Exploits and Security Updates to Core Impact Threat Intelligence

Exploits and Security Updates to Core Impact Threat Intelligence

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
MSRPC CA BrightStor ARCserve Backup ReportRemoteExecuteCML Buffer Overflow Exploit CA BrightStor ARCserve Backup is prone to a stack based buffer overflow vulnerability on the RPC interface that could permit the execution of arbitrary remote code. A remote attacker can exploit this vulnerability to execute arbitrary code and completely compromise the computer. CVE-2008-4397 Exploits/Remote Windows
Oracle WebLogic Server Apache Connector Exploit Exploits a buffer overflow in the Apache Connector of Oracle WebLogic Server (formerly known as BEA WebLogic Server). CVE-2008-3257 Exploits/Remote Windows, AIX
MSRPC Trend Micro Server Protect buffer overflow exploit Update 2 This update improves the reliability of the exploit. CVE-2007-2508 Exploits/Remote Windows
HP Operations Manager Server Backdoor Account Exploit Update This module exploits a remote code execution vulnerability in HP Operations Manager by using an undocumented user account to upload an arbitrary file. This update fixes an issue in the agent injector. CVE-2009-3843 Exploits/Remote Windows
Apache Struts includeParams Remote Code Execution Exploit Apache Struts 2 before 2.3.14.1 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. This module leverages the vulnerability to install an agent in vulnerable installation. CVE-2013-1966 Exploits/Remote Windows, Linux
ManageEngine EventLog Analyzer Exploit ManageEngine EventLog Analyzer is vulnerable to abuse a SQL query functionality that allows attackers to insert and export a crafted JSP using 'guest' credentials allowing us to install an agent. CVE-2015-7387 Exploits/Remote Windows
HP Data Protector EXEC_CMD Exploit This module exploits a buffer overflow vulnerability in HP Data Protector by sending a specially crafted EXEC_CMD request. CVE-2011-1866 Exploits/Remote Windows
Drupal BlogAPI Remote Execution Exploit Update 4 The BlogAPI module does not validate the extension of files that it is used to upload, enabling users with the "administer content with blog api" permission to upload harmful files. This module uploads an IMPACT agent, creates a php file to execute the agent and then makes a request to the file. The result is an IMPACT agent running on the webserver. This update adds support for the AIX platform. CVE-2008-4792 Exploits/Remote Solaris, Linux, AIX
IBM Lotus Domino If-Modified-Since Buffer Overflow Exploit This module exploits a stack-based buffer overflow in the nHTTP.exe application, a component of Lotus Domino Server, by sending an HTTP request with an invalid value for the If-Modified-Since parameter. CVE-2007-0067 Exploits/Remote Windows
PHP Charts Remote Code Execution Exploit This module exploits a vulnerability in PHP Charts 1.0. The url.php script eval()s every single GET key/value pair. Leading to code execution. NOCVE-9999-57634 Exploits/Remote none
Ipswitch IMail Search On Exploit This module exploits a stack-based buffer overflow in the IMAP server in IMail 2006.1 in Ipswitch Collaboration Suite (ICS). CVE-2007-2795 Exploits/Remote Windows
SAP MaxDB Malformed Handshake Request Exploit This module exploits a stack buffer overflow vulnerability in SAP MaxDB by sending a specially crafted packet to 7210/TCP port. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-1185 Exploits/Remote Windows
Sun ONE Web Server-NSS challenge overflow exploit update A heap overflow in Netscape Network Security Services (NSS) library used by the Sun ONE Web Server is exploited remotely gaining control of the execution flow on the target host. This package updates the exploit. CVE-2004-0826 Exploits/Remote Solaris
Oracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow Exploit Update This module exploits a vulnerability in Oracle Secure Backup when sending a specially crafted NDMP_CONNECT_CLIENT_AUTH packet. This update improves exploit reliability and adds a ndmp library for ndmp based exploits. CVE-2008-5444 Exploits/Remote Windows
MSRPC CA ARCserve Backup Command Injection Exploit Update CA BrightStor ARCserve Backup is prone to a command injection vulnerability on the RPC interface that could permit the execution of arbitrary remote code. A remote attacker can exploit this vulnerability to execute arbitrary code and completely compromise the computer. This update improves the reliability of the exploit. CVE-2008-4397 Exploits/Remote Windows
SolidWorks Workgroup PDM 2014 Opcode 2001 Remote Code Execution Exploit Update A stack buffer overflow occurs when copying a user supplied input to a fixed size stack buffer without boundary check leading to overwrite the SEH and the return address. The copying procedure stops when a null word is found and no size check is proceeded. NOCVE-9999-65834 Exploits/Remote Windows
Integard Home and Pro Remote Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the handling of HTTP POST requests. This may allow execution of arbitrary code by sending an overly long, specially crafted HTTP POST request to the server. NOCVE-9999-45121 Exploits/Remote Windows
HP OpenView NNM nnmRptConfig CGI Buffer Overflow Exploit This module exploits a stack-based buffer overflow in the nnmRptConfig.exe CGI application, a component of HP OpenView Network Node Manager, by sending a specially crafted packet. CVE-2011-0268 Exploits/Remote Windows
Apache Struts ClassLoader Manipulation Remote Code Execution Exploit This module exploits a vulnerability in Apache Struts. The specific vulnerability is in the ParametersInterceptor, which allows a direct manipulation of the ClassLoader and as a result an attacker can execute arbitrary Java code in the target machine. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2014-0094 Exploits/Remote Linux
Cisco ASA SNMP Buffer Overflow Exploit (EXTRABACON) The module exploit a buffer overflow vulnerability in the SNMP code of the Cisco ASA CVE-2016-6366 Exploits/Remote none
NetTerm NetFTPD USER Buffer Overflow Exploit An internal memory buffer may be overrun while handling long "USER" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the NetTerm NetFTPD.exe process. CVE-2005-1323 Exploits/Remote Windows
SNORT SMB Fragmentation Buffer Overflow exploit This module exploits a stack buffer overflow vulnerability in the Sourcefire Snort DCE/RPC preprocessor. An unauthenticated, remote attacker can exploit this vulnerability to execute arbitrary code with the privileges of the Snort process. CVE-2006-5276 Exploits/Remote Linux, FreeBSD
DCERPC Authentication and Encryption support This update will add DCERPC encryption to some MSRPC exploits. The result is that, when enabled, all the 'Stub data' for DCERPC requests will be encrypted, thus hiding the real content. CVE-2005-1985 Exploits/Remote Windows
Fujitsu SystemcastWizard Lite PXE Remote Buffer Overflow Exploit This module exploits a remote buffer overflow in the Fujitsu SystemcastWizard application by sending a specially crafted packet to the port 4011/UDP. CVE-2009-0270 Exploits/Remote Windows
InterSystems Cache Argument Buffer Overflow Exploit This module exploits a stack overflow in InterSystems Cache by sending a specially crafted GET request. NOCVE-9999-40435 Exploits/Remote Windows
MSRPC Server Service Remote Buffer Overflow Exploit (MS08-067) Update 3 This module exploits a vulnerability in the Microsoft Windows Server service by sending a specially crafted RPC request. This update adds support for Windows 2003 Enterprise Edition sp2 with DEP enabled. This update also adds support for XP SP2 and 2003 SP1 as well as improves the reliability of the exploit against all supported platforms. CVE-2008-4250 Exploits/Remote Windows
OracleDB CSA Remote Code Execution Exploit This module exploits a vulnerability in the Client System Analyzer component of the Oracle Database Server. CVE-2010-3600 Exploits/Remote Windows, Linux
Apache Struts ClassLoader Manipulation Remote Code Execution Exploit Update This module exploits a vulnerability in Apache Struts. The specific vulnerability is in the ParametersInterceptor, which allows a direct manipulation of the ClassLoader and as a result an attacker can execute arbitrary Java code in the target machine. This update adds support for Apache Struts 2.3.16, Windows (x86 and x64) and Linux (x64) platforms. CVE-2014-0094 Exploits/Remote Windows, Linux
Avaya IP Office Customer Call Reporter ImageUpload Exploit The specific flaw exists because Avaya IP Office Customer Call Reporter allows to upload files to the webserver through ImageUpload.ashx. The uploaded files will not be stripped of their file extensions and the directory where they are saved has no scripting restrictions. CVE-2012-3811 Exploits/Remote Windows
HP OpenView NNM getnnmdata ICount CGI Buffer Overflow Exploit This module exploits a stack-based buffer overflow in the getnnmdata.exe CGI application, a component of HP OpenView Network Node Manager, by sending an HTTP request with an invalid value for the ICount parameter. CVE-2010-1554 Exploits/Remote Windows