OGNL expressions through the 'expression' URL parameter. This module takes advantage of this misconfiguration scenario in order to deploy an agent in the target system.||NOCVE-9999-62986||Exploits/Remote||Windows, Mac OS X, Linux|
|07.13.2014||Linux Kernel n_tty_write Privilege Escalation Exploit||This module exploits a vulnerability in the Linux Kernel. The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local attackers to escalate privileges triggering a race condition involving read and write operations with long strings.||CVE-2014-0196||Exploits/Local||Linux|
|07.14.2014||FreeBSD X.Org libXfont BDF Privilege Escalation Exploit||The bdfReadCharacters() function in the libXfont component of X.Org is prone to a stack-based buffer overflow vulnerability when parsing a specially crafted BDF font file. This vulnerability can be exploited by a local unprivileged attacker to gain root privileges.||CVE-2013-6462||Exploits/Local||FreeBSD|
|07.16.2014||Microsoft Windows Administrator UAC Elevation Bypass||This module abuses a design flaw in the way Microsoft Windows implements a UAC whitelist. The flaw could allow a process running with Medium Integrity to elevate itself to High Integrity without a UAC prompt when the process is run from an account in the administrators group.||NOCVE-9999-64489||Exploits/Local||Windows|
|07.17.2014||mIRC Buffer Overflow Exploit update 2||The vulnerability is caused due to a boundary error in the processing of PRIVMSG IRC messages. This can be exploited to cause a stack-based buffer overflow by tricking a user into connecting to a malicious IRC server. This update resolves SuspendOtherThread usage.||CVE-2008-4449||Exploits/Client Side||Windows|
|07.17.2014||Apache Struts 2 devMode OGNL Remote Code Execution Exploit Update||The best practice for web applications built on top of the Apache Struts 2 framework is to switch off Developer Mode (struts.devMode parameter in the struts.xml configuration file) before going into production. When devMode is left enabled, attackers can gain remote code execution by setting the 'debug=command' URL parameter and sending OGNL expressions through the 'expression' URL parameter. This module takes advantage of this misconfiguration scenario in order to deploy an agent in the target system. This update fixes the CVE identifier associated with the vulnerability exploited by this module.||CVE-2012-0394||Exploits/Remote||Windows, Mac OS X, Linux|
|07.21.2014||HP AutoPass License Server Remote Code Execution Exploit||This module exploits a remote code execution vulnerability in HP AutoPass License Server. The CommunicationServlet component in HP AutoPass License Server does not enforce authentication and has a directory traversal vulnerability allowing a remote attacker to execute arbitrary code trough a JSP page uploaded to the vulnerable server.||CVE-2013-6221||Exploits/Remote||Windows|
|07.21.2014||Adobe ColdFusion l10n.cfm Remote Code Execution Exploit||The /CFIDE/adminapi/customtags/l10n.cfm page in Adobe ColdFusion does not properly validate its attributes.file parameter. This can be abused by a remote unauthenticated attacker to execute arbitrary code on vulnerable servers.||CVE-2013-3336||Exploits/Remote||Windows, Linux|