Exploits and Security Updates to Core Impact Threat Intelligence

Exploits and Security Updates to Core Impact Threat Intelligence

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
FreeFTPD User Command Buffer Overflow Exploit An internal memory buffer may be overrun while handling long "USER" command. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the FreeFTPdService.exe process. CVE-2005-3683 Exploits/Remote Windows
MyBB Backdoor Remote Code Execution Exploit Update A backdoor introduced in the source code of MyBB allows remote unauthenticated attackers to execute arbitrary code on systems running vulnerable installations of MyBB. This update adds support for the Solaris platform. NOCVE-9999-49723 Exploits/Remote Windows, Solaris, Linux, FreeBSD
OpenNMS Platform Java Object Deserialization Remote Code Execution Exploit OpenNMS Platform is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the JMX/RMI service used to manage and monitor the Java Virtual Machine. NOCVE-9999-79964 Exploits/Remote Linux
Samba nttrans Exploit Update This update improves reliability on Solaris. CVE-2003-0085 Exploits/Remote Solaris, Linux
WellinTech KingSCADA AEServer Buffer Overflow Exploit The KingSCADA application has a stack-based buffer overflow vulnerability where the application overwrites the structured exception handler (SEH). An attacker could send a specially crafted packet to KingSCADA, and the application would handle the packet incorrectly, causing a stack-based buffer overflow. CVE-2014-0787 Exploits/Remote Windows
VMware vCenter Server Java JMX-RMI Remote Code Execution Exploit VMware vCenter Server is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the JMX/RMI service used to manage and monitor the Java Virtual Machine. By exploiting known methods, it is possible to remotely load an MLet file from an attacker controlled web server that points at a, also controlled, jar file. CVE-2015-2342 Exploits/Remote Windows
Microsoft Windows SMB Buffer Underflow Exploit (MS08-063) This module exploits a Windows kernel remote vulnerability on the srv.sys driver via a malformed SMB packet. CVE-2008-4038 Exploits/Remote Windows
Veritas Backup Exec exploit Update This module exploits a stack-based buffer overflow in the Agent Browser in VERITAS Backup Exec 7.3, 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, to install an agent on the target box. This update improves reliability for 8.x versions. CVE-2004-1172 Exploits/Remote Windows
Blue Coat Authentication and Authorization Agent Buffer Overflow Exploit Blue Coat BCAAA is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks. This exploit bypasses DEP protection by using ROP techniques. NOCVE-9999-48688 Exploits/Remote Windows
SlimFTPd LIST Command Remote Buffer Overflow Exploit SlimFTPd server is prone to a stack buffer overflow when sending a LIST command with an overly-long argument. The attacker needs to be authenticated, so a successful login is required for the exploit to work. CVE-2005-2373 Exploits/Remote Windows
AzeoTech DAQFactory NETB Datagram Parsing Buffer Overflow Exploit A Buffer Overflow exist in DAQFactory service who listens on the UDP port 20034 when logs the informations of the incoming NETB packets. CVE-2011-3492 Exploits/Remote Windows
Mercury SMTPD CRAM-MD5 Pre-Auth Buffer Overflow Exploit Update This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 SMTP Server Module (mercurys.dll) when processing arguments to the AUTH CRAM-MD5 command. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. This update adds support for DEP (Data Execution Prevention). CVE-2007-4440 Exploits/Remote Windows
Novell eDirectory Network Request Buffer Overflow Exploit A boundary error exists in the dhost.dll component of Novell eDirectory post authentication when processing list of modules. This can be exploited to cause a stack-based buffer overflow via a specially crafted request with an overly long module name. WARNING:This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-4653 Exploits/Remote Windows
Alt-N Security Gateway Remote Buffer Overflow Exploit This module exploits a stack-based buffer overflow in the Alt-N Security Gateway by sending a specially crafted HTTP request to the TCP port 4000. CVE-2008-4193 Exploits/Remote Windows
CA XOsoft Control Service entry_point.aspx Remote Buffer Overflow Exploit This module exploits a remote buffer overflow vulnerability in the entry_point.aspx login page of CA XOsoft Control Service. CVE-2010-1223 Exploits/Remote Windows
IBM Lotus Domino Accept-Language Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the Lotus Domino HTTP server (nHTTP.exe) by sending a specially crafted GET request. CVE-2008-2240 Exploits/Remote Windows
AIX rpc.cmsd Buffer Overflow Exploit This module exploits a remote buffer overflow vulnerability on the Calendar Manager Service Daemon. CVE-2009-3699 Exploits/Remote AIX
ABB MicroSCADA Wserver Buffer Overflow Exploit This vulnerability is a buffer overflow and allows remote attackers to execute arbitrary code on vulnerable installations of ABB MicroSCADA Wserver without authentication. The specific flaw exists within the wserver.exe component which listens on TCP port 12221. This component performs insufficient bounds checking on user-supplied data which results in stack buffer ovreflow. NOCVE-9999-61094 Exploits/Remote Windows
OracleDB CSA Remote Code Execution Exploit AV Evasion Update This update updates AV evasion for OracleDB CSA Remote Code Execution Exploit module. CVE-2010-3600 Exploits/Remote Windows, Linux
Mantis Manage_proj_page Remote Code Execution Exploit Update 4 This module exploits a Remote Code Execution vulnerability in Mantis version 1.1.3 when handling the sort parameter in manage_proj_page without the proper validation that leads to a remote code execution on Mantis' Web server. This update adds support for the AIX platform. CVE-2008-4687 Exploits/Remote Solaris, Linux, Windows, AIX, Mac OS X
EMC HomeBase SSL Service Remote Code Execution Exploit This module exploits a path traversal vulnerability in the SSL service of EMC HomeBase Server. CVE-2010-0620 Exploits/Remote Windows
Simple Web Server GET Request Buffer Overflow Exploit The vulnerability is caused due to a boundary error within Simple Web Server when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. NOCVE-9999-53352 Exploits/Remote Windows
Adobe RoboHelp Server File Upload Code Execution Exploit This module exploits a remote .JSP code injection in Adobe RoboHelp Server by sending a specially crafted HTTP request to the affected service. CVE-2009-3068 Exploits/Remote Windows
MSRPC CA ARCserve Backup Command Injection Exploit Update CA BrightStor ARCserve Backup is prone to a command injection vulnerability on the RPC interface that could permit the execution of arbitrary remote code. A remote attacker can exploit this vulnerability to execute arbitrary code and completely compromise the computer. This update improves the reliability of the exploit. CVE-2008-4397 Exploits/Remote Windows
HP OpenView NNM snmpviewer CGI Buffer Overflow Exploit This module exploits a stack-based buffer overflow in the snmpviewer.exe CGI application, a component of HP OpenView Network Node Manager, by sending an HTTP request with an invalid value for the act and app parameters. CVE-2010-1552 Exploits/Remote Windows
IBM Lotus Domino IMAP Server Buffer Overflow Exploit Update This module exploits a buffer overflow vulnerability in a Lotus Domino IMAP Server and installs an agent if successful. This vulnerability can be exploited remotely and it does not require user authentication. This update adds support for Lotus Domino for windows versions 6.5, 7.0.1, 7.0.1FP1, and 7.0.2. CVE-2007-1675 Exploits/Remote Windows, AIX
PHP Charts Remote Code Execution Exploit This module exploits a vulnerability in PHP Charts 1.0. The url.php script eval()s every single GET key/value pair. Leading to code execution. NOCVE-9999-57634 Exploits/Remote none
Microsoft Windows Print Spooler Service Impersonation Exploit (MS10-061) This module exploits a vulnerability in the "Print Spooler" service. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-2729 Exploits/Remote Windows
HP Linux Imaging and Printing exploit A vulnerability has been identified in HP Linux Imaging and Printing System (HPLIP), which could be exploited by local attackers to obtain elevated privileges. This issue is caused by input validation errors in the hpssd daemon that does not validate user-supplied data before being passed to a popen3() call, which could be exploited by malicious users to inject and execute arbitrary commands with root privileges. This package include local and remote versions of the exploit. CVE-2007-5208 Exploits/Remote Linux, FreeBSD
SugarCRM Remote Code Execution Exploit Update This update adds support for Solaris and Mac OS X platforms CVE-2009-2146 Exploits/Remote Linux, Solaris, Mac OS X