Exploits and Security Updates to Core Impact Threat Intelligence

Exploits and Security Updates to Core Impact Threat Intelligence

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
Golden FTP Server PASS Buffer Overflow Exploit This vulnerability on installations of Golden FTP Server is due to a boundary error with the handling of passwords. This can be exploited to cause a stack-based buffer overflow via the use of overly long, specially-crafted passwords passed to the affected server. CVE-2006-6576 Exploits/Remote Windows
IBM Tivoli Endpoint lcfd opts Argument Buffer Overflow Exploit Update This module exploits a stack-based buffer overflow vulnerability in IBM Tivoli Endpoint by sending a specially crafted HTTP request. The specific flaw exists within the lcfd.exe process which listens by default on TCP port 9495. To reach this page remotely authentication is required. However, by abusing a built-in account an attacker can access the restricted pages. While parsing requests to one of these, the process blindly copies the contents of a POST variable to a 256 byte stack buffer. This update adds DEP bypass (Data Execution Prevention) support for Windows 2003. CVE-2011-1220 Exploits/Remote Windows
Kingview SCADA HMI HistorySvr Heap Overflow Exploit Update KingView Scada is vulnerable to a buffer overflow error in the HistorySvr.exe module when processing malformed packets sent to port 777/TCP. This update adds new indirection using shell32.dll version 6.0.0.2900.5512. CVE-2011-0406 Exploits/Remote Windows
Apache Tomcat buffer overflow exploit This module exploits a buffer overflow vulnerability in the Apache Tomcat JK Web Server Connector and installs an agent. An attacker can use an overly long URL to trigger a buffer overflow in the URL work map routine (map_uri_to_worker()) in the mod_jk.so library, resulting in the compromise of the target system. CVE-2007-0774 Exploits/Remote Linux
Drupal BlogAPI Remote Execution Exploit Update 4 The BlogAPI module does not validate the extension of files that it is used to upload, enabling users with the "administer content with blog api" permission to upload harmful files. This module uploads an IMPACT agent, creates a php file to execute the agent and then makes a request to the file. The result is an IMPACT agent running on the webserver. This update adds support for the AIX platform. CVE-2008-4792 Exploits/Remote Solaris, Linux, AIX
Wireshark packet dect Remote Stack Buffer Overflow Exploit A heap-based buffer overflow was found in the DECT dissector of Wireshark. A remote attacker could use this flaw to cause the Wireshark executable to crash or potentially to execute arbitrary code with the privileges of the user running Wireshark. CVE-2011-1591 Exploits/Remote Windows
MSRPC CA BrightStor ARCserve Backup ReportRemoteExecuteCML Buffer Overflow Exploit CA BrightStor ARCserve Backup is prone to a stack based buffer overflow vulnerability on the RPC interface that could permit the execution of arbitrary remote code. A remote attacker can exploit this vulnerability to execute arbitrary code and completely compromise the computer. CVE-2008-4397 Exploits/Remote Windows
Asterisk T.38 buffer Overflow Exploit Update This module exploits a buffer overflow vulnerability in the T38FaxRateManagement parameter when parsing SIP/SDP requests in 1.4.x prior to 1.4.3. This update improves the reliability of the module. CVE-2007-2293 Exploits/Remote Linux
Cisco NX-OS CDP Remote Exploit A vulnerability has been reported as Cisco Bug ID CSCtf08873 which states that a CDP packet with a long Device ID crashes CDPD on N7k. Our research indicated that the vulnerability corrupts the state of the heap, leading to an exploitable scenario, which allows to gain administrator privileges. This module exploits such vulnerability in order to install an agent. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. NOCVE-9999-48401 Exploits/Remote none
MSRPC WKSSVC NetpManageIPCConnect Exploit Update 2 This module exploits a stack buffer overflow in the Workstation Service. This package addresses a compatibility problem when porting the module from version 7.6 to 8.0 of the framework. CVE-2006-4691 Exploits/Remote Windows
Microsoft SQL Server sp_replwritetovarbin Remote Heap Overflow Exploit Update This module exploits a heap-based buffer overflow in the Microsoft SQL Server by sending a specially crafted SQL query. This update adds support for executestatement() functionality within the WebApps vector. It has two uses: One as a Remote Exploit which needs authentication, and another as an SQL Injection Agent installer module, which needs an SQL Agent as a target. CVE-2008-5416 Exploits/Remote Windows
Sun Java Web Console format string exploit This module exploits a format string vulnerability in the Sun Java Web Console and installs an agent. CVE-2007-1681 Exploits/Remote Solaris
Windows Mailslot DoS Update The server driver (srv.sys) in Microsoft Windows 2000 SP4, Server 2003 SP1 and earlier, and XP SP2 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet on an SMB PIPE that triggers a null dereference. While investigating the Microsoft Server Service Mailslot heap overflow vulnerability reported in Microsoft Security Bulletin MS06-035 we discovered a second bug in the server service. This module exploits this vulnerability. For more info go to http://www.coresecurity.com/common/showdoc.php?idx=562&idxseccion=10 CVE-2006-3942 Exploits/Remote Windows
IntraSrv Simple Web Server Buffer Overflow Exploit IntraSrv is prone to a buffer overflow within GET requests with an overly long HOST parameter. NOCVE-9999-58319 Exploits/Remote Windows
Symantec Endpoint Protection Manager Java Library Deserialization Vulnerability Remote Code Execution Exploit Symantec Endpoint Protection Manager is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution. CVE-2015-6555 Exploits/Remote Windows
Microsoft Windows SMB Buffer Underflow DoS (MS08-063) This module exploits a remote vulnerability on the FIND_FIRTS2 SMB subcommand on the srv.sys driver. CVE-2008-4038 Exploits/Remote Windows
OpenX Remote Code Execution Exploit Update This update adds support for Solaris and Mac OS X platforms CVE-2009-4098 Exploits/Remote Solaris, Linux, Mac OS X
EMC AutoStart Domain Name Logging Buffer Overflow Exploit A remote user can send specially crafted data via TCP to trigger a buffer overflow and execute arbitrary code on the target system. CVE-2011-2735 Exploits/Remote Windows
FileCopa LIST Command Remote Buffer Overflow Exploit FileCopa FTP Server is prone to a buffer-overflow vulnerability when handling data through the LIST command, a large amount of data can trigger an overflow in a finite-sized internal memory buffer. CVE-2006-3726 Exploits/Remote Windows
Microsoft Windows Media Services Remote Exploit (MS10-025) Update This module exploits a remote buffer overflow in the Microsoft Windows Media Services by sending a specially crafted packet to the 1755/TCP port. This module also works against targets with the original MS10-025 update installed. CVE-2010-0478 Exploits/Remote Windows
Now SMS MMS Gateway Web Authorization Buffer Overflow Exploit A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the web interface of Now SMS MMS Gateway. CVE-2008-0871 Exploits/Remote Windows
McAfee ePolicy Orchestrator - Protection Pilot HTTP exploit This module exploits a buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126. CVE-2006-5156 Exploits/Remote Windows
Citrix NetScaler SOAP Handler Remote Code Execution Exploit This module exploits a vulnerability in Citrix NetScaler server. Citrix NetScaler is prone to a memory-corruption vulnerability when handling certain SOAP requests. NOCVE-9999-69407 Exploits/Remote FreeBSD
Microsoft Group Policy Preferences Exploit (MS14-025) The Group Policy implementation in Microsoft Windows does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share. CVE-2014-1812 Exploits/Remote Windows
MS SMB 2.0 Negociate Protocol Request Remote Exploit Update 2 This update uses two different methods to exploit the targets, and it also improves the exploited target stability when repairing the SMB service. This module exploits a vulnerability on srv2.sys via a SMB 2 malformed packet. CVE-2009-3103 Exploits/Remote Windows
LANDesk Lenovo ThinkManagement Console Remote Command Execution Exploit This module exploits a file upload vulnerability in the LANDesk Lenovo ThinkManagement Console. Unrestricted file upload in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console allows remote attackers to execute arbitrary code by uploading a file with an executable extension via a PutUpdateFileCore command in a RunAMTCommand SOAP request. CVE-2012-1195 Exploits/Remote Windows
PHPMyAdmin Server_databases Remote Code Execution Exploit This module exploits a vulnerability in PHPMyAdmin. server_databases.php fails when it attemps to sanitize the sort_by parameter. It allows an attacker to inject code, and execute it on the web server with www-data privileges. CVE-2008-4096 Exploits/Remote Linux
eDisplay Personal FTP Server RMD Command Buffer Overflow Exploit eDisplay Personal FTP server is an FTP server for Microsoft Windows. The server is exposed to multiple remote buffer overflow issues because it fails to perform adequate boundary checks on user-supplied data, for example, sending an RMD crafted command NOCVE-9999-42732 Exploits/Remote Windows
Drupal BlogAPI Remote Code Execution Exploit The BlogAPI module does not validate the extension of files that it is used to upload, enabling users with the "administer content with blog api" permission to upload harmful files. This module uploads an IMPACT agent, creates a php file to execute the agent and then makes a request to the file. The result is an IMPACT agent running on the webserver. CVE-2008-4792 Exploits/Remote Linux
ProFTPD sreplace buffer overflow exploit ProFTPD is prone to an remote buffer-overflow vulnerability. This issue is due to an off-by-one error, allowing attackers to corrupt memory. CVE-2006-5815 Exploits/Remote Linux