Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Released Date Title Description Vulnerabilty Categorysort descending Platform
05.19.2008 Debian OpenSSL Predictable Random Number Generation Exploit This module exploits the random number generator in Debian's OpenSSL package being predictable. This vulnerability is used to generate SSH keys and to install an agent into the target host. CVE-2008-0166 Exploits/Remote Linux
10.29.2006 SQL Server Hello exploit update This module exploits a vulnerability in Microsoft SQL Server. This update improves the exploit reliability and adds support for Windows 2003 CVE-2002-1123 Exploits/Remote Windows
09.22.2009 Phpmyadmin Server_databases Remote Code Execution Exploit Update This updates provides more readable log messages when specific errors occur and improves the reliability of the exploit. CVE-2008-4096 Exploits/Remote Linux
06.23.2005 MSRPC MSMQ Buffer Overflow exploit This module exploits a buffer overflow in the Message Queuing component of Microsoft Windows allowing remote attackers to execute arbitrary code via a crafted message and installing an agent. CVE-2005-0059 Exploits/Remote Windows
09.15.2013 freeSSHd SSH Server Authentication Bypass Remote Code Execution Exploit Update V2 This update modifies the application version displayed in Quick Information. CVE-2012-6066 Exploits/Remote Windows
09.07.2011 Microsoft Windows Print Spooler Service Impersonation Exploit Reliability Enhancement This updates improves the reliability and AV Evasion capabilities of the Microsoft Windows Print Spooler Service Impersonation Exploit, Package and Register, Send Agent by Email, Install agent using SMB and Install agent using SSH modules when run against Windows targets. CVE-2010-2729 Exploits/Remote Windows
05.22.2011 IBM Lotus Domino NSFComputeEvaluateExt Buffer Overflow Exploit This module exploits a stack-based buffer overflow vulnerability in IBM Lotus Domino by sending a specially crafted HTTP request to the Web Administration Interface. NOCVE-9999-48010 Exploits/Remote Windows
10.09.2014 HP Network Node Manager I ovopi Option -L Buffer Overflow Exploit This module exploits a stack-based buffer overflow in ovopi.dll which listens by default on a UDP port 696. When parsing option -L, the process blindly copies user supplied data into a fixed-length buffer allowing for an arbitrary write to occur. CVE-2014-2624 Exploits/Remote Windows
06.04.2012 OpenSSH unexpected PAM authentication exploit Update This module exploits an error in the PAM authentication code and installs an agent into the target host. This update improves the reliability of the exploit. CVE-2003-0786 Exploits/Remote Solaris, Linux
04.12.2012 Netmechanica NetDecision HTTP Server Buffer Overflow Exploit A buffer overflow in NetDecision's HTTP service is exploited when a long URL is managed by the HTTP Server's active window. For successfull exploitation, the victim need to have the HttpSvr's window open. CVE-2012-1465 Exploits/Remote Windows
11.22.2005 MSRPC Netware Client Buffer Overflow exploit This module exploits an unchecked buffer in the Client Service for NetWare on Microsoft Windows, and installs an agent (MS05-046). CVE-2005-1985 Exploits/Remote Windows
10.09.2013 Foscam Path Traversal Exploit This module exploits a path traversal vulnerability on Foscam IP cameras and commit a camera agent. CVE-2013-2560 Exploits/Remote
07.05.2009 phpScheduleit 1.2.10 Remote Code Execution Exploit Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via the start_date parameter. CVE-2008-6132 Exploits/Remote Windows, Linux
12.19.2007 Perdition IMAP proxy str_vwrite format string exploit The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. CVE-2007-5740 Exploits/Remote FreeBSD
01.27.2010 OracleDB AUTH_SESSKEY Remote Buffer Overflow Exploit Update This module exploits a vulnerability in the Oracle Database Server. The vulnerability is triggered when the server processes a long string inside the AUTH_SESSKEY property resulting in a stack-based buffer overflow. This update adds support for Windows 2003 SP2 and Oracle 10.2.0.4. CVE-2009-1979 Exploits/Remote Windows
02.28.2011 Quick n Easy FTP Server Login DoS This module shuts down the Quick 'n Easy FTP Server because it fails to properly handle user-supplied malformed packets when login. CVE-2009-1602 Exploits/Remote Windows
02.28.2006 CA Message Queuing Buffer Overflow Exploit This is an exploit for CA's Unicenter Message Queuing buffer overflow vulnerability. CVE-2005-2668 Exploits/Remote Windows
11.10.2013 Ultra Mini HTTPD Stack Buffer Overflow Exploit Update The vulnerability is caused due to a boundary error within Mini HTTPD when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Arbitrary code can be directly executed by overwriting a return address. This update only adds CVE Number. CVE-2013-5019 Exploits/Remote Windows
10.18.2010 Disk Pulse Server GetServerInfo Request Buffer Overflow Exploit A vulnerability exists in the way Disk Pulse Server v2.2.34 process a remote clients "GetServerInfo" request.The vulnerability is caused due to a boundary error in libpal.dll when handling network messages and can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to TCP port 9120. NOCVE-9999-45456 Exploits/Remote Windows
07.11.2013 HP Data Protector Cell Manager Opcode 259 Remote Code Execution Exploit The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing different opcodes, the process blindly copies user supplied data into a fixed-length stack buffer. A remote attacker can abuse this to execute remote code under the context of the SYSTEM user. CVE-2013-2329 Exploits/Remote Windows
09.28.2011 Microsoft Office SharePoint Server 2007 Document Conversions Exploit Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082 CVE-2010-3964 Exploits/Remote Windows
05.29.2007 Symantec Rtvscan buffer overflow exploit This module exploits a buffer overflow vulnerability in Symantec Client Security 3.x and Symantec Antivirus Corporate Edition 10.x that allows a remote un-authenticated attacker to compromise the target system and obtain system privileges. CVE-2006-2630 Exploits/Remote Windows
11.08.2009 BigAnt IM Server HTTP GET Request Remote Buffer Overflow Exploit Update This module exploits a vulnerability in the AntServer Module (AntServer.exe) that can be exploited to cause a stack-based buffer overflow by sending a specially crafted, overly long HTTP GET request to default port 6660/TCP. This update adds support for the latest version of the software, which is still vulnerable to the attack. CVE-2008-1914 Exploits/Remote Windows
12.11.2013 HP SiteScope Remote Code Execution Exploit Update This module exploits two vulnerabilities in HP SiteScope to gain remote code execution. The first vulnerability is an authentication bypass in the getSiteScopeConfiguration operation available through the APISiteScopeImpl AXIS service to grab the administrator credentials from the server running HP SiteScope. The second vulnerability is a directory traversal in the UploadFileHandler url that allows to upload files to the server into a directory that allows for scripting. This update only adds CVE number. CVE-2013-2367 Exploits/Remote Windows
07.31.2013 GroundWork monarch_scan.cgi Remote Code Execution Exploit This module exploits a vulnerability found in GroundWork 6.7.0. This software is used for network, application and cloud monitoring. The vulnerability exists in the monarch_scan.cgi, where user controlled input is used in the perl qx function, which allows any remote authenticated attacker, whatever his privileges are, to inject system commands and gain arbitrary code execution. CVE-2013-3502 Exploits/Remote Linux
03.18.2013 ActFax RAW Server Buffer Overflow Exploit A vulnerability in ActFax Server RAW server used to transfer fax messages without protocols. Data fields. @F506,@F605, and @F000 are vulnerable. NOCVE-9999-56765 Exploits/Remote Windows
07.13.2011 IBM Tivoli Endpoint lcfd opts Argument Buffer Overflow Exploit This module exploits a stack-based buffer overflow vulnerability in IBM Tivoli Endpoint by sending a specially crafted HTTP request. The specific flaw exists within the lcfd.exe process which listens by default on TCP port 9495. To reach this page remotely authentication is required. However, by abusing a built-in account an attacker can access the restricted pages. While parsing requests to one of these, the process blindly copies the contents of a POST variable to a 256 byte stack buffer. CVE-2011-1220 Exploits/Remote Windows
05.12.2010 eDisplay Personal FTP Server RMD Command Buffer Overflow Exploit eDisplay Personal FTP server is an FTP server for Microsoft Windows. The server is exposed to multiple remote buffer overflow issues because it fails to perform adequate boundary checks on user-supplied data, for example, sending an RMD crafted command NOCVE-9999-42732 Exploits/Remote Windows
11.04.2012 HP Data Protector Express Opcode 0x330 Parsing Remote Code Execution Exploit A buffer Overflow exists within the dpwinsdr.exe process which listens on TCP port 3817 by default. The process has insufficient bounds checking on user-supplied data copied to a fixed-length buffer on the stack. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed opcode 0x330 message packets to the target. CVE-2012-0122 Exploits/Remote Windows
07.30.2014 MayGion IP Camera Path Traversal Vulnerability Exploit This module attempts to determine if a MayGion IP Camera is prone to a path-traversal vulnerability. If the camera it's vulnerable, the vulnerability will be used to dump the camera's memory and try to extract admin user credentials from it. CVE-2013-1604 Exploits/Remote

Pages