Core Impact Security and Penetration Testing Updates

Core Impact Threat Intelligence Exploits, Security and Penetration Testing Updates

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
Microsoft Windows Media Services Remote Exploit (MS10-025) Update This module exploits a remote buffer overflow in the Microsoft Windows Media Services by sending a specially crafted packet to the 1755/TCP port. This module also works against targets with the original MS10-025 update installed. CVE-2010-0478 Exploits/Remote Windows
Apache mod_php Exploit Update 2 This update fixes an issue with the 'reuse connection' mode on Impact V7.5 CVE-2002-0081 Exploits/Remote Linux
Microsoft Windows SMB Buffer Underflow DoS (MS08-063) This module exploits a remote vulnerability on the FIND_FIRTS2 SMB subcommand on the srv.sys driver. CVE-2008-4038 Exploits/Remote Windows
Oracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow Exploit This module exploits a vulnerability in Oracle Secure Backup when sending a specially crafted NDMP_CONNECT_CLIENT_AUTH packet. CVE-2008-5444 Exploits/Remote Windows
CA BrightStor ARCserve Backup mediasvr.exe Exploit This module exploits a buffer overflow vulnerability in the CA BrightStor ARCserve Backup mediasvr.exe. The vulnerability is caused by an input validation error in the mediasvr.exe component when it processes specially crafted RPC requests. CVE-2007-1785 Exploits/Remote Windows
Firebird SQL Username Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the database service (fbserver.exe) of the FireBird SQL application. The exploit triggers a stack-based buffer overflow by sending a specially crafted packet with a malformed "username" value to port 3050/TCP of the vulnerable system and installs an agent if successful. CVE-2008-0387 Exploits/Remote Windows
Sunway Force Control SCADA SMNP NetDBServer Buffer Overflow Exploit A stack based buffer overflow in the SNMP NetDBServer service of Sunway Forcecontrol is triggered when sending an overly long string to the listening service on port 2001. NOCVE-9999-51166 Exploits/Remote Windows
Invision Power Board Unserialize Remote Code Execution Exploit Invision Power Board is vulnerable to a remote code execution due to the use of the unserialize method on user input passed through cookies without a proper sanitization. CVE-2012-5692 Exploits/Remote Solaris, Linux
NaviCOPA Web Server Remote Buffer Overflow Exploit The vulnerability is caused due to a boundary error within the handling of HTTP GET requests. This may allow execution of arbitrary code by sending an overly long, specially crafted HTTP GET request to the server. CVE-2006-5112 Exploits/Remote Windows
NJStar Communicator MiniSMTP Server Buffer Overflow Exploit Stack Overflow in the MiniSmtp Server component of the NJStar Communicator. NOCVE-9999-50132 Exploits/Remote Windows
IntraSrv Simple Web Server Buffer Overflow Exploit IntraSrv is prone to a buffer overflow within GET requests with an overly long HOST parameter. NOCVE-9999-58319 Exploits/Remote Windows
Symantec Endpoint Protection Manager Java Library Deserialization Vulnerability Remote Code Execution Exploit Symantec Endpoint Protection Manager is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution. CVE-2015-6555 Exploits/Remote Windows
eDisplay Personal FTP Server RMD Command Buffer Overflow Exploit eDisplay Personal FTP server is an FTP server for Microsoft Windows. The server is exposed to multiple remote buffer overflow issues because it fails to perform adequate boundary checks on user-supplied data, for example, sending an RMD crafted command NOCVE-9999-42732 Exploits/Remote Windows
Drupal BlogAPI Remote Code Execution Exploit The BlogAPI module does not validate the extension of files that it is used to upload, enabling users with the "administer content with blog api" permission to upload harmful files. This module uploads an IMPACT agent, creates a php file to execute the agent and then makes a request to the file. The result is an IMPACT agent running on the webserver. CVE-2008-4792 Exploits/Remote Linux
MS SMB 2.0 Negociate Protocol Request Remote Exploit Update 2 This update uses two different methods to exploit the targets, and it also improves the exploited target stability when repairing the SMB service. This module exploits a vulnerability on srv2.sys via a SMB 2 malformed packet. CVE-2009-3103 Exploits/Remote Windows
Easy Chat Server Authentication Request Buffer Overflow Exploit A remote user of vulnerable installations of Easy Chat Server can send a specially crafted password parameter to chat.ghp to trigger a buffer overflow and execute arbitrary code on the target system. NOCVE-9999-36981 Exploits/Remote Windows
Kingview SCADA HMI HistorySvr Heap Overflow Exploit Update KingView Scada is vulnerable to a buffer overflow error in the HistorySvr.exe module when processing malformed packets sent to port 777/TCP. This update adds new indirection using shell32.dll version 6.0.0.2900.5512. CVE-2011-0406 Exploits/Remote Windows
Citrix NetScaler SOAP Handler Remote Code Execution Exploit This module exploits a vulnerability in Citrix NetScaler server. Citrix NetScaler is prone to a memory-corruption vulnerability when handling certain SOAP requests. NOCVE-9999-69407 Exploits/Remote FreeBSD
Microsoft Group Policy Preferences Exploit (MS14-025) The Group Policy implementation in Microsoft Windows does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share. CVE-2014-1812 Exploits/Remote Windows
Novell ZENworks Configuration Management Preboot Service Remote Buffer Overflow Exploit This module exploits a remote stack-based buffer overflow in the Preboot Service component of Novell ZENworks Configuration Management by sending a specially crafted packet to the port 998/TCP. NOCVE-9999-43820 Exploits/Remote Windows
Cisco NX-OS CDP Remote Exploit A vulnerability has been reported as Cisco Bug ID CSCtf08873 which states that a CDP packet with a long Device ID crashes CDPD on N7k. Our research indicated that the vulnerability corrupts the state of the heap, leading to an exploitable scenario, which allows to gain administrator privileges. This module exploits such vulnerability in order to install an agent. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. NOCVE-9999-48401 Exploits/Remote none
XOOPS mydirname Remote Code Execution Exploit This module exploits a lack of data sanitization when passed to the "mydirname" parameter in specific modules of XOOP web application. This can be exploited to inject and execute arbitrary PHP code to deploy an agent. Successful exploitation requires that "register_globals" is enabled. NOCVE-9999-38580 Exploits/Remote Solaris, Linux
WireShark LWRES Dissector Buffer Overflow Exploit Update This module exploits a stack-based buffer overflow in the WireShark LWRES dissector by sending a specially crafted LWRES packet. This update adds support for more WireShark versions. CVE-2010-0304 Exploits/Remote Windows
Drupal BlogAPI Remote Execution Exploit Update 3 The BlogAPI module does not validate the extension of files that it is used to upload, enabling users with the "administer content with blog api" permission to upload harmful files. This module uploads an IMPACT agent, creates a php file to execute the agent and then makes a request to the file. The result is an IMPACT agent running on the webserver. This update adds support for Solaris platforms. CVE-2008-4792 Exploits/Remote Solaris, Linux, AIX
Sun Java Web Console format string exploit This module exploits a format string vulnerability in the Sun Java Web Console and installs an agent. CVE-2007-1681 Exploits/Remote Solaris
Now SMS MMS Gateway Web Authorization Buffer Overflow Exploit A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the web interface of Now SMS MMS Gateway. CVE-2008-0871 Exploits/Remote Windows
MSRPC WKSSVC NetpManageIPCConnect Exploit Update 2 This module exploits a stack buffer overflow in the Workstation Service. This package addresses a compatibility problem when porting the module from version 7.6 to 8.0 of the framework. CVE-2006-4691 Exploits/Remote Windows
Windows Mailslot DoS Update The server driver (srv.sys) in Microsoft Windows 2000 SP4, Server 2003 SP1 and earlier, and XP SP2 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet on an SMB PIPE that triggers a null dereference. While investigating the Microsoft Server Service Mailslot heap overflow vulnerability reported in Microsoft Security Bulletin MS06-035 we discovered a second bug in the server service. This module exploits this vulnerability. For more info go to http://www.coresecurity.com/common/showdoc.php?idx=562&idxseccion=10 CVE-2006-3942 Exploits/Remote Windows
OpenX Remote Code Execution Exploit Update This update adds support for Solaris and Mac OS X platforms CVE-2009-4098 Exploits/Remote Solaris, Linux, Mac OS X
SolidWorks Workgroup PDM 2014 Opcode 2001 Remote Code Execution Exploit A stack buffer overflow occurs when copying a user supplied input to a fixed size stack buffer without boundary check leading to overwrite the SEH and the return address. The copying procedure stops when a null word is found and no size check is proceeded. NOCVE-9999-65834 Exploits/Remote Windows