Core Impact Security and Penetration Testing Updates

Core Impact Threat Intelligence Exploits, Security and Penetration Testing Updates

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
InduSoft Web Studio CEServer Remote Code Execution Exploit The flaw exists in the Remote Agent (CEServer.exe) that listens by default on TCP port 4322, the process can not perform any authentication and copy the packages designed to a fixed size buffer. CVE-2011-4051 Exploits/Remote Windows
Cisco Prime Infrastructure Java Object Deserialization Remote Code Execution Exploit Cisco Prime Infrastructure 1.2.0 through 2.2(2) and Cisco Evolved Programmable Network Manager (EPNM) 1.2 allow remote attackers to execute arbitrary code via crafted deserialized data in an HTTP POST request, aka Bug ID CSCuw03192. CVE-2016-1291 Exploits/Remote Linux
Wordpress W3 Total Cache PHP Remote Code Execution Exploit This module exploits a vulnerability in W3 Total Cache plugin for Wordpress. Certain macros such as mfunc allow to inject PHP code into comments. By injecting a crafted comment into a valid post an attacker can execute arbitrary PHP code on systems running vulnerable installations of W3 Total Cache. CVE-2013-2010 Exploits/Remote Linux
CA BrightStor ARCserve Backup SQL agent exploit This module exploits a stack-based buffer overflow in CA BrightStor ARCserve Backup for Windows and installs a level0 agent. CVE-2005-1272 Exploits/Remote Windows
Borland AccuRev Reprise License Server edit_lf_process Write Arbitrary Files Exploit Update 2 The specific flaw exists within the edit_lf_process resource of the AccuRev Reprise License Manager service. The issue lies in the ability to write arbitrary files with controlled data. An attacker could leverage this vulnerability to execute arbitrary code under the context of SYSTEM. This update introduces a number of improvements related to the architecture of the agent installed and scenarios where multiple targets are tested. This update adds reliability. NOCVE-9999-74481 Exploits/Remote Windows
Alt-N Security Gateway Remote Buffer Overflow Exploit Update This module exploits a stack-based buffer overflow in the Alt-N Security Gateway by sending a specially crafted HTTP request to the TCP port 4000. This module adds support for Windows 2000 Professional SP4. CVE-2008-4193 Exploits/Remote Windows
EMC NetWorker nsrd RPC Service Format String Exploit Update A Format string vulnerability in the nsrd RPC service within EMC NetWorker? allows remote attackers to execute arbitrary code via format string specifiers in a crafted message. This update adds Linux Support. CVE-2012-2288 Exploits/Remote Linux, Windows
Trend Micro InterScan Web Security Virtual Appliance doPostMountDevice OS Command Injection Exploit Trend Micro InterScan Web Security Virtual Appliance is prone to an OS command injection which allows attackers the execution of system commands. NOCVE-9999-91565 Exploits/Remote Linux
GE Proficy CIMPLICITY gefebt Remote Code Execution The vulnerable component gefebt allows to execute remote BCL files in shared resources. An attacker can abuse this behaviour to execute a malicious BCL and drop an arbitrary EXE .This can be executed remotely through the WebView server. CVE-2014-0750 Exploits/Remote Windows
MSRPC UMPNPMGR MS05-039 exploit update This module exploits a stack buffer overflow in the Microsoft Windows Plug and Play service and installs an agent (MS05-039). This update fixes a problem when launching the exploit with the PROTO parameter set to 139/SMB or 445/SMB (instead of the default value ANY). CVE-2005-1983 Exploits/Remote Windows
SAP MaxDB Remote Command Injection Exploit This module installs an agent using a remote command-injection vulnerability located in the database server. CVE-2008-0244 Exploits/Remote Windows
HP SiteScope Remote Code Execution Exploit Update This module exploits two vulnerabilities in HP SiteScope to gain remote code execution. The first vulnerability is an authentication bypass in the getSiteScopeConfiguration operation available through the APISiteScopeImpl AXIS service to grab the administrator credentials from the server running HP SiteScope. The second vulnerability is a directory traversal in the UploadFileHandler url that allows to upload files to the server into a directory that allows for scripting. This update only adds CVE number. CVE-2013-2367 Exploits/Remote Windows
Avtech DVR Camera Authentication Bypass and Command Execution Exploit Several firmware versions of Avtech devices are vulnerable to Authentication bypass by requesting a .cab file and also vulnerable to Authenticated command injection in PwdGrp.cgi on the user creation or modification request NOCVE-9999-81314 Exploits/Remote none
Microsoft Windows Print Spooler Buffer Overflow Exploit (MS09-022) Update This module exploits a buffer overflow vulnerability in the EnumeratePrintShares function in the Print Spooler Service in Microsoft Windows to install an agent in the target machine. This update adds TCP Spoofing Listener capabilities. CVE-2009-0228 Exploits/Remote Windows
ProSysInfo TFTPDWIN Buffer Overflow Exploit This module exploits a buffer overflow vulnerability during the processing of requested resources to cause a stack-based buffer overflow by requesting a resource with an overly long name. CVE-2006-4948 Exploits/Remote Windows
Apache Struts 2 ActionMessage Remote Code Execution Exploit This module exploits a vulnerability in Apache Struts 2. The specific vulnerability relies on the Struts 1 plugin which might allow remote attackers to execute arbitrary code via a malicious field value passed in a raw message to the ActionMessage. CVE-2017-9791 Exploits/Remote Windows, Linux
OracleDB DBMS AW.EXECUTE CDA Command Remote Stack Overflow Exploit Oracle Database Server Core RDBMS component is prone to a remote vulnerability that allows attackers to exploit a stack-based buffer overflow in the EXECUTE procedure of DBMS_AW. Using an overly long parameter in the CDA command with the previous procedure, a stack-based buffer overflow will occur, overwriting the saved return address. This module requires database user credentials with 'Create Session' privilege. CVE-2014-6567 Exploits/Remote Windows
AVG Remote Administration StoreServerConfig Command Remote Code Execution Exploit The AVG Administration Server is vulnerable to arbitrary configuration settings. Due to insufficient input validation, an attacker can use the StoreServerConfig command (command id 0x27) to set the value of the ClientLibraryName parameter to a UNC path. The provided value can be a path to a network share containing a malicious .dll file. This .dll file will be executed in the context of the AVG Administration Server service which runs as SYSTEM. NOCVE-9999-64522 Exploits/Remote Windows
Debian OpenSSL Predictable Random Number Generation Exploit This module exploits the random number generator in Debian's OpenSSL package being predictable. This vulnerability is used to generate SSH keys and to install an agent into the target host. CVE-2008-0166 Exploits/Remote Linux
Kerberos Checksum Remote Privilege Escalation Exploit (MS14-068) A vulnerability in Microsoft's implementation of the Kerberos authentication protocol allows to modify a Kerberos ticket to remotely escalate privileges. This module exploits the vulnerability impersonating a user of the domain's Administrators group to install an agent in the domain controller with System privileges. This update introduces the option to use NTLM hashes for authentication and Network RPT-AP integration. CVE-2014-6324 Exploits/Remote Windows
D-Link TFTP Transporting Mode Buffer Overflow Exploit D-Link TFTP Server 1.0 allows remote attackers to cause a buffer overflow via a long GET request, which triggers the vulnerability. CVE-2007-1435 Exploits/Remote Windows
Reprise License Manager edit_lf_process Write Arbitrary Files Exploit Update 3 The specific flaw exists within the edit_lf_process resource of the Reprise License Manager service. The issue lies in the ability to write arbitrary files with controlled data. An attacker could leverage this vulnerability to execute arbitrary code under the context of SYSTEM. This update introduces more accurate information about vulnerable targets. NOCVE-9999-74481 Exploits/Remote Windows
Exploit Description Update This update modifies the description in the file header. CVE-2008-1611 Exploits/Remote Windows
Apache Tomcat readonly Initialisation Parameter JSP Remote Code Execution Exploit Apache Tomcat allows the upload of JSP files to unauthenticated users via a specially crafted request when the readonly initialization parameter of the Default servlet is set to false. CVE-2017-12617 Exploits/Remote Windows, Linux
Microsoft IGMPv3 Exploit (MS08-001) This exploit installs an agent using an overflow vulnerability located in Microsoft Windows tcpip.sys CVE-2007-0069 Exploits/Remote Windows
Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow Exploit Ricoh DC's DL-10 SR10 FTP Server is prone to a buffer-overflow vulnerability when handling data through the USER command. This can be exploited by supplying a long string of data to the affected command. NOCVE-9999-53623 Exploits/Remote Windows
Kolibri WebServer HTTP POST Request Buffer Overflow Exploit Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly validate user-supplied input when handling HTTP POST requests. CVE-2014-5289 Exploits/Remote Windows
ASUS Remote Console Buffer Overflow Exploit This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing ASUS Remote Console. This exploit disables DEP in the supported systems. CVE-2008-1491 Exploits/Remote Windows
OracleDB TNS Listener Remote Poisoning Vulnerability Exploit Oracle Database Server is prone to a remote vulnerability that allows attackers to poison the data handled by the remote 'TNS Listener' component of the application. This module tries to verify if the vulnerability is present in the 'TNS Listener' component of the database server, without deploying an agent. If a database instance name is supplied, it will be used to check for the vulnerability against the TNS listener of the target, but this could affect future client connections, as long as the module is running. If no database instance name is supplied, the module will try to register a random name. CVE-2012-1675 Exploits/Remote Windows, Linux
Surgemail Search Exploit This module exploits a stack-based buffer overflow in the Surgemail Server 3.x and deploys an agent when successful. The exploit triggers a buffer-overflow vulnerability due to insufficient bounds checking of user supplied input allowing remote attackers to execute arbitrary code on the remote machine. CVE-2007-4377 Exploits/Remote Windows