Core Impact Security and Penetration Testing Updates

Core Impact Threat Intelligence Exploits, Security and Penetration Testing Updates

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
Moodle Tex Filter Remote Code Execution Exploit Upgrade This update adds Windows (XP) to the supported target systems for this exploit. NOCVE-9999-35969 Exploits/Remote Windows, Linux
Phpmyadmin Server_databases Remote Code Execution Exploit Update This updates provides more readable log messages when specific errors occur and improves the reliability of the exploit. CVE-2008-4096 Exploits/Remote Linux
MS SMB 2.0 Negociate Protocol Request Remote BSOD Exploit Update This update improves the exploit reliability. This module exploits a vulnerability on srv2.sys via a SMB 2 malformed packet. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-3103 Exploits/Remote Windows
Joomla UsersModelRegistration Admin Registration Vulnerability Exploit The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site. This registration works even when registration has been disabled. This module exploits this vulnerability to add an administrator user to the Joomla database. Notice that this account could need registration confirmation (activation). CVE-2016-8869 Exploits/Remote Linux
HPE Intelligent Management Center Java RMI Registry Deserialization Vulnerability Remote Code Execution Exploit HPE Intelligent Management Center is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the RMI Registry service used to manage and monitor the Java Virtual Machine. CVE-2017-5792 Exploits/Remote Windows
NetSupport Manager Agent Buffer Overflow Exploit This module exploits a stack based buffer overflow in Netsupport Agent via a long control hostname to TCP port 5405. CVE-2011-0404 Exploits/Remote Linux, Mac OS X
Citrix Provisioning Services streamprocess Remote Buffer Overflow Exploit This module exploits a remote buffer overflow in the streamprocess.exe service included in the Citrix Provisioning Services application by sending a malformed packet to the 6905/UDP port. NOCVE-9999-46895 Exploits/Remote Windows
MSRPC Server Service Remote Buffer Overflow Exploit (MS08-067) Update 3 This module exploits a vulnerability in the Microsoft Windows Server service by sending a specially crafted RPC request. This update adds support for Windows 2003 Enterprise Edition sp2 with DEP enabled. This update also adds support for XP SP2 and 2003 SP1 as well as improves the reliability of the exploit against all supported platforms. CVE-2008-4250 Exploits/Remote Windows
MSRPC Server Service Remote Buffer Overflow Exploit (MS08-067) Update 2 This module exploits a vulnerability in the Microsoft Windows Server service sending a specially crafted RPC request. This update adds support for Windows 2003 Enterprise Edition sp2 with DEP enabled. CVE-2008-4250 Exploits/Remote Windows
TFTPServer SP Buffer Overflow Exploit Update This module exploits a buffer overflow vulnerability in the handling of Error Packet for overwrite all the .bss section and some portion of the .idata section. This module add the service specification tag. CVE-2008-2161 Exploits/Remote Windows
VERITAS Backup Exec Agent exploit This module exploits a stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows allowing remote attackers to execute arbitrary code. CVE-2005-0773 Exploits/Remote Windows
EMC AlphaStor Device Manager 0x41 Command Buffer Overflow Exploit A flaw exists within Device Manager (rrobotd.exe), which listens by default on port 3000, when parsing the 0x41 command. CVE-2013-0930 Exploits/Remote Windows
Microsoft Windows Media Services Remote Exploit (MS10-025) This module exploits a remote buffer overflow in the Microsoft Windows Media Services by sending a specially crafted packet to the port 1755/TCP. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-0478 Exploits/Remote Windows
Samba Pipe dlopen Remote Code Execution Exploit This module installs a level0 agent by writing a .so library and requesting an open pipe on the remote host. CVE-2017-7494 Exploits/Remote Linux
Tomcat Deploy Manager Default Account Code Execution Exploit This module exploits a remote code execution vulnerability in Tomcat Web Server by using an default user account to upload an arbitrary file. CVE-2009-3548 Exploits/Remote Windows
Telnetd encrypt_keyid Remote Buffer Overflow Exploit Buffer overflow in libtelnet/encrypt.c in various implementations of telnetd allows remote attackers to execute arbitrary code with root permissions via a long encryption key. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2011-4862 Exploits/Remote FreeBSD, Linux
MSRPC WKSSVC NetpManageIPCConnect Exploit Update 2 This module exploits a stack buffer overflow in the Workstation Service. This package addresses a compatibility problem when porting the module from version 7.6 to 8.0 of the framework. CVE-2006-4691 Exploits/Remote Windows
CA BrightStor ARCserve Backup mediasvr.exe Exploit This module exploits a buffer overflow vulnerability in the CA BrightStor ARCserve Backup mediasvr.exe. The vulnerability is caused by an input validation error in the mediasvr.exe component when it processes specially crafted RPC requests. CVE-2007-1785 Exploits/Remote Windows
ManageEngine OpManager Exploit ManageEngine OpManager is vulnerable to abuse a SQL query functionality that allows attackers to insert and export a crafted WAR using 'IntegrationUser' hidden account credentials allowing us to install an agent. CVE-2015-7765 Exploits/Remote Windows
RPT exploits ordering improvements With this update, RPT will prioritize newer exploits when attacking a target. CVE-2011-1567 Exploits/Remote Windows, AIX, Linux, Mac OS X, Solaris, FreeBSD
XOOPS mydirname Remote Code Execution Exploit This module exploits a lack of data sanitization when passed to the "mydirname" parameter in specific modules of XOOP web application. This can be exploited to inject and execute arbitrary PHP code to deploy an agent. Successful exploitation requires that "register_globals" is enabled. NOCVE-9999-38580 Exploits/Remote Solaris, Linux
GIMP script-fu Server Buffer Overflow Exploit There is a buffer overflow in the script-fu server component of GIMP (the GNU Image Manipulation Program) when sending a crafted package to the port 10008. CVE-2012-2763 Exploits/Remote Windows, Linux
IntraSrv Simple Web Server Buffer Overflow Exploit IntraSrv is prone to a buffer overflow within GET requests with an overly long HOST parameter. NOCVE-9999-58319 Exploits/Remote Windows
eDisplay Personal FTP Server RMD Command Buffer Overflow Exploit eDisplay Personal FTP server is an FTP server for Microsoft Windows. The server is exposed to multiple remote buffer overflow issues because it fails to perform adequate boundary checks on user-supplied data, for example, sending an RMD crafted command NOCVE-9999-42732 Exploits/Remote Windows
Citrix NetScaler SOAP Handler Remote Code Execution Exploit This module exploits a vulnerability in Citrix NetScaler server. Citrix NetScaler is prone to a memory-corruption vulnerability when handling certain SOAP requests. NOCVE-9999-69407 Exploits/Remote FreeBSD
FileCopa LIST Command Remote Buffer Overflow Exploit FileCopa FTP Server is prone to a buffer-overflow vulnerability when handling data through the LIST command, a large amount of data can trigger an overflow in a finite-sized internal memory buffer. CVE-2006-3726 Exploits/Remote Windows
Invision Power Board Unserialize Remote Code Execution Exploit Invision Power Board is vulnerable to a remote code execution due to the use of the unserialize method on user input passed through cookies without a proper sanitization. CVE-2012-5692 Exploits/Remote Solaris, Linux
Apache Tomcat buffer overflow exploit This module exploits a buffer overflow vulnerability in the Apache Tomcat JK Web Server Connector and installs an agent. An attacker can use an overly long URL to trigger a buffer overflow in the URL work map routine (map_uri_to_worker()) in the mod_jk.so library, resulting in the compromise of the target system. CVE-2007-0774 Exploits/Remote Linux
Novell ZENworks Configuration Management Preboot Service Remote Buffer Overflow Exploit This module exploits a remote stack-based buffer overflow in the Preboot Service component of Novell ZENworks Configuration Management by sending a specially crafted packet to the port 998/TCP. NOCVE-9999-43820 Exploits/Remote Windows
Synce Command injection exploit update This update adds the vulnerability name to reports. CVE-2008-1136 Exploits/Remote FreeBSD, Linux