Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Date Title Description Vulnerabilty Categorysort descending Platform
03.31.2008 MSRPC Trend Micro Server Protect AddTaskExportLogItem() Exploit TrendMicro ServerProtect 5.58 with security patch 3 installed is prone to a buffer overflow vulnerability on the rpc interface that could permit the execution of arbitrary remote code. CVE-2007-6507 Exploits/Remote Windows
02.22.2009 SNORT SMB Fragmentation Buffer Overflow Exploit Update 2 This module exploits a stack buffer overflow vulnerability in the Sourcefire Snort DCE/RPC preprocessor. An unauthenticated, remote attacker can exploit this vulnerability to execute arbitrary code with the privileges of the Snort process. This update improves the reliability for Redhat Enterprise Linux 4 and FreeBSD 6.2 on Impact 8.0 CVE-2006-5276 Exploits/Remote Linux, FreeBSD
11.05.2014 Apache Struts ClassLoader Manipulation Remote Code Execution Exploit Update This module exploits a vulnerability in Apache Struts. The specific vulnerability is in the ParametersInterceptor, which allows a direct manipulation of the ClassLoader and as a result an attacker can execute arbitrary Java code in the target machine. This update adds support for Apache Struts 2.3.16, Windows (x86 and x64) and Linux (x64) platforms. CVE-2014-0094 Exploits/Remote Windows, Linux
04.06.2010 DameWare Mini Remote Control Pre Auth Exploit This module exploits a vulnerability in the DameWare Mini Remote Control Service sending a specially crafted packet to the 6129/TCP port. CVE-2003-1030 Exploits/Remote Windows
02.03.2008 Firebird SQL Username Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the database service (fbserver.exe) of the FireBird SQL application. The exploit triggers a stack-based buffer overflow by sending a specially crafted packet with a malformed "username" value to port 3050/TCP of the vulnerable system and installs an agent if successful. CVE-2008-0387 Exploits/Remote Windows
06.02.2011 Tomcat Deploy Manager Default Account Code Execution Exploit This module exploits a remote code execution vulnerability in Tomcat Web Server by using an default user account to upload an arbitrary file. CVE-2009-3548 Exploits/Remote Windows
10.03.2012 Novell File Reporter NFRAgent VOL Tag Buffer Overflow Exploit The vulnerability exists within NFRAgent.exe listening on TCP port 3037. When parsing tags inside the VOL element, the process performs insufficient bounds checking on user-supplied data prior to copying it on the stack. NOCVE-9999-54601 Exploits/Remote Windows
02.27.2011 ActFax Server LPD-LPR Buffer Overflow Exploit This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing ActFax Server. The vulnerability is caused due to a boundary error when processing an overly long Print Job command on the Line Printer Daemon Server (LPD-Server) . This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. NOCVE-9999-47199 Exploits/Remote Windows
06.11.2012 RabidHamster R4 Log Entry sprintf Buffer Overflow Exploit A stack overflow found in RabidHamster R4's web server by supplying a malformed HTTP request when generating a log. NOCVE-9999-52541 Exploits/Remote Windows
07.11.2014 Apache Struts 2 devMode OGNL Remote Code Execution Exploit The best practice for web applications built on top of the Apache Struts 2 framework is to switch off Developer Mode (struts.devMode parameter in the struts.xml configuration file) before going into production. When devMode is left enabled, attackers can gain remote code execution by setting the 'debug=command' URL parameter and sending OGNL expressions through the 'expression' URL parameter. This module takes advantage of this misconfiguration scenario in order to deploy an agent in the target system. NOCVE-9999-62986 Exploits/Remote Windows, Mac OS X, Linux
12.22.2008 WFTPD Server SIZE Command Buffer Overflow Exploit An internal memory buffer may be overrun while handling long "SIZE" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the WFTPD Server process. CVE-2006-4318 Exploits/Remote
03.19.2013 Schneider Electric Interactive Graphical SCADA System Buffer Overflow Exploit This Stack-based buffer overflow exploits a vulnerability in Schneider Electric's Interactive Graphical SCADA System (IGSS) that allows remote attackers to execute arbitrary code by sending a specially crafted packet to TCP port-12397. CVE-2013-0657 Exploits/Remote Windows
06.13.2007 Samba lsa_io_trans_names buffer overflow exploit This module exploits a buffer overflow vulnerability when parsing RPC requests through the LSA RPC interface in Samba 3.x. The exploit is triggered by sending a specially crafted RPC LsarLookupSids request to a vulnerable computer. CVE-2007-2446 Exploits/Remote Solaris, Linux
08.07.2006 MSRPC SRVSVC NetrpPathCanonicalize (MS06-040) exploit This module exploits a remotely exploitable vulnerability in Windows' Server Service (MS06-040) over Microsoft DCERPC (ports 139 and 445). WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2006-3439 Exploits/Remote Windows
07.20.2009 Soulseek Server Peer Search Buffer Overflow Exploit The application is prone to a stack-based buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data. Specifically, this issue occurs when performing a direct peer file search. CVE-2009-1830 Exploits/Remote Windows
02.02.2012 Symantec PCAnywhere awhost32 Remote Code Execution Exploit The flaw exists within the awhost32 component which is used when handling incoming connections. This process listens on TCP port 5631. When handling an authentication request the process copies the user supplied username unsafely to a fixed-length buffer. CVE-2011-3478 Exploits/Remote Windows
10.21.2010 Drupal BlogAPI Remote Execution Exploit Update 3 The BlogAPI module does not validate the extension of files that it is used to upload, enabling users with the "administer content with blog api" permission to upload harmful files. This module uploads an IMPACT agent, creates a php file to execute the agent and then makes a request to the file. The result is an IMPACT agent running on the webserver. This update adds support for Solaris platforms. CVE-2008-4792 Exploits/Remote Solaris, Linux, AIX
11.19.2008 Oracle WebLogic Server Apache Connector Exploit Exploits a buffer overflow in the Apache Connector of Oracle WebLogic Server (formerly known as BEA WebLogic Server). CVE-2008-3257 Exploits/Remote Windows, AIX
02.04.2010 PhpMyAdmin Unserialize Remote Code Execution Exploit phpMyAdmin is vulnerable to a remote code execution due the use of the unserialize method on user supplied data. This data is written in the config file and is accessible from the internet by default. CVE-2009-4605 Exploits/Remote Windows, Solaris, Linux, Mac OS X
05.20.2008 MSRPC Trend Micro Server Protect buffer overflow exploit Update 2 This update improves the reliability of the exploit. CVE-2007-2508 Exploits/Remote Windows
04.13.2011 DATAC RealWin STARTPROG Buffer Overflow Exploit DATAC RealWin is prone to a buffer overflow vulnerability when handling On_FC_SCRIPT_FCS_STARTPROG packets with an overly long string. CVE-2011-1563 Exploits/Remote Windows
03.07.2012 Motorola Netopia netOctopus SDCS Buffer Overflow Exploit This module exploits a remote buffer overflow in the Motorola Netopia netOctopus SDCS server service. The vulnerability exists within the code responsible for parsing client requests. When reading in a request from the network, a 32-bit integer is read in that specifies the number of bytes that follow. This value is not validated, and is then used to read data into a fixed-size stack buffer. This results in an exploitable stack buffer overflow. CVE-2008-2153 Exploits/Remote Windows
04.28.2011 ProFTPD Telnet IAC Buffer Overflow Exploit This module exploits a stack overflow vulnerability in proftpd in order to install an agent. The vulnerability is within the function pr_netio_telnet_gets(). The issue is triggered when processing specially crafted Telnet IAC packets delivered to the FTP server. CVE-2010-4221 Exploits/Remote AIX, FreeBSD
09.17.2014 Apache Struts includeParams Remote Code Execution Exploit Apache Struts 2 before 2.3.14.1 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. This module leverages the vulnerability to install an agent in vulnerable installation. CVE-2013-1966 Exploits/Remote Windows, Linux
09.15.2013 SNMP OS Detect and Identity Verifier Update V2 This update extends the information gathered to include CVE-1999-0516 and CVE-1999-0517 when present in the target. Exploits/Remote
01.12.2009 MSRPC WKSSVC NetpManageIPCConnect Exploit Update 2 This module exploits a stack buffer overflow in the Workstation Service. This package addresses a compatibility problem when porting the module from version 7.6 to 8.0 of the framework. CVE-2006-4691 Exploits/Remote Windows
05.29.2013 Keylogger Update 2 This update resolves an issue while trying to run the "Keylogger" module. Exploits/Remote
02.24.2010 Openftpd Server Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the authentication process. This can be exploited to cause a stack-based buffer overflow by sending an overly long, specially-crafted password to the affected server. NOCVE-9999-42236 Exploits/Remote Windows
12.04.2012 Xampp webdav PHP Upload Exploit This module attacks default XAMPP installations and abuses the use of default credentials for webdav. The module can also be configured to take advantage of user supplied credentials. NOCVE-9999-53594 Exploits/Remote Windows
12.13.2006 Novell eDirectory HTTP Protocol exploit This module exploits a buffer overflow in Novell eDirectory HTTP Protocol. CVE-2006-5478 Exploits/Remote Windows

Pages