We are pleased to announce the official release of Core Impact Pro 2015 R1.3 today, January 25. More than 27 updates have been added thus far, and are available through the regular update channel for all Core Impact customers who have upgraded to the latest version. The team has been working on several privilege escalations for Linux, a number of remote exploits for widely deployed software and numerous enhancements, including improvements to our integration with Acunetix Web Vulnerability Scanner. This release includes:

  • 5 remote exploits, including modules for Jenkins, VMWare and Joomla
  • 1 client-side for Microsoft Word 2010
  • 5 local exploits, with 3 modules targeting Linux and two supporting Microsoft Windows
  • Several general updates, enhancements for numerous exploits, updates to CVE association to our exploits, and improvements related to our AV evasion capabilities for 64 bits agents

Here is the complete list of published modules: Remote Exploits

  • Jenkins Default Configuration Remote Code Execution Exploit
  • AlienVault Unified Security Management av-forward Deserialization of Untrusted Data Remote Code Execution Exploit
  • VMware vCenter Server Java JMX-RMI Remote Code Execution Exploit
  • Joomla User Agent Object Injection Exploit
  • Joomla com_contenthistory SQL Injection Exploit

Client Side Exploits

  • Microsoft Office COM Object els dll based Binary Planting Exploit (MS15-132)

Local Exploits

  • Microsoft Windows Win32k SetParent Null Pointer Dereference Exploit (MS15-135)
  • Microsoft Windows NDIS Pool Overflow Vulnerability DoS (MS15-117)
  • Linux Blueman D-Bus Service EnableNetwork Privilege Escalation Exploit
  • Linux Overlayfs ovl_setattr Local Privilege Escalation Exploit
  • Linux abrt sosreport Symlink Privilege Escalation Exploit

Maintenance

  • SolarWinds Application Monitor TSUnicodeGraphEditorControl factory Buffer Overflow Exploit Update
  • Microsoft Windows OpenType Font Driver Vulnerability Exploit (MS15-078) Updates
  • Microsoft WINS Input Validation Exploit (MS11-070) Update
  • Jenkins commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit Update
  • AV Evasion Improvements in 64bits Agents
  • HTML Obfuscation Improvements
  • Exploitlib Update
  • Supported services list update
  • Several CVE Database Updates
  • Import Output from Acunetix Web Vulnerability Scanner Update