Core Impact Security and Penetration Testing Updates

Core Impact Threat Intelligence Exploits, Security and Penetration Testing Updates

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
MSRPC SRVSVC NetrpPathCanonicalize (MS06-040) exploit update This module exploits a remotely exploitable vulnerability in Windows' Server Service (MS06-040) over Microsoft DCERPC (ports 139 and 445). This update adds support for Windows XP SP0 and SP1. CVE-2006-3439 Exploits/Remote Windows
HP Data Protector Cell Manager Opcode 259 Remote Code Execution Exploit The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing different opcodes, the process blindly copies user supplied data into a fixed-length stack buffer. A remote attacker can abuse this to execute remote code under the context of the SYSTEM user. CVE-2013-2329 Exploits/Remote Windows
Schneider Electric Serial Modbus Driver Buffer Overflow Exploit The vulnerability is a buffer overflow in Schneider Electric OPC factory Suite which bundle the vulnerable component Schneider Electric Modbus Serial Driver (ModbusDrv.exe). CVE-2013-0662 Exploits/Remote Windows
Quick TFTP Server Pro Mode Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in Quick TFTP Server Pro when processing a very large mode field in a read or write request. CVE-2008-1610 Exploits/Remote Windows
OracleDB AUTH_SESSKEY Remote Buffer Overflow Exploit This module exploits a vulnerability in the Oracle Database Server. The vulnerability is triggered when the server processes a long string inside the AUTH_SESSKEY property resulting in a stack-based buffer overflow. CVE-2009-1979 Exploits/Remote Windows
Joomla 1.5.12 Remote Code Execution Exploit A vulnerability exists in the TinyMCE editor, included in the tiny browser plugin, which allows uploading files without authentication. This can be exploited to upload files with multiple extensions and execute arbitrary PHP code. NOCVE-9999-39524 Exploits/Remote Solaris, Linux, Windows
Debian OpenSSL Predictable Random Number Generation Exploit Update This module exploits the random number generator in Debian's OpenSSL package being predictable. This vulnerability is used to generate SSH keys and to install an agent into the target host. This update contains: -Corrections of some documentation issues. -Performance optimizations. -New parameter for user's preferences. CVE-2008-0166 Exploits/Remote Linux
Novell iManager Classname Buffer Overflow Exploit This module exploits a remote stack-based buffer overflow in Novell iManager when creating a class with an overly long name. CVE-2010-1929 Exploits/Remote Windows
Samba LsarSetInformationPolicy Request Remote Buffer Overflow Exploit Update This update adds support to Debian 6.0.0 and adds support for attacking IPv6 targets. This module exploits a heap overflow bug in Samba Server by sending a crafted request packet via DCERPC call. CVE-2012-1182 Exploits/Remote Linux
HP OpenView NNM HTTP Request Stack Overflow Exploit This module exploits a buffer overflow vulnerability in the Toolbar application, part of the HP OpenView Network Node Manager application. The exploit triggers a stack-based buffer overflow by sending a specially crafted HTTP request to the ports 3443/TCP or 80/TCP of the vulnerable system and installs an agent if successful. CVE-2008-0067 Exploits/Remote Windows, Solaris
Now SMS MMS Gateway Web Authorization Buffer Overflow Exploit update A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the web interface of Now SMS MMS Gateway. This version add support for Windows 2003 and all systems with DEP enabled. CVE-2008-0871 Exploits/Remote Windows
Telnetd encrypt_keyid Remote Buffer Overflow Exploit Buffer overflow in libtelnet/encrypt.c in various implementations of telnetd allows remote attackers to execute arbitrary code with root permissions via a long encryption key. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2011-4862 Exploits/Remote FreeBSD, Linux
Symantec System Center Alert Management System Command Execution Exploit The AMS2 (Alert Management Systems 2) component of multiple Symantec products is prone to a remote command-execution vulnerability because the software fails to adequately sanitize user-supplied input. CVE-2009-1429 Exploits/Remote Windows
Moodle Tex Filter Remote Code Execution Exploit A Remote Code Execution (RCE) vulnerability has been found in filter/tex/texed.php. Due to the fact this file does not properly check the input parameters, it is possible to exploit this vulnerability in order to execute arbitrary commands on the target server. This module starts a web server on the CORE IMPACT Console to publish the agent, which is downloaded from the target. In order to exploit this vulnerability register_globals must be enabled (in PHP) and the TeX Notation filter in Moodle must be turned on. NOCVE-9999-35969 Exploits/Remote Linux
MySQL yaSSL Exploit update This update adds support for Linux, Freebsd and additional MySQL versions. CVE-2008-0226 Exploits/Remote Windows, Linux, FreeBSD
Apache Struts ClassLoader Manipulation Remote Code Execution Exploit Update This module exploits a vulnerability in Apache Struts. The specific vulnerability is in the ParametersInterceptor, which allows a direct manipulation of the ClassLoader and as a result an attacker can execute arbitrary Java code in the target machine. This update adds support for Apache Struts 2.3.16, Windows (x86 and x64) and Linux (x64) platforms. CVE-2014-0094 Exploits/Remote Windows, Linux
AIX rpc.cmsd Buffer Overflow Exploit This module exploits a remote buffer overflow vulnerability on the Calendar Manager Service Daemon. CVE-2009-3699 Exploits/Remote AIX
Nagios history Buffer Overflow Exploit This module exploits a remote buffer overflow in Nagios history.cgi by sending a malformed host parameter. CVE-2012-6096 Exploits/Remote Linux
HP Data Protector Express Opcode 0x330 Parsing Remote Code Execution Exploit A buffer Overflow exists within the dpwinsdr.exe process which listens on TCP port 3817 by default. The process has insufficient bounds checking on user-supplied data copied to a fixed-length buffer on the stack. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed opcode 0x330 message packets to the target. CVE-2012-0122 Exploits/Remote Windows
CA BrightStor ARCserve Backup mediasvr.exe Exploit This module exploits a buffer overflow vulnerability in the CA BrightStor ARCserve Backup mediasvr.exe. The vulnerability is caused by an input validation error in the mediasvr.exe component when it processes specially crafted RPC requests. CVE-2007-1785 Exploits/Remote Windows
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10007 Command Injection Exploit The specific flaw exists within the dbman.exe service, which listens on TCP port 2810 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. CVE-2017-5817 Exploits/Remote Windows
Jenkins commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit Update Jenkins is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution. This update adds proper CVE number, support for Jenkins with HTTPS enabled, and DNS channel support. It also extends on the supported platforms, improves IPv6 functionality and removes redundant code. CVE-2015-8103 Exploits/Remote Windows, Linux
Siemens Tecnomatix FactoryLink CSService Buffer Overflow Exploit A vulnerability found on Siemens FactoryLink vulnerability occurs when CSService.exe processes a CSMSG_ListFiles_REQ message, causing a stack overflow. NOCVE-9999-48567 Exploits/Remote Windows
MSRPC Trend Micro Server Protect buffer overflow exploit Update TrendMicro ServerProtect is prone to a buffer overflow vulnerability on the rpc interface that could permit the execution of arbitrary remote code. This update corrects the actual exploited CVE number. CVE-2007-2508 Exploits/Remote Windows
Adobe ColdFusion l10n.cfm Remote Code Execution Exploit The /CFIDE/adminapi/customtags/l10n.cfm page in Adobe ColdFusion does not properly validate its attributes.file parameter. This can be abused by a remote unauthenticated attacker to execute arbitrary code on vulnerable servers. CVE-2013-3336 Exploits/Remote Windows, Linux
Easy File Sharing FTP Server PASS Buffer Overflow Exploit The vulnerability is caused due to a boundary error with the handling of passwords. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted passwords passed to the affected server. CVE-2006-3952 Exploits/Remote Windows
SAP Netweaver Message Server _MsJ2EE_AddStatistics Memory Corruption Exploit The Message Server component of SAP Netweaver is prone to a memory corruption vulnerability when the _MsJ2EE_AddStatistics function handles a specially crafted request with iflag value 0x0c MS_J2EE_SEND_TO_CLUSTERID, or 0x0d MS_J2EE_SEND_BROADCAST. This vulnerability can be exploited by remote unauthenticated attackers to execute arbitrary code on the vulnerable server. CVE-2013-1592 Exploits/Remote Windows
DATAC RealWin Packet Processing Buffer Overflow Exploit DATAC RealWin is prone to a buffer overflow vulnerability. This vulnerability can be exploited remotely by sending a specially crafted packet to port TCP/912. CVE-2010-4142 Exploits/Remote Windows
Sunway Force Control SCADA SMNP NetDBServer Buffer Overflow Exploit A stack based buffer overflow in the SNMP NetDBServer service of Sunway Forcecontrol is triggered when sending an overly long string to the listening service on port 2001. NOCVE-9999-51166 Exploits/Remote Windows
Jenkins LDAP Java Library Deserialization Vulnerability Remote Code Execution Exploit An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java object to the Jenkins CLI, making Jenkins connect to an attacker-controlled LDAP server, which in turn can send a serialized payload leading to code execution, bypassing existing protection mechanisms. CVE-2016-9299 Exploits/Remote Windows, Linux