With BlackHat and Defcon only two weeks away things have been busy at Core; dry runs of presentations being performed internally, the Core Labs competition being tweaked, and the demos and sneak peaks of some exiting new features for Impact for our booth and customer suite being finalized. With all of this going on it is easy to forget there were over 30 updates to Impact released in June (close to 40 if you add in the maintenance updates). We had a high number of customer requested exploits this month, which is always great to see. The Exploit Writing Team does a great job researching an writing exploits but having customers ask for specific exploits and turning them around quickly is a rewarding experience.

Updates for June 2012 (excluding maintenance updates):

Remote Code Execution

  • HP Data Protector EXEC_CMD Exploit
  • Novell ZENworks Configuration Management Preboot Service Opcode 0x21 Buffer Overflow Exploit
  • MSRPC DCOM Exploit (Update)
  • AT TFTP Server Long Filename Buffer Overflow Exploit (Update)
  • OpenSSH unexpected PAM authentication exploit (Update)
  • Samba Username Map Script Command Injection Exploit (Update)
  • RabidHamster R4 Log Entry sprintf Buffer Overflow Exploit
  • GIMP script-fu Server Buffer Overflow Exploit
  • PHP-CGI Argument Injection Exploit (Update)
  • ABB Robot Communications Runtime Buffer Overflow Exploit
  • EZHomeTech EzServer Buffer Overflow Exploit

Client Side

  • HP Easy Printer Care XMLCacheMgr Class ActiveX Control Code Execution Exploit
  • Adobe Photoshop Collada Asset Elements Buffer Overflow Exploit
  • IBM Tivoli Provisioning Manager Express for Software ActiveX Buffer Overflow Exploit (Update)
  • IBM Tivoli Provisioning Manager Express for Software ActiveX Buffer Overflow Exploit (Update)
  • Apple QuickTime QTVR QTVRStringAtom Buffer Overflow Exploit
  • Cisco Linksys PlayerPT ActiveX Control Buffer Overflow Exploit
  • MicroP MPPL File Buffer Overflow Exploit
  • VideoSpirit Pro Buffer Overflow Exploit (Update)
  • Diamond Programmer XCF File Processing Buffer Overflow Exploit
  • VLC Media Player libmodplug Buffer Overflow Exploit (Update)
  • Microsoft Internet Explorer HTML Object Memory Corruption Exploit (MS10-002)
  • Apple Itunes M3U File Buffer Overflow Exploit
  • IrfanView Formats Plugin TTF File Buffer Overflow Exploit
  • Apple QuickTime TeXML Stack Buffer Overflow Exploit

And let's not forget a new DoS module - Asterisk HTTP Digest DoS - we typically don't write DoS Modules unless a customer requests it.

- Alex Horan, Senior Product Manager