Core Impact Pro Exploits and Security Updates

Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
SlimFTPd LIST Command Remote Buffer Overflow Exploit SlimFTPd server is prone to a stack buffer overflow when sending a LIST command with an overly-long argument. The attacker needs to be authenticated, so a successful login is required for the exploit to work. CVE-2005-2373 Exploits/Remote Windows
Coppermine picEditor Remote Code Execution Exploit The include/imageObjectIM.class.php in Coppermine Photo Gallery (CPG) (before 1.4.15), when the ImageMagick picture processing method is configured, allows remote attackers to execute arbitrary commands via a shell. CVE-2008-0506 Exploits/Remote Solaris, Mac OS X
Microsoft Windows SMB Buffer Underflow DoS (MS08-063) This module exploits a remote vulnerability on the FIND_FIRTS2 SMB subcommand on the srv.sys driver. CVE-2008-4038 Exploits/Remote Windows
Mercury SMTPD CRAM-MD5 Pre-Auth Buffer Overflow Exploit This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 SMTP Server Module (mercurys.dll) when processing arguments to the AUTH CRAM-MD5 command. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability. CVE-2007-4440 Exploits/Remote Windows
Kolibri WebServer HTTP POST Request Buffer Overflow Exploit Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly validate user-supplied input when handling HTTP POST requests. CVE-2014-5289 Exploits/Remote Windows
AT TFTP Server Long Filename Buffer Overflow Exploit Update The vulnerability is caused due to a boundary error during the processing of TFTP Read/Write request packet types. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet with an overly long filename field. This update ensures that the program receives all data. CVE-2006-6184 Exploits/Remote Windows
Novell ZENworks Mobile Management Remote Code Execution Exploit This module exploits a vulnerability in the Novell ZENworks Mobile Management application by injecting code in the PHP session file and leveraging a Local File Inclusion in mdm.php to execute the injected PHP code. CVE-2013-1081 Exploits/Remote Windows
Zimbra Collaboration Server skin Local File Include Exploit Update Zimbra is vulnerable to a Local File Inclusion vulnerability that allows attacker to get LDAP credentials which we may use for upload a JSP file allowing us to install an agent. This update workarounds a problem when proxying and using HTTPSConnection. CVE-2013-7091 Exploits/Remote Linux
Enterasys NetSight nssyslogd PRI Buffer Overflow Exploit A vulnerability exists within the nssyslogd.exe component, when parsing a syslog message. The process does not properly validate the size of the destination buffer and copies user supplied data into a fixed-length buffer on the stack. CVE-2011-5227 Exploits/Remote Windows
WinComLPD Remote Administration Buffer Overflow Exploit A buffer overflow in WinComLPD is triggered by sending an overly long authentication packet to the remote administration service. CVE-2008-5159 Exploits/Remote Windows
CVS pserver Directory Command Double free() Exploit Update By sending a malformed 'Directory' request it is possible to create a condition where free() is called on memory that is still in use. This can result in an exploitable condition when free() is called on the memory chunk a second time. The agent installed by this exploit runs with administrative privileges. This update improve the exploit reliability. CVE-2003-0015 Exploits/Remote Linux
IBM Cognos Server Backdoor Account Remote Exploit This module exploits a remote code execution vulnerability in IBM Cognos Express by using an undocumented user account to upload an arbitrary .WAR file. CVE-2010-0557 Exploits/Remote Windows
Sun Java Web Start JNLP Stack Buffer Overflow Exploit This module exploits a stack-based buffer overflow vulnerability in the javaws.exe program and deploys an agent when successful. The exploit triggers a vulnerability in the Java Runtime Environment allowing an attacker to execute arbitrary code on the remote machine. CVE-2007-3655 Exploits/Remote Windows
MySQL MaxDB WebTool GET Request Buffer Overflow Exploit This module exploits a stack buffer overflow in the MySQL MaxDB WebTool Server and installs a level0 agent. CVE-2005-0684 Exploits/Remote Windows
Exim With Dovecot LDA Remote Code Execution Exploit The Dovecot documentation contains an example using a dangerous configuration option for Exim, which leads to a remote command execution vulnerability. NOCVE-9999-59209 Exploits/Remote Linux
Zabbix Remote Code Execution Exploit Update This module adds support for Mac OS X and Solaris platforms. NOCVE-9999-37058 Exploits/Remote Solaris, Linux, Mac OS X
MSRPC Server Service Remote Buffer Overflow Exploit (MS08-067) Update 5 This module exploits a vulnerability in the Microsoft Windows Server service by sending a specially crafted RPC request. This update adds reliability when exploiting all supported platforms. CVE-2008-4250 Exploits/Remote Windows
Microsoft Windows SMTP Server DNS Response Field Validation DNS Spoofing Vulnerability Exploit (MS10-024) This module exploits a vulnerability on smtpsvc.dll spoofing responses from a DNS Server and deflecting emails sent to an arbitrary domain. CVE-2010-1690 Exploits/Remote Windows
EMC NetWorker nsrd RPC Service Format String Exploit A Format string vulnerability in the nsrd RPC service within EMC NetWorker? allows remote attackers to execute arbitrary code via format string specifiers in a crafted message. CVE-2012-2288 Exploits/Remote Linux, Windows
Borland AccuRev Reprise License Server edit_lf_process Write Arbitrary Files Exploit Update The specific flaw exists within the edit_lf_process resource of the AccuRev Reprise License Manager service. The issue lies in the ability to write arbitrary files with controlled data. An attacker could leverage this vulnerability to execute arbitrary code under the context of SYSTEM. This update introduces a number of improvements related to the architecture of the agent installed and scenarios where multiple targets are tested. NOCVE-9999-74481 Exploits/Remote Windows
Debian OpenSSL Predictable Random Number Generation Exploit Update 2 This module exploits the random number generator in Debian's OpenSSL package being predictable. This vulnerability is used to generate SSH keys and to install an agent into the target host. The exploit will generate the complete vulnerable keyspace, and will try to log as the provided user. If the user is root, the agent will have superuser capabilities. This update improves exploit performance when used through Network Attack and Penetration RPT. CVE-2008-0166 Exploits/Remote Linux
MSRPC Samba Command Injection exploit update 2 for IMPACT 7.5 This update adds support for FreeBSD and OpenBSD. This module exploits a command injection vulnerability in the function AddPrinterW in Samba 3, reached through an AddPrinter remote request. CVE-2007-2447 Exploits/Remote Linux, OpenBSD, FreeBSD, Mac OS X
Miniserv Perl Format String Exploit Update This update fixes an issue with the SSL support in the exploit for Usermin's and Webmin's perl format string vulnerability (CVE-2005-3912). CVE-2005-3912 Exploits/Remote Linux
Soulseek Server Peer Search Buffer Overflow Exploit The application is prone to a stack-based buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data. Specifically, this issue occurs when performing a direct peer file search. CVE-2009-1830 Exploits/Remote Windows
Plone popen2 Remote Command Execution Exploit This module exploits a remote command execution vulnerability in the Zope web application server used by Plone, by sending a specially crafted HTTP request to the affected web site. The vulnerability exists because it is possible to remotely invoke the popen2 function from the Python os package with arbitrary arguments in the context of the affected server. This can be exploited by remote unauthenticated attackers to execute arbitrary code on the vulnerable machine. CVE-2011-3587 Exploits/Remote Linux, FreeBSD
Jenkins Default Configuration Remote Code Execution Exploit This module exploits a Jenkins command injection in order to install an agent. NOCVE-9999-74942 Exploits/Remote Linux
HP Storage Data Protector MSG_PROTOCOL Buffer Overflow Exploit This module exploits a remote buffer overflow in the OmniInet.exe service included in the HP OpenView Storage Data Protector application by sending a malformed MSG_PROTOCOL packet. CVE-2007-2280 Exploits/Remote Windows
Apache Mod_rewrite Remote Buffer Overflow Exploit This module exploits an Off-by-one error in the LDAP scheme handling in the Rewrite module (mod_rewrite) in Apache and installs an agent into the target host. CVE-2006-3747 Exploits/Remote none
IBM Lotus Domino BMP parsing Buffer Overflow Exploit IBM Domino is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when parsing BMP images. By sending a specially-crafted bitmap image, a remote attacker could overflow a buffer and execute arbitrary code on the system or make the application crash. CVE-2015-1903 Exploits/Remote Windows
Lighttpd FastCGI Exploit This module exploits a header overflow vulnerability in lighttpd when using fast_cgi module in lighttpd before version 1.4.18. CVE-2007-4727 Exploits/Remote Linux