Core-HQ-bldg-300x139

We ended the month of July sharing discussion and analysis about the present and future of the security field with our customers, partners and fellow practitioners at Black Hat. We also had the opportunity of sharing and demoing the key components of our upcoming major release to hundreds of customers and security experts that joined us at our customer meetings and approached our booth at the show to dive into some of the new features we’ll be sharing with you soon.

All in all during July we published more than 20 new exploits (listed below) and other updates and new modules that were requested by our customers. Some of the new modules that you may want to take a look at are:

- The updated “DCE-RPC Endpoint Dumper” that introduce important performance improvements.

- The updated “Mitigation Report” that now allows you to track the evolution of not only vulnerabilities but also exposures.

- The Mimikatz importer that allows you to import your Mimikatz results into the CORE Impact “Identity Manager” functionality.

In addition to the above four new advisories were released as a results of our in-house research efforts available here http://www.coresecurity.com/grid/advisories.

 

Exploit updates for July 2013 (excluding maintenance updates and modules) include:

Remote Code Execution

HP Data Protector Cell Manager Opcode 259 Remote Code Execution Exploit

HP System Management Homepage ginkgosnmp.inc Command Injection Exploit

PHP Charts Remote Code Execution Exploit

Ultra Mini HTTPD Stack Buffer Overflow Exploit

GroundWork monarch_scan.cgi Remote Code Execution Exploit

MinaliC Webserver GET Buffer Overflow Exploit

PCMan FTP Server USER Command Buffer Overflow Exploit

Client Side

Apple Quicktime Invalid Atom Length Buffer Overflow Exploit

Microsoft Silverlight Double Dereference Exploit (MS13-022)

XnView PSP Image Processing Buffer Overflow Exploit

Artweaver AWD File Processing Memory Corruption Exploit

Corel PDF Fusion XPS Processing Buffer Overflow Exploit

DJ Studio Pro SEH Overflow Exploit

WM Downloader M3U Buffer OverFlow Exploit

ERDAS ER Viewer rf_report_error Buffer Overflow Exploit

Adrenalin Player ASX Buffer Overflow Exploit

Adrenalin Player WAX Buffer Overflow Exploit

MediaCoder LST File Buffer Overflow Exploit

Local & DoS

Novell Client 2 NICM.SYS Privilege Escalation Exploit

OpenSSL DTLS ChangeCipherSpec DoS

Your feedback and questions are greatly appreciated. Please send us your questions and suggestions helping us to offer an even better solution to you.

Flavio de Cristofaro – Vice President of Engineering for Professional Products