CORE Impact Pro Exploits and Security Updates

When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.

Use the controls below to navigate CORE Impact exploits and other modules.

Released Date Title Description Vulnerabilty Categorysort descending Platform
10.31.2006 Apache Chunked Encoding Exploit Update Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size. This update improve the exploit reliability and adds support for windows 2003. CVE-2002-0392 Exploits/Remote OpenBSD, Windows
01.16.2014 MongoDB mongoFind Uninitialized Memory Exploit Update The mongo::mongoFind method in MongoDB makes use of uninitialized memory. A remote attacker can fill that memory address with controlled data and then call the vulnerable function in order to execute arbitrary code on the affected server. This update adds the CVE number. CVE-2013-3969 Exploits/Remote Linux
06.10.2009 MSRPC Server Service Remote Buffer Overflow Exploit (MS08-067) Update 4 This module exploits a vulnerability in the Microsoft Windows Server service by sending a specially crafted RPC request. This update adds reliability to all supported platforms. CVE-2008-4250 Exploits/Remote Windows
10.14.2012 Samba LsarSetInformationPolicy Request Remote Buffer Overflow Exploit Update This update adds support to Debian 6.0.0 and adds support for attacking IPv6 targets. This module exploits a heap overflow bug in Samba Server by sending a crafted request packet via DCERPC call. CVE-2012-1182 Exploits/Remote Linux
08.01.2007 Borland InterBase Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the database service (ibserver.exe) of the Borland InterBase application. The exploit triggers a stack-based buffer overflow by sending a specially crafted "create" request to port 3050/TCP of the vulnerable system and installs an agent if successful. CVE-2007-3566 Exploits/Remote Windows
04.06.2010 DameWare Mini Remote Control Pre Auth Exploit This module exploits a vulnerability in the DameWare Mini Remote Control Service sending a specially crafted packet to the 6129/TCP port. CVE-2003-1030 Exploits/Remote Windows
10.23.2011 e107 Install Script Command Injection Exploit e107 CMS is vulnerable to a command injection in its installation script due to a lack of sanitization on the MySQL server parameter. CVE-2011-1513 Exploits/Remote Windows, Solaris, Linux, Mac OS X
09.13.2011 Agent modules realibility fix This update improves the reliability of the Microsoft Package and Register, Send Agent by Email, Install agent using SMB, Instal agent using USB and Install agent using SSH modules. Exploits/Remote
02.12.2012 Trend Micro Control Manager CmdProcessor.exe AddTask Remote Buffer Overflow Exploit The CmdProcessor.exe service of Trend Micro Control Manager is prone to a stack-based buffer overflow, which can be exploited by remote unauthenticated attackers to execute arbitrary code by sending a specially crafted IPC packet to the vulnerable service. CVE-2011-5001 Exploits/Remote Windows
09.04.2013 Graphite Pickle Remote Code Execution Exploit This module exploits an unsafe pickle operation of Graphite in order to install an agent. CVE-2013-5093 Exploits/Remote Linux
10.20.2008 Microsoft Windows SMB Buffer Underflow DoS (MS08-063) This module exploits a remote vulnerability on the FIND_FIRTS2 SMB subcommand on the srv.sys driver. CVE-2008-4038 Exploits/Remote Windows
12.01.2011 PHPMyAdmin Setup Config Remote Code Execution Exploit Update This update adds support for Solaris and Mac OS X platforms. CVE-2009-1151 Exploits/Remote Solaris, Linux, Mac OS X
04.15.2014 HP ProCurve Agent AgentServlet Remote Code Execution Exploit The AgentServlet class in the Web interface of HP ProCurve Agent is prone to an authentication bypass vulnerability when handling HEAD requests. This vulnerability can be abused by remote unauthenticated attackers to modify the configuration of the HP ProCurve Agent, which can ultimately be leveraged to access the Tornado service component and finally execute arbitrary code with SYSTEM privileges on the target machine. CVE-2013-4813 Exploits/Remote Windows
07.21.2009 XOOPS mydirname Remote Code Execution Exploit This module exploits a lack of data sanitization when passed to the "mydirname" parameter in specific modules of XOOP web application. This can be exploited to inject and execute arbitrary PHP code to deploy an agent. Successful exploitation requires that "register_globals" is enabled. NOCVE-9999-38580 Exploits/Remote Solaris, Linux
10.31.2005 MSRPC SPOOLSS Buffer Overflow exploit This module exploits a heap based buffer overflow in the Print Spooler service (MS05-043) and installs an agent. CVE-2005-1984 Exploits/Remote Windows
10.24.2012 Identity Viewer Protocol Fix This fixes a misspelling in the identity.xml file. Exploits/Remote
04.12.2009 PeerCast HTTP Server Buffer Overflow exploit PeerCast is prone to a remote buffer overflow vulnerability. This can facilitate a remote compromise due to arbitrary code execution. CVE-2006-1148 Exploits/Remote Linux
10.01.2013 Openftpd Server Buffer Overflow Exploit Update The vulnerability is caused due to a boundary error within the authentication process. This can be exploited to cause a stack-based buffer overflow by sending an overly long, specially-crafted password to the affected server. This update adds CVE Number. CVE-2010-2620 Exploits/Remote Windows
11.22.2011 Tomcat Deploy Manager Default Account Code Execution Exploit Update This update enhaces the functionality of this module. CVE-2009-3548 Exploits/Remote Windows
06.20.2008 Microsoft WINS Exploit (MS08-034) A memory corruption vulnerability in the ChkNtfSock function of wins.exe allows remote code execution. The WINS service listens on more than one UDP port (it listens on 42/udp and also on a dynamic UDP port). This attack targets the dynamic udp port, thus it requires the identification of such dynamic port by the user. This can be accomplished by running a port scanner module such as the 'Port Scanner - UDP' module. CVE-2008-1451 Exploits/Remote
05.22.2014 Catia CATSV5 Backbone Remote Buffer Overflow Exploit This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing CATIA. The vulnerability is caused due to a boundary error when copying a user supplied input to a fixed size stack buffer. The copying procedure stops when a null byte is found and no size check is proceeded. NOCVE-9999-62708 Exploits/Remote Windows
02.07.2010 WireShark LWRES Dissector Buffer Overflow Exploit This module exploits a stack-based buffer overflow in the WireShark LWRES dissector by sending a specially crafted LWRES packet. CVE-2010-0304 Exploits/Remote Windows
01.22.2008 MySQL yaSSL Exploit update This update adds support for Linux, Freebsd and additional MySQL versions. CVE-2008-0226 Exploits/Remote Windows, Linux, FreeBSD
11.27.2007 Tivoli Storage Manager Exploit This module exploits a stack-based buffer overflow in the IBM Tivoli Storage Manager Express CAD Service 5.3. CVE-2007-4880 Exploits/Remote Windows
07.13.2011 IBM Tivoli Endpoint lcfd opts Argument Buffer Overflow Exploit This module exploits a stack-based buffer overflow vulnerability in IBM Tivoli Endpoint by sending a specially crafted HTTP request. The specific flaw exists within the lcfd.exe process which listens by default on TCP port 9495. To reach this page remotely authentication is required. However, by abusing a built-in account an attacker can access the restricted pages. While parsing requests to one of these, the process blindly copies the contents of a POST variable to a 256 byte stack buffer. CVE-2011-1220 Exploits/Remote Windows
10.27.2013 Apache Struts 2 DefaultActionMapper redirect Remote Code Execution Exploit Update The DefaultActionMapper class in Apache Struts2 supports a method for short-circuit navigation state changes by prefixing parameters with "action:" or "redirect:". The information contained in these prefixes is not properly sanitized before being evaluated as OGNL expressions on the server side, which allows remote attackers to execute arbitrary Java code on the server. This module exploits the vulnerability in any web application built on top of vulnerable versions of the Apache Struts 2 framework. CVE-2013-2251 Exploits/Remote Windows, Linux, Mac OS X
01.28.2009 HP OpenView NNM HTTP Request Stack Overflow Exploit This module exploits a buffer overflow vulnerability in the Toolbar application, part of the HP OpenView Network Node Manager application. The exploit triggers a stack-based buffer overflow by sending a specially crafted HTTP request to the ports 3443/TCP or 80/TCP of the vulnerable system and installs an agent if successful. CVE-2008-0067 Exploits/Remote Windows, Solaris
12.13.2011 Zabbix Remote Code Execution Exploit Update This module adds support for Mac OS X and Solaris platforms. NOCVE-9999-37058 Exploits/Remote Solaris, Linux, Mac OS X
02.24.2010 Openftpd Server Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the authentication process. This can be exploited to cause a stack-based buffer overflow by sending an overly long, specially-crafted password to the affected server. NOCVE-9999-42236 Exploits/Remote Windows
11.22.2010 Drupal BlogAPI Remote Execution Exploit Update 4 The BlogAPI module does not validate the extension of files that it is used to upload, enabling users with the "administer content with blog api" permission to upload harmful files. This module uploads an IMPACT agent, creates a php file to execute the agent and then makes a request to the file. The result is an IMPACT agent running on the webserver. This update adds support for the AIX platform. CVE-2008-4792 Exploits/Remote Solaris, Linux, AIX

Pages