Exploits and Security Updates to Core Impact Threat Intelligence

Exploits and Security Updates to Core Impact Threat Intelligence

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
Citrix Provisioning Services streamprocess Remote Buffer Overflow Exploit This module exploits a remote buffer overflow in the streamprocess.exe service included in the Citrix Provisioning Services application by sending a malformed packet to the 6905/UDP port. NOCVE-9999-46895 Exploits/Remote Windows
Mantis Manage_proj_page Remote Code Execution Exploit Update This update gives this exploit support for Windows platforms. CVE-2008-4687 Exploits/Remote Linux, Windows
Symantec AMS Intel Handler Service Command Injection Exploit This module exploits command injection vulnerability in Symantec AMS Intel Handler Service and install an agent into the target machine. CVE-2010-0110 Exploits/Remote Windows
TFTPServer SP Buffer Overflow Exploit Update This module exploits a buffer overflow vulnerability in the handling of Error Packet for overwrite all the .bss section and some portion of the .idata section. This module add the service specification tag. CVE-2008-2161 Exploits/Remote Windows
IBM Tivoli Storage Manager FastBackMount GetVaultDump Buffer Overflow Exploit The specific flaw exists within FastBackMount.exe which listens by default on TCP port 30051. When handling opcode 0x09 packets, the process blindly copies user supplied data into a stack-based buffer within CMountDismount::GetVaultDump. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user. CVE-2015-0119 Exploits/Remote Windows
MSRPC Server Service Remote Buffer Overflow Exploit (MS08-067) Update This module exploits a vulnerability in the Microsoft Server service sending a specially crafted RPC request. This module improves the reliability of the exploit on Windows 2000 and adds support for Windows XP SP3. CVE-2008-4250 Exploits/Remote Windows
FlexNet License Server Manager lmgrd Buffer Overflow Exploit A stack buffer overflow exist in FlexNet License Server Manager due to the insecure usage of memcpy in the lmgrd service when handling crafted network packets. NOCVE-9999-52540 Exploits/Remote Windows
Tomcat Deploy Manager Default Account Code Execution Exploit This module exploits a remote code execution vulnerability in Tomcat Web Server by using an default user account to upload an arbitrary file. CVE-2009-3548 Exploits/Remote Windows
Telnetd encrypt_keyid Remote Buffer Overflow Exploit Buffer overflow in libtelnet/encrypt.c in various implementations of telnetd allows remote attackers to execute arbitrary code with root permissions via a long encryption key. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2011-4862 Exploits/Remote FreeBSD, Linux
AT TFTP Server Long Filename Buffer Overflow Exploit Update The vulnerability is caused due to a boundary error during the processing of TFTP Read/Write request packet types. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet with an overly long filename field. This update ensures that the program receives all data. CVE-2006-6184 Exploits/Remote Windows
Moodle Tex Filter Remote Code Execution Exploit Upgrade This update adds Windows (XP) to the supported target systems for this exploit. NOCVE-9999-35969 Exploits/Remote Windows, Linux
IBM Informix librpc Remote Buffer Overflow Exploit This module exploits a remote buffer overflow in the RPC protocol parsing library (librpc.dll) included on IBM Informix Dynamic Server by sending a specially crafted authentication packet to the 36890/TCP port. CVE-2009-2753 Exploits/Remote Windows
Hewlett Packard Enterprise Data Protector EXEC_BAR User Name Buffer Overflow Exploit The specific flaw exists within OmniInet.exe which listens by default on TCP port 5555. When parsing a malformed user name field in a request, the process blindly copies user supplied data into a fixed-length stack buffer. A remote attacker can abuse this to execute remote code under the context of SYSTEM. CVE-2016-2005 Exploits/Remote Windows
Serv-U Web Client HTTP Request Remote Buffer Overflow Exploit This module exploits a stack overflow in Serv-U Web Client by sending a specially crafted POST request. CVE-2009-4873 Exploits/Remote Windows
MSRPC SRVSVC NetrpPathCanonicalize (MS06-040) exploit update This module exploits a remotely exploitable vulnerability in Windows' Server Service (MS06-040) over Microsoft DCERPC (ports 139 and 445). This update adds support for Windows XP SP0 and SP1. CVE-2006-3439 Exploits/Remote Windows
Enterasys NetSight nssyslogd PRI Buffer Overflow Exploit A vulnerability exists within the nssyslogd.exe component, when parsing a syslog message. The process does not properly validate the size of the destination buffer and copies user supplied data into a fixed-length buffer on the stack. CVE-2011-5227 Exploits/Remote Windows
HP ProCurve Manager SNAC UpdateDomainControllerServlet Exploit This module exploits a path traversal vulnerability in HP ProCurve Manager. The specific flaw exists within the UpdateDomainControllerServlet. This servlet improperly sanitizes the adCert argument allowing the remote attacker could upload a .jsp file and execute arbitrary code. Authentication is not required to exploit this vulnerability. CVE-2013-4811 Exploits/Remote Windows
Easy Chat Server Authentication Request Buffer Overflow Exploit A remote user of vulnerable installations of Easy Chat Server can send a specially crafted password parameter to chat.ghp to trigger a buffer overflow and execute arbitrary code on the target system. NOCVE-9999-36981 Exploits/Remote Windows
SAdminD Buffer Overflow Exploit Update This modules exploits a stack buffer overflow of the sadmind daemon, and installs an agent as root. This update fix an issue when the module is launched from the Network Attack and Penetration Wizard. CVE-2008-4556 Exploits/Remote Solaris
Apache Tomcat buffer overflow exploit This module exploits a buffer overflow vulnerability in the Apache Tomcat JK Web Server Connector and installs an agent. An attacker can use an overly long URL to trigger a buffer overflow in the URL work map routine (map_uri_to_worker()) in the mod_jk.so library, resulting in the compromise of the target system. CVE-2007-0774 Exploits/Remote Linux
McAfee ePolicy Orchestrator - Protection Pilot HTTP exploit This module exploits a buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126. CVE-2006-5156 Exploits/Remote Windows
Now SMS MMS Gateway Web Authorization Buffer Overflow Exploit A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the web interface of Now SMS MMS Gateway. CVE-2008-0871 Exploits/Remote Windows
Sunway Force Control SCADA SMNP NetDBServer Buffer Overflow Exploit A stack based buffer overflow in the SNMP NetDBServer service of Sunway Forcecontrol is triggered when sending an overly long string to the listening service on port 2001. NOCVE-9999-51166 Exploits/Remote Windows
LANDesk Lenovo ThinkManagement Console Remote Command Execution Exploit This module exploits a file upload vulnerability in the LANDesk Lenovo ThinkManagement Console. Unrestricted file upload in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console allows remote attackers to execute arbitrary code by uploading a file with an executable extension via a PutUpdateFileCore command in a RunAMTCommand SOAP request. CVE-2012-1195 Exploits/Remote Windows
Schneider Electric Interactive Graphical SCADA System Buffer Overflow Exploit This Stack-based buffer overflow exploits a vulnerability in Schneider Electric's Interactive Graphical SCADA System (IGSS) that allows remote attackers to execute arbitrary code by sending a specially crafted packet to TCP port-12397. CVE-2013-0657 Exploits/Remote Windows
Drupal BlogAPI Remote Execution Exploit Update 3 The BlogAPI module does not validate the extension of files that it is used to upload, enabling users with the "administer content with blog api" permission to upload harmful files. This module uploads an IMPACT agent, creates a php file to execute the agent and then makes a request to the file. The result is an IMPACT agent running on the webserver. This update adds support for Solaris platforms. CVE-2008-4792 Exploits/Remote Solaris, Linux, AIX
NJStar Communicator MiniSMTP Server Buffer Overflow Exploit Stack Overflow in the MiniSmtp Server component of the NJStar Communicator. NOCVE-9999-50132 Exploits/Remote Windows
MSRPC CA BrightStor ARCserve Backup ReportRemoteExecuteCML Buffer Overflow Exploit CA BrightStor ARCserve Backup is prone to a stack based buffer overflow vulnerability on the RPC interface that could permit the execution of arbitrary remote code. A remote attacker can exploit this vulnerability to execute arbitrary code and completely compromise the computer. CVE-2008-4397 Exploits/Remote Windows
Asterisk T.38 buffer Overflow Exploit Update This module exploits a buffer overflow vulnerability in the T38FaxRateManagement parameter when parsing SIP/SDP requests in 1.4.x prior to 1.4.3. This update improves the reliability of the module. CVE-2007-2293 Exploits/Remote Linux
MSRPC WKSSVC NetpManageIPCConnect Exploit Update 2 This module exploits a stack buffer overflow in the Workstation Service. This package addresses a compatibility problem when porting the module from version 7.6 to 8.0 of the framework. CVE-2006-4691 Exploits/Remote Windows