Core Impact Security and Penetration Testing Updates

Core Impact Threat Intelligence Exploits, Security and Penetration Testing Updates

When you buy Core Impact, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
Apache Struts includeParams Remote Code Execution Exploit Apache Struts 2 before 2.3.14.1 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. This module leverages the vulnerability to install an agent in vulnerable installation. CVE-2013-1966 Exploits/Remote Windows, Linux
MSRPC CA BrightStor ARCserve Backup ReportRemoteExecuteCML Buffer Overflow Exploit CA BrightStor ARCserve Backup is prone to a stack based buffer overflow vulnerability on the RPC interface that could permit the execution of arbitrary remote code. A remote attacker can exploit this vulnerability to execute arbitrary code and completely compromise the computer. CVE-2008-4397 Exploits/Remote Windows
MayGion IP Camera Path Traversal Vulnerability Exploit This module attempts to determine if a MayGion IP Camera is prone to a path-traversal vulnerability. If the camera it's vulnerable, the vulnerability will be used to dump the camera's memory and try to extract admin user credentials from it. CVE-2013-1604 Exploits/Remote none
Mercury SMTPD CRAM-MD5 Pre-Auth Buffer Overflow Exploit This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing the Mercury Mail Transport System. The vulnerability is caused due to a boundary error within Mercury/32 SMTP Server Module (mercurys.dll) when processing arguments to the AUTH CRAM-MD5 command. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Authentication is not required to exploit this vulnerability. CVE-2007-4440 Exploits/Remote Windows
HP Data Protector Cell Manager Opcode 211 Buffer Overflow Exploit A buffer overflow vulnerability in crs.exe when handling requests with opcode 211. CVE-2013-2333 Exploits/Remote Windows
Disk Sorter Enterprise Login Buffer Overflow Exploit Disk Savvy server is prone to a buffer-overflow vulnerability when handling a crafted GET request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges. NOCVE-9999-84592 Exploits/Remote Windows
PHPMyAdmin Setup Config Remote Code Execution Exploit Update This update adds support for Solaris and Mac OS X platforms. CVE-2009-1151 Exploits/Remote Solaris, Linux, Mac OS X
mDNSResponder buffer overflow exploit Update This module exploits a buffer overflow vulnerability in the mDNSResponder service running on certain versions of Apple Mac OS X. The vulnerability is exploited remotely by sending a specially crafted UPnP Internet Gateway Device (IGD) packet and installing an agent. This update adds port parameter. CVE-2007-2386 Exploits/Remote Mac OS X
VERITAS NetBackup BPJava Exploit update NetBackup Java user-interface is affected by a remote format string vulnerability. An attacker can exploit this vulnerability by crafting a malicious request that contains format specifiers. This module exploits this vulnerability and installs an agent. This update adds support for Linux. CVE-2005-2715 Exploits/Remote Windows, Linux
Advantech WebAccess webvrpcs Service BwWebSvc ProjectName sprintf Buffer Overflow Exploit The specific flaw exists within the implementation of the 0x13C83 IOCTL in the BwOpcTool subsystem. A stack-based buffer overflow vulnerability exists in a call to memcpy using the ProjectName parameter. An attacker can use this vulnerability to execute arbitrary code in the context of an administrator of the system. NOCVE-9999-74956 Exploits/Remote Windows
MSRPC RRAS Exploit Update This module exploits a stack-based buffer overflow in the Windows Routing and Remote Access Service. This update fixes an issue in the agent connector. CVE-2006-2370 Exploits/Remote Windows
Microsoft Windows Group Policy Remote Code Execution Vulnerability Exploit (MS15-011) This module exploits, via a "Man In The Middle" attack, a security flaw in the Domain Controller policies downloaded by clients during the logging process CVE-2015-0008 Exploits/Remote Windows
Conficker Detector Exploit Update This module connects to a remote target via any exposed DCE RPC endpoints and fingerprints them to determine if the machine appears to be compromised by the Conficker worm. This update adds RPT capabilities. NOCVE-9999-37300 Exploits/Remote Windows
Openfiler Remote Code Execution Exploit Update Insufficient sanitization in Openfile's /admin/system.html 'Hostname' field, leads to remote code execution. This update fixes the exploit category. NOCVE-9999-65590 Exploits/Remote Linux
Netmechanica NetDecision HTTP Server Buffer Overflow Exploit A buffer overflow in NetDecision's HTTP service is exploited when a long URL is managed by the HTTP Server's active window. For successfull exploitation, the victim need to have the HttpSvr's window open. CVE-2012-1465 Exploits/Remote Windows
Distcc Remote Code Execution Exploit Distcc, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks. This module exploits the vulnerability to install an agent. CVE-2004-2687 Exploits/Remote Solaris, AIX, Linux
Sun Java Web Start JNLP Stack Buffer Overflow Exploit This module exploits a stack-based buffer overflow vulnerability in the javaws.exe program and deploys an agent when successful. The exploit triggers a vulnerability in the Java Runtime Environment allowing an attacker to execute arbitrary code on the remote machine. CVE-2007-3655 Exploits/Remote Windows
e107 Install Script Command Injection Exploit Update This update appends support for solaris and Mac OS X. CVE-2011-1513 Exploits/Remote Windows, Solaris, Linux, Mac OS X
Symantec AMS Intel Handler Service Command Injection Exploit This module exploits command injection vulnerability in Symantec AMS Intel Handler Service and install an agent into the target machine. CVE-2010-0110 Exploits/Remote Windows
Usermin Email Signature Command Injection Exploit The Usermin Control Panel is vulnerable to command injection due to the function get_signature in usermin/mailbox/mailbox-lib.pl, which calls open() without any prior validation. This vulnerability allows authenticated users to execute arbitrary code on the affected Usermin versions. CVE-2015-2079 Exploits/Remote Solaris, Linux
HP OpenView NNM nnmRptConfig CGI Buffer Overflow Exploit This module exploits a stack-based buffer overflow in the nnmRptConfig.exe CGI application, a component of HP OpenView Network Node Manager, by sending a specially crafted packet. CVE-2011-0268 Exploits/Remote Windows
DATAC RealWin SCADA Server Remote Stack Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in RealWin SCADA Server. This vulnerability can be exploited remotely by sending a specially crafted packet to port TCP/910. CVE-2008-4322 Exploits/Remote Windows
Improvements to Bash Environment Variable Injection Exploits This update add verification for CVE-2014-6278 to all available attack vectors. CVE-2014-6271 Exploits/Remote Solaris, Linux
CA BrightStor ARCserve Backup LGServer Service Exploit This module exploits a buffer overflow vulnerability in the LGServer Service (LGServer.exe) component of CA BrightStor ARCserve Backup for Laptops and Desktops and installs an agent if successful. This vulnerability can be exploited remotely by sending a specially crafted packet to port TCP/1900. CVE-2008-1328 Exploits/Remote Windows
OpenSSL TLS Heartbeat Read Overrun Memory Disclosure Exploit Update A missing boundary check in the TLS Heartbeat extension in OpenSSL can be abused by remote attackers to read up to 64 kb of memory from the server. This memory disclosure vulnerability can be used by remote unauthenticated attackers to obtain sensitive information from the affected server, including private keys and session cookies. This update adds features to the module, like the ability to read 64 kb of data from vulnerable services, reporting the results in the Module Output window, and saving the memory dumps to disk. It also improves the compatibility with OpenSSL services and adds support for FTPS. CVE-2014-0160 Exploits/Remote Linux
MSRPC DNS Server Exploit Update Added support for Windows 2003 Standard Edition SP0 and SP1. CVE-2007-1748 Exploits/Remote Windows
PhpMyAdmin Unserialize Remote Code Execution Exploit Update phpMyAdmin is vulnerable to a remote code execution due the use of the unserialize method on user supplied data. This data is written in the config file and is accessible from the internet by default. This update adds support for Solaris and Mac OS X. CVE-2009-4605 Exploits/Remote Windows, Solaris, Linux, Mac OS X
3S CoDeSys Gateway Server Arbitrary File Upload Exploit 3S Codesys Gateway Server is prone to a directory traversal vulnerability that allows arbitrary file creation. CVE-2012-4705 Exploits/Remote Windows
IBM Informix librpc Remote Buffer Overflow Exploit This module exploits a remote buffer overflow in the RPC protocol parsing library (librpc.dll) included on IBM Informix Dynamic Server by sending a specially crafted authentication packet to the 36890/TCP port. CVE-2009-2753 Exploits/Remote Windows
SquirrelMail map_yp_alias Command Injection Exploit Update The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. This module works if map:map_yp_alias is set as the imap server address in config.php, which is not the default setting. This update improves os detection and adds runtime cost. CVE-2009-1579 Exploits/Remote Solaris, AIX, Linux