Core Impact Security and Penetration Testing Updates

Core Impact Threat Intelligence Exploits, Security and Penetration Testing Updates

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
Exim string_format Buffer Overflow Exploit The internal string handling functions of the Exim software contain a function called string_format(). The version of this function included with Exim versions prior to 4.70 contains a flaw that can result in a buffer overflow. This module exploits the vulnerability to install an agent. Additionally, this module also attempts to exploit the Alternate Configuration Privilege Escalation Vulnerability in Exim (CVE-2010-4345). If the second exploit is successful, the agent is installed with root privileges. CVE-2010-4344 Exploits/Remote Linux
SugarCRM Remote Code Execution Exploit Update This update adds support for Solaris and Mac OS X platforms CVE-2009-2146 Exploits/Remote Linux, Solaris, Mac OS X
ActFax RAW Server Buffer Overflow Exploit A vulnerability in ActFax Server RAW server used to transfer fax messages without protocols. Data fields. @F506,@F605, and @F000 are vulnerable. NOCVE-9999-56765 Exploits/Remote Windows
Advantech WebAccess Webvrpcs Service DrawSrv Untrusted Pointer Dereference Exploit The specific flaw exists within the implementation of the 0x2723 IOCTL in the webvrpcs process. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this functionality to execute code under the context of Administrator. CVE-2017-12719 Exploits/Remote Windows
MicroWorld eScan Products Remote Command Execution Exploit Multiple MicroWorld eScan products are vulnerable to a remote command-execution vulnerability because they fail to properly sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary commands with superuser privileges. Successful attacks will completely compromise affected computers. The issue affects the following products versions prior to 4.1.x: eScan for Linux Desktop, eScan for Linux File Servers, MailScan for Linux Mail servers, WebScan for Linux Proxy Servers. NOCVE-9999-42682 Exploits/Remote Linux
HP Storage Data Protector MSG_PROTOCOL Buffer Overflow Exploit Update This module exploits a remote buffer overflow in the OmniInet.exe service included in the HP OpenView Storage Data Protector application by sending a malformed MSG_PROTOCOL packet. This update improves exploit reliability. CVE-2007-2280 Exploits/Remote Windows
Debian OpenSSL Predictable Random Number Generation Exploit Update This module exploits the random number generator in Debian's OpenSSL package being predictable. This vulnerability is used to generate SSH keys and to install an agent into the target host. This update contains: -Corrections of some documentation issues. -Performance optimizations. -New parameter for user's preferences. CVE-2008-0166 Exploits/Remote Linux
ActiveMQ STOMP Protocol Unsafe Deserialization Exploit JMS Object messages within Apache ActiveMQ depend on Java Serialization for marshaling/unmashaling of the message payload. This lead to execution of untrusted code when a specially crafted object is received. This update introduces an exploit that will attempt to connect using the STOMP protocol and abuse the vulnerability to execute a Core Impact agent in the vulnerable system. CVE-2015-5254 Exploits/Remote Windows, Linux
Now SMS MMS Gateway Web Authorization Buffer Overflow Exploit update A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the web interface of Now SMS MMS Gateway. This version add support for Windows 2003 and all systems with DEP enabled. CVE-2008-0871 Exploits/Remote Windows
OpenSSH Channel Exploit Update Exploits an off-by-one bug in channel management code in OpenSSH. This update excludes the module from automated attacks launched by the "Network Attack and Penetration" feature, since the module requires credentials of a known account on the vulnerable system, and hence won't work with default parameters. CVE-2002-0083 Exploits/Remote OpenBSD, Linux
DameWare Mini Remote Control Username Exploit This module exploits a vulnerability in DameWare Mini Remote Control by sending a specially crafted packet to port 6129/TCP. CVE-2005-2842 Exploits/Remote Windows
Adobe ColdFusion locale Remote Code Execution Exploit An important vulnerability has been identified in ColdFusion version 8.0, 8.0.1, 9.0, 9.0.1 for Windows, Macintosh and UNIX. This directory traversal vulnerability could lead to information disclosure (CVE-2010-2861). Adobe has provided a solution for this reported vulnerability. It recomends that users update their product. CVE-2010-2861 Exploits/Remote Windows, Linux
Schneider Electric Accutech Manager Heap Overflow Exploit This module exploits a heap overflow vulnerability in the Schneider Electric Accutech Manager Server by sending a malformed packet to the 2537/TCP port to execute arbitrary code or crash the server. CVE-2013-0658 Exploits/Remote Windows
VERITAS Backup Exec Agent exploit This module exploits a stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows allowing remote attackers to execute arbitrary code. CVE-2005-0773 Exploits/Remote Windows
Oracle VM Server Virtual Server Agent Command Injection Exploit By including shell meta characters within the second parameter to the 'urt_test_url' XML-RPC methodCall, an attacker can execute arbitrary commands. The service typically runs with root privileges. CVE-2010-3585 Exploits/Remote Linux
Mercury PH Server Module Buffer Overflow Exploit This module allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 PH Server Module (mercuryh.dll). This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a fixed size memory buffer. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability. CVE-2005-4411 Exploits/Remote Windows
Microsoft Windows SMB Remote Code Execution (MS17-010) Detector This module detects if MS17-010 is whether patched or not in a remote host. CVE-2017-0143 Exploits/Remote Windows
Perdition IMAP proxy str_vwrite format string exploit The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. CVE-2007-5740 Exploits/Remote FreeBSD
Omni-NFS Enterprise FTP Server Buffer Overflow Exploit This vulnerability is caused by a buffer overflow in Omni-NFS Enterprise FTP Server, due to its lack of checking of user-supplied data within FTP requests. CVE-2006-5792 Exploits/Remote Windows
Yokogawa Centum CS 3000 BKBCopyD Remote Buffer Overflow Exploit This module exploits a stack based buffer overflow in Yokogawa CENTUM CS 3000 by using its BKBCopyD.exe service. The Yokogawa Centum CS3000 solution uses different services in order to provide all its functionality. The BKBCopyD.exe service, started when running the FCS / Test Function, listens by default on TCP/20111. By sending a specially crafted packet to the port TCP/20111 it is possible to trigger a stack based buffer overflow which allows execution of arbitrary code with the privileges of the CENTUM user. CVE-2014-0784 Exploits/Remote Windows
HP OpenView Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the Shared Trace Service (ovtrcsvc.exe) of the HP OpenView application. The exploit triggers a stack-based buffer overflow by sending a specially crafted packet to port 5053/TCP of the vulnerable system and installs an agent if successful. CVE-2007-3872 Exploits/Remote Windows, Solaris
FreeFTPD User Command Buffer Overflow Exploit An internal memory buffer may be overrun while handling long "USER" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the FreeFTPdService.exe process. CVE-2005-3683 Exploits/Remote Windows
Nginx HTTP Server Chuncked Encoding Buffer Overflow Exploit This module exploits a buffer overflow vulnerability present in Nginx by bypassing the stack cookie protection and by reordering the TCP packets to make it reliable. CVE-2013-2028 Exploits/Remote Linux
IBM Lotus Domino IMAP Server Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in a Lotus Domino IMAP Server and installs an agent if successful. This vulnerability can be exploited remotely and it does not require user authentication. CVE-2007-1675 Exploits/Remote Windows, AIX
MyBB Backdoor Remote Code Execution Exploit Update A backdoor introduced in the source code of MyBB allows remote unauthenticated attackers to execute arbitrary code on systems running vulnerable installations of MyBB. This update adds support for the Solaris platform. NOCVE-9999-49723 Exploits/Remote Windows, Solaris, Linux, FreeBSD
Ipswitch IMail login exploit This module exploits a stack-based buffer overflow in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS). CVE-2005-1255 Exploits/Remote Windows
Avaya IP Office Customer Call Reporter ImageUpload Exploit The specific flaw exists because Avaya IP Office Customer Call Reporter allows to upload files to the webserver through ImageUpload.ashx. The uploaded files will not be stripped of their file extensions and the directory where they are saved has no scripting restrictions. CVE-2012-3811 Exploits/Remote Windows
OpenX Remote Code Execution Exploit The vulnerability is caused due to the banner-edit.php script allowing the upload of files with arbitrary extensions to a folder inside the webroot. This can be exploited to e.g. execute arbitrary PHP code by uploading a specially crafted PHP script that contains the GIF magic number. CVE-2009-4098 Exploits/Remote Solaris, Linux, Mac OS X
MSRPC Trend Micro Server Protect AddTaskExportLogItem() Exploit TrendMicro ServerProtect 5.58 with security patch 3 installed is prone to a buffer overflow vulnerability on the rpc interface that could permit the execution of arbitrary remote code. CVE-2007-6507 Exploits/Remote Windows
MSRPC _LlsrLicenseRequestW Remote Heap Overflow Exploit (MS09-064) This module exploits a remote heap-based overflow in the Microsoft Windows License Logging Service by sending a specially crafted RPC request. CVE-2009-2523 Exploits/Remote Windows