Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Date Title Description Vulnerabilty Categorysort descending Platform
02.08.2010 WireShark LWRES Dissector Buffer Overflow Exploit Update This module exploits a stack-based buffer overflow in the WireShark LWRES dissector by sending a specially crafted LWRES packet. This update adds support for more WireShark versions. CVE-2010-0304 Exploits/Remote Windows
01.28.2008 SNORT SMB Fragmentation Buffer Overflow Exploit Update This module exploits a stack buffer overflow vulnerability in the Sourcefire Snort DCE/RPC preprocessor. An unauthenticated, remote attacker can exploit this vulnerability to execute arbitrary code with the privileges of the Snort process. This update adds support for Redhat Enterprise Linux 4 and FreeBSD 6.2 on Impact 7.5 CVE-2006-5276 Exploits/Remote Linux, FreeBSD
09.06.2013 Sophos Web Protection Appliance sblistpack Command Injection Exploit The /opt/ws/bin/sblistpack Perl script in Sophos Web Protection Appliance, which can be reached from the web interface, is vulnerable to OS command injection because its get_referers() function does not escape the first argument of the script before using it within a string that will be executed as a command by using backticks. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary code in the affected appliance with the privileges of the "spiderman" operating system user. A second vulnerability in the Sophos Web Protection Appliance (an OS command injection in the /opt/cma/bin/clear_keys.pl script, which can be executed by the "spiderman" user with the sudo command without password) allows an attacker who successfully compromised the appliance to escalate privileges from "spiderman" to root. CVE-2013-4983 Exploits/Remote Linux
12.05.2011 Zen Cart record_company Remote Code Execution Exploit Update This update adds support for Mac OS X and Solaris platforms. CVE-2009-2255 Exploits/Remote Solaris, Linux, Mac OS X
08.12.2014 Supported services list update This package updates the list of network service TCP and UDP ports known to the Impact exploits framework. Exploits/Remote
12.22.2008 WFTPD Server SIZE Command Buffer Overflow Exploit An internal memory buffer may be overrun while handling long "SIZE" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the WFTPD Server process. CVE-2006-4318 Exploits/Remote
08.31.2011 Cisco NX-OS CDP Remote Exploit A vulnerability has been reported as Cisco Bug ID CSCtf08873 which states that a CDP packet with a long Device ID crashes CDPD on N7k. Our research indicated that the vulnerability corrupts the state of the heap, leading to an exploitable scenario, which allows to gain administrator privileges. This module exploits such vulnerability in order to install an agent. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. NOCVE-9999-48401 Exploits/Remote
08.24.2011 MSRPC Server Service Remote Buffer Overflow Exploit Reliability Enhancement This updates improves the reliability and AV Evasion of MSRPC Server Service Remote Buffer Overflow Exploit against Windows 2000 targets, in those cases where the target OS and Version is unknown before launching the exploit. Exploits/Remote Windows
08.26.2009 Symantec Intel Alert Originator Service Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the Intel Alert Originator service by sending a specially crafted packet to the 38292/TCP port. CVE-2009-1430 Exploits/Remote Windows
04.15.2014 HP ProCurve Agent AgentServlet Remote Code Execution Exploit The AgentServlet class in the Web interface of HP ProCurve Agent is prone to an authentication bypass vulnerability when handling HEAD requests. This vulnerability can be abused by remote unauthenticated attackers to modify the configuration of the HP ProCurve Agent, which can ultimately be leveraged to access the Tornado service component and finally execute arbitrary code with SYSTEM privileges on the target machine. CVE-2013-4813 Exploits/Remote Windows
08.01.2007 Borland InterBase Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the database service (ibserver.exe) of the Borland InterBase application. The exploit triggers a stack-based buffer overflow by sending a specially crafted "create" request to port 3050/TCP of the vulnerable system and installs an agent if successful. CVE-2007-3566 Exploits/Remote Windows
12.19.2011 e107 Install Script Command Injection Exploit Update This update appends support for solaris and Mac OS X. CVE-2011-1513 Exploits/Remote Windows, Solaris, Linux, Mac OS X
11.23.2008 Microsoft Windows SMB Buffer Underflow Exploit (MS08-063) This module exploits a Windows kernel remote vulnerability on the srv.sys driver via a malformed SMB packet. CVE-2008-4038 Exploits/Remote Windows
09.05.2011 EMC AutoStart Domain Name Logging Buffer Overflow Exploit A remote user can send specially crafted data via TCP to trigger a buffer overflow and execute arbitrary code on the target system. CVE-2011-2735 Exploits/Remote Windows
03.17.2010 Microsoft SQL Server sp_replwritetovarbin Remote Heap Overflow Exploit Update This module exploits a heap-based buffer overflow in the Microsoft SQL Server by sending a specially crafted SQL query. This update adds support for executestatement() functionality within the WebApps vector. It has two uses: One as a Remote Exploit which needs authentication, and another as an SQL Injection Agent installer module, which needs an SQL Agent as a target. CVE-2008-5416 Exploits/Remote Windows
01.23.2013 Tectia SSH Server Authentication Bypass Remote Code Execution Exploit The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session involving entry of blank passwords. CVE-2012-5975 Exploits/Remote Linux
08.15.2012 Interactive Graphical SCADA System Command Injection Exploit This module exploits a command injection vulnerability in Interactive Graphical SCADA System and install an agent into the target machine. CVE-2011-1566 Exploits/Remote Windows
09.09.2009 IIS FTP NLST Buffer Overflow Exploit This module exploits a buffer overflow in the FTP server in Microsoft Internet Information Server (IIS) via a crafted NLST command that uses wildcards. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-3023 Exploits/Remote Windows
10.27.2013 TinyWebGallery Remote Code Execution Exploit Update This module exploits a TinyWebGallery local file-include vulnerability because TinyWebGallery fails to properly sanitize user-supplied input. The module takes advantage of the logging capabilities of the attacked software to remotely execute arbitrary code. This update fixes some issues related with an updated library. Support for various platforms was added. CVE-2009-1911 Exploits/Remote Windows, Solaris, Linux
01.12.2009 MSRPC WKSSVC NetpManageIPCConnect Exploit Update 2 This module exploits a stack buffer overflow in the Workstation Service. This package addresses a compatibility problem when porting the module from version 7.6 to 8.0 of the framework. CVE-2006-4691 Exploits/Remote Windows
04.14.2010 Microsoft Windows Media Services Remote Exploit (MS10-025) This module exploits a remote buffer overflow in the Microsoft Windows Media Services by sending a specially crafted packet to the port 1755/TCP. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-0478 Exploits/Remote Windows
10.31.2005 MSRPC SPOOLSS Buffer Overflow exploit This module exploits a heap based buffer overflow in the Print Spooler service (MS05-043) and installs an agent. CVE-2005-1984 Exploits/Remote Windows
02.05.2013 Exploit Description Update This update modifies the description in the file header. CVE-2008-1611 Exploits/Remote Windows
12.27.2009 HP OpenView NNM ovalarm CGI Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the ovalarm.exe application, part of the HP OpenView Network Node Manager application. The exploit triggers a stack-based buffer overflow by sending a specially crafted HTTP request to the ports 3443/TCP or 80/TCP of the vulnerable system and installs an agent if successful. CVE-2009-4179 Exploits/Remote Windows
06.11.2014 WellinTech KingSCADA AEServer Buffer Overflow Exploit The KingSCADA application has a stack-based buffer overflow vulnerability where the application overwrites the structured exception handler (SEH). An attacker could send a specially crafted packet to KingSCADA, and the application would handle the packet incorrectly, causing a stack-based buffer overflow. CVE-2014-0787 Exploits/Remote Windows
12.05.2010 DATAC RealWin Packet Processing Buffer Overflow Exploit DATAC RealWin is prone to a buffer overflow vulnerability. This vulnerability can be exploited remotely by sending a specially crafted packet to port TCP/912. CVE-2010-4142 Exploits/Remote Windows
01.11.2012 Novell ZENworks Asset Management Path Traversal Exploit This module exploits a path traversal vulnerability in Novell ZENworks Asset Management. The flaw exists within the rtrlet component. This process listens on TCP port 8080. When handling an unauthenticated file upload the process does not properly sanitize the path. Directory traversal can be used to drop a file in an arbitrary location and a null byte inserted into the filename to provide arbitrary extension. CVE-2011-2653 Exploits/Remote Windows
02.12.2007 telnetd solaris -f root exploit This is a remote exploit for an Authentication bypass vulnerability present in telnetd daemon for Solaris 10. CVE-2007-0882 Exploits/Remote Solaris
02.08.2009 GlobalSCAPE Secure FTP Server Remote Buffer Overflow Exploit This vulnerability allows remote attackers to execute arbitrary code on installations with GlobalSCAPE Secure FTP Server,which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error with the handling of overly long commands. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted command passed to the affected server. CVE-2005-1415 Exploits/Remote Windows
10.06.2011 MyBB Backdoor Remote Code Execution Exploit A backdoor introduced in the source code of MyBB allows remote unauthenticated attackers to execute arbitrary code on systems running vulnerable installations of MyBB. NOCVE-9999-49723 Exploits/Remote Windows, Solaris, Linux, FreeBSD

Pages