Core Impact Pro Exploits and Security Updates

Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
Iconics Genesis SCADA HMI Genbroker Server Exploit The Genesis GenBroker service is listening port 38080 and is affected by integer overflow vulnerabilities while handling crafted packets in opcode 0x4b0. NOCVE-9999-47722 Exploits/Remote Windows
Symantec Workspace Streaming Agent XMLRPC Request putFile Method Remote Code Execution Vulnerability Exploit A vulnerability exists in the ManagementAgentServer.putFile XMLRPC call exposed by the as_agent.exe service, which allows for uploading arbitrary files under the server root. This module abuses the auto deploy feature in the JBoss as_ste.exe instance in order to achieve remote code execution. Abused services listen on a single machine deployment, and also in the backend role in a multiple machine deployment. CVE-2014-1649 Exploits/Remote Windows
MSRPC DNS Server Exploit Update Added support for Windows 2003 Standard Edition SP0 and SP1. CVE-2007-1748 Exploits/Remote Windows
PHPMyAdmin Server_databases Remote Code Execution Exploit This module exploits a vulnerability in PHPMyAdmin. server_databases.php fails when it attemps to sanitize the sort_by parameter. It allows an attacker to inject code, and execute it on the web server with www-data privileges. CVE-2008-4096 Exploits/Remote Linux
Synce Command injection exploit update This update adds the vulnerability name to reports. CVE-2008-1136 Exploits/Remote FreeBSD, Linux
General Electric ihDataArchiver Service Remote Buffer Overflow Exploit This module exploits a remote buffer overflow vulnerability in the ihDataArchiver.exe service included in several GE SCADA applications by sending a malformed packet to the 14000/TCP port. CVE-2011-1918 Exploits/Remote Windows
HP Data Protector Cell Manager Opcode 263 Buffer Overflow Exploit The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcodes 214, 215, 216, 219, 257, and 263, the process blindly copies user supplied data into a fixed-length stack buffer. CVE-2013-6195 Exploits/Remote Windows
Easy File Sharing FTP Server PASS Buffer Overflow Exploit The vulnerability is caused due to a boundary error with the handling of passwords. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted passwords passed to the affected server. CVE-2006-3952 Exploits/Remote Windows
Golden FTP Server PASS Buffer Overflow Exploit This vulnerability on installations of Golden FTP Server is due to a boundary error with the handling of passwords. This can be exploited to cause a stack-based buffer overflow via the use of overly long, specially-crafted passwords passed to the affected server. CVE-2006-6576 Exploits/Remote Windows
AlienVault Unified Security Management av-forward Deserialization of Untrusted Data Exploit This update introduces an exploit for AlienVault Unified Security Management. A vulnerability exists in the av-forward daemon running in AlienVault Unified Security Management appliances. The daemon accepts serialized Python and proceeds to deserialize it without proper validation, allowing unauthenticated arbitrary code execution. NOCVE-9999-74938 Exploits/Remote none
AzeoTech DAQFactory NETB Datagram Parsing Buffer Overflow Exploit A Buffer Overflow exist in DAQFactory service who listens on the UDP port 20034 when logs the informations of the incoming NETB packets. CVE-2011-3492 Exploits/Remote Windows
Adobe ColdFusion APSB13-03 Remote Code Execution Exploit Adobe ColdFusion is vulnerable to a remote authentication-bypass, allowing the attacker to upload an agent and execute it. The agent may have SYSTEM privileges if ColdFusion is installed as a service in Windows. CVE-2013-0625 Exploits/Remote Windows
PureFTPd Bash Variables Injection Exploit (CVE-2014-6271) This update includes a module exploiting a vulnerability found in Bash. When using PureFTPd in conjuntion with the vulnerable Bash version for user authentication, a Core Impact agent is installed. CVE-2014-6271 Exploits/Remote Solaris, Linux
Symantec Discovery XFERWAN Buffer Overflow Exploit This module exploits a stack-based buffer overflow vulnerability in the XferWan.exe component included with Symantec Discovery 6.5. The exploit sends a specially crafted TCP packet triggering a buffer overflow and installing an agent on the target system. CVE-2007-1173 Exploits/Remote Windows
Oracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow Exploit This module exploits a vulnerability in Oracle Secure Backup when sending a specially crafted NDMP_CONNECT_CLIENT_AUTH packet. CVE-2008-5444 Exploits/Remote Windows
AVG Remote Administration StoreServerConfig Command Remote Code Execution Exploit The AVG Administration Server is vulnerable to arbitrary configuration settings. Due to insufficient input validation, an attacker can use the StoreServerConfig command (command id 0x27) to set the value of the ClientLibraryName parameter to a UNC path. The provided value can be a path to a network share containing a malicious .dll file. This .dll file will be executed in the context of the AVG Administration Server service which runs as SYSTEM. NOCVE-9999-64522 Exploits/Remote Windows
ActiveMQ STOMP Protocol Unsafe Deserialization Exploit JMS Object messages within Apache ActiveMQ depend on Java Serialization for marshaling/unmashaling of the message payload. This lead to execution of untrusted code when a specially crafted object is received. This update introduces an exploit that will attempt to connect using the STOMP protocol and abuse the vulnerability to execute a Core Impact agent in the vulnerable system. CVE-2015-5254 Exploits/Remote Windows, Linux
Novell ZENworks Asset Management Remote Code Execution Exploit This module exploits a path traversal vulnerability in Novell ZENworks Asset Management. The specific flaw exists within a servlet provided within the Novell Zenworks distribution for uploading files. When processing the path name for the file, the servlet will allow a user to inject path traversal entities into the filename. Then, when the servlet downloads the provided file, the destination will store it to the user-provided location. CVE-2010-4229 Exploits/Remote Windows
OpenSSL TLS Heartbeat Read Overrun Memory Disclosure Exploit Update A missing boundary check in the TLS Heartbeat extension in OpenSSL can be abused by remote attackers to read up to 64 kb of memory from the server. This memory disclosure vulnerability can be used by remote unauthenticated attackers to obtain sensitive information from the affected server, including private keys and session cookies. This update adds features to the module, like the ability to read 64 kb of data from vulnerable services, reporting the results in the Module Output window, and saving the memory dumps to disk. It also improves the compatibility with OpenSSL services and adds support for FTPS. CVE-2014-0160 Exploits/Remote Linux
MailEnable IMAPD W3C Logging Buffer Overflow Exploit This module exploits a buffer overflow in the W3C logging for MailEnable Enterprise 1.1 allows remote attackers to execute arbitrary code. CVE-2005-3155 Exploits/Remote Windows
MSRPC Microsoft Host Integration Remote Command Execution Exploit (MS08-059) This module exploits a remote command injection in the SNA RPC service included in Microsoft Host Integration Server. A remote attacker can exploit this vulnerability to execute arbitrary code and completely compromise the computer. CVE-2008-3466 Exploits/Remote none
SAdminD Buffer Overflow Exploit Update This modules exploits a stack buffer overflow of the sadmind daemon, and installs an agent as root. This update fix an issue when the module is launched from the Network Attack and Penetration Wizard. CVE-2008-4556 Exploits/Remote Solaris
SIELCO SISTEMI Winlog Malformed Packet Stack Buffer Overflow Exploit Stack-based buffer overflow in Sielco Sistemi Winlog when Run TCP/IP server is enabled, allows remote attackers to execute arbitrary code via a crafted 0x02 opcode to TCP port 46823. CVE-2011-0517 Exploits/Remote Windows
Novell ZENworks Configuration Management Preboot Service Opcode 0x4c Buffer Overflow Exploit A buffer-overflow vulnerability exists in the PreBoot Service when processing requests containing opcode 0x4c. CVE-2011-3176 Exploits/Remote Windows
MS SMB 2.0 Negociate Protocol Request Remote Exploit Update 3 This module exploits a vulnerability in srv2.sys via a SMB 2 malformed packet. This Update adds support for attacking over IPv6 and additional support for Windows Server 2008 CVE-2009-3103 Exploits/Remote Windows
Interactive Graphical SCADA System Command Injection Exploit This module exploits a command injection vulnerability in Interactive Graphical SCADA System and install an agent into the target machine. CVE-2011-1566 Exploits/Remote Windows
SNMPc Trap Packet Remote Buffer Overflow Exploit This module exploits a remote buffer overflow in the SNMPc Network Manager by sending a specially crafted Trap packet with a long Community String to the UDP port 164 and installs an agent if successful. CVE-2008-2214 Exploits/Remote Windows
Microsoft SQL Server sp_replwritetovarbin Remote Heap Overflow Exploit Update This module exploits a heap-based buffer overflow in the Microsoft SQL Server by sending a specially crafted SQL query. This update adds support for executestatement() functionality within the WebApps vector. It has two uses: One as a Remote Exploit which needs authentication, and another as an SQL Injection Agent installer module, which needs an SQL Agent as a target. CVE-2008-5416 Exploits/Remote Windows
HP Performance Insight helpmanager Servlet Remote Code Execution Exploit This module exploits an insufficient input validation and authentication error to upload and execute an arbitrary .JSP file in HP Performance Insight. CVE-2010-0447 Exploits/Remote Windows
Apache Tomcat buffer overflow exploit update This module exploits a buffer overflow vulnerability in the Apache Tomcat JK Web Server Connector and installs an agent. An attacker can use an overly long URL to trigger a buffer overflow in the URL work map routine (map_uri_to_worker()) in the mod_jk.so library, resulting in the compromise of the target system. This package improves the reliability of the exploit. CVE-2007-0774 Exploits/Remote Linux