Core Impact Pro Exploits and Security Updates

Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
SNMPc Trap Packet Remote Buffer Overflow Exploit This module exploits a remote buffer overflow in the SNMPc Network Manager by sending a specially crafted Trap packet with a long Community String to the UDP port 164 and installs an agent if successful. CVE-2008-2214 Exploits/Remote Windows
SAdminD Buffer Overflow Exploit Update This modules exploits a stack buffer overflow of the sadmind daemon, and installs an agent as root. This update fix an issue when the module is launched from the Network Attack and Penetration Wizard. CVE-2008-4556 Exploits/Remote Solaris
Symantec Endpoint Protection Manager Authentication Bypass Exploit This module exploit three different vulnerabilities in Symantec Endpoint Protection Manager (SEPM) in order to install an agent on a vunlerable target machine. CVE-2015-1486 allows unauthenticated attackers access to SEPM. CVE-2015-1487 allows reading and writing arbitrary files, resulting in the execution of arbitrary commands with 'NT Service\semsrv' privileges. CVE-2015-1489 allows the execution of arbitrary OS commands with 'NT Authority\SYSTEM' privileges. CVE-2015-1486 Exploits/Remote Windows
SAdminD Buffer Overflow Exploit This modules exploits a stack buffer overflow of the sadmind daemon, and installs an agent as root. CVE-2008-4556 Exploits/Remote Solaris
Oracle Web Logic IIS JSESSIONID Buffer Overflow Exploit This module exploits a vulnerability in Oracle WebLogic IIS Connector when sending a specially crafted POST message with a specially JSESSIONID cookie. CVE-2008-5457 Exploits/Remote Windows
Novell ZENworks Configuration Management Preboot Service Opcode 0x4c Buffer Overflow Exploit A buffer-overflow vulnerability exists in the PreBoot Service when processing requests containing opcode 0x4c. CVE-2011-3176 Exploits/Remote Windows
Interactive Graphical SCADA System Command Injection Exploit This module exploits a command injection vulnerability in Interactive Graphical SCADA System and install an agent into the target machine. CVE-2011-1566 Exploits/Remote Windows
Adobe ColdFusion locale Remote Code Execution Exploit An important vulnerability has been identified in ColdFusion version 8.0, 8.0.1, 9.0, 9.0.1 for Windows, Macintosh and UNIX. This directory traversal vulnerability could lead to information disclosure (CVE-2010-2861). Adobe has provided a solution for this reported vulnerability. It recomends that users update their product. CVE-2010-2861 Exploits/Remote Windows, Linux
SAP MaxDB Remote Command Injection Exploit Update This update adds the CVE number of the vulnerability to the module. CVE-2008-0244 Exploits/Remote Windows
Tivoli Storage Manager Exploit This module exploits a stack-based buffer overflow in the IBM Tivoli Storage Manager Express CAD Service 5.3. CVE-2007-4880 Exploits/Remote Windows
HP Data Protector Cell Manager Opcode 259 Remote Code Execution Exploit The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing different opcodes, the process blindly copies user supplied data into a fixed-length stack buffer. A remote attacker can abuse this to execute remote code under the context of the SYSTEM user. CVE-2013-2329 Exploits/Remote Windows
SAP Netweaver DiagTraceR3Info Remote Buffer Overflow Exploit The DiagTraceR3Info function of the disp+work.exe component of SAP Netweaver is prone to a remote buffer overflow when the work process trace level is set to values 2 or 3 for the Dialog Processor component. This vulnerability can be exploited to execute arbitrary code on the vulnerable machine by sending a specially crafted packet containing ST_R3INFO CODEPAGE items. CVE-2012-2611 Exploits/Remote Windows
AIX libtt.a rpc.ttdbserver Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the ToolTalk library libtt.a. After successful exploitation an agent running as root will be installed on the target machine. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. NOCVE-9999-38844 Exploits/Remote AIX
Apache mod_php Exploit Update 2 This update fixes an issue with the 'reuse connection' mode on Impact V7.5 CVE-2002-0081 Exploits/Remote Linux
Apache Struts 2 DefaultActionMapper redirect Remote Code Execution Exploit The DefaultActionMapper class in Apache Struts2 supports a method for short-circuit navigation state changes by prefixing parameters with "action:" or "redirect:". The information contained in these prefixes is not properly sanitized before being evaluated as OGNL expressions on the server side, which allows remote attackers to execute arbitrary Java code on the server. This module exploits the vulnerability in any web application built on top of vulnerable versions of the Apache Struts 2 framework. CVE-2013-2251 Exploits/Remote Windows, Linux, Mac OS X
Apache Struts 2 devMode OGNL Remote Code Execution Exploit Update The best practice for web applications built on top of the Apache Struts 2 framework is to switch off Developer Mode (struts.devMode parameter in the struts.xml configuration file) before going into production. When devMode is left enabled, attackers can gain remote code execution by setting the 'debug=command' URL parameter and sending OGNL expressions through the 'expression' URL parameter. This module takes advantage of this misconfiguration scenario in order to deploy an agent in the target system. This update fixes the CVE identifier associated with the vulnerability exploited by this module. CVE-2012-0394 Exploits/Remote Windows, Mac OS X, Linux
Golden FTP Server PASS Buffer Overflow Exploit This vulnerability on installations of Golden FTP Server is due to a boundary error with the handling of passwords. This can be exploited to cause a stack-based buffer overflow via the use of overly long, specially-crafted passwords passed to the affected server. CVE-2006-6576 Exploits/Remote Windows
Iconics Genesis SCADA HMI Genbroker Server Exploit The Genesis GenBroker service is listening port 38080 and is affected by integer overflow vulnerabilities while handling crafted packets in opcode 0x4b0. NOCVE-9999-47722 Exploits/Remote Windows
AlienVault Unified Security Management av-forward Deserialization of Untrusted Data Exploit This update introduces an exploit for AlienVault Unified Security Management. A vulnerability exists in the av-forward daemon running in AlienVault Unified Security Management appliances. The daemon accepts serialized Python and proceeds to deserialize it without proper validation, allowing unauthenticated arbitrary code execution. NOCVE-9999-74938 Exploits/Remote none
Microsoft Windows Media Services Remote Exploit (MS10-025) Update This module exploits a remote buffer overflow in the Microsoft Windows Media Services by sending a specially crafted packet to the 1755/TCP port. This module also works against targets with the original MS10-025 update installed. CVE-2010-0478 Exploits/Remote Windows
AT TFTP Server Long Filename Buffer Overflow Exploit Update 2 The vulnerability is caused due to a boundary error during the processing of TFTP Read/Write request packet types. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet with an overly long filename field. This update ensures that the program receives all data. This update fixes an error on Impact v12.3. CVE-2006-6184 Exploits/Remote Windows
MSRPC MSMQ Buffer Overflow exploit This module exploits a buffer overflow in the Message Queuing component of Microsoft Windows allowing remote attackers to execute arbitrary code via a crafted message and installing an agent. CVE-2005-0059 Exploits/Remote Windows
AVG Remote Administration StoreServerConfig Command Remote Code Execution Exploit The AVG Administration Server is vulnerable to arbitrary configuration settings. Due to insufficient input validation, an attacker can use the StoreServerConfig command (command id 0x27) to set the value of the ClientLibraryName parameter to a UNC path. The provided value can be a path to a network share containing a malicious .dll file. This .dll file will be executed in the context of the AVG Administration Server service which runs as SYSTEM. NOCVE-9999-64522 Exploits/Remote Windows
SAP GUI SAPLPD Multiple Command Buffer Overflow Exploit Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands. CVE-2008-0621 Exploits/Remote Windows
InduSoft Web Studio CEServer Remote Code Execution Exploit The flaw exists in the Remote Agent (CEServer.exe) that listens by default on TCP port 4322, the process can not perform any authentication and copy the packages designed to a fixed size buffer. CVE-2011-4051 Exploits/Remote Windows
IBM Lotus Domino iCalendar Organizer Buffer Overflow Exploit A stack-based buffer overflow exists in the nRouter.exe component of IBM Lotus Domino when parsing the ORGANIZER field of an iCalendar invitation. This can be exploited by a remote, unauthenticated attacker to execute arbitrary code by sending a specially crafted e-mail to the Lotus Domino SMTP server. CVE-2010-3407 Exploits/Remote Windows
SurgeMail Mail Server Exploit update This module exploits a buffer overflow in SurgeMail Mail Server and installs an agent into the target host. A buffer overflow vulnerability is located in the function which handles the real CGI executables. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to this module. This exploit perform three attempts to disable DEP in XP SP2 and Windows 2003. CVE-2008-1054 Exploits/Remote Windows
Symantec Workspace Streaming Agent XMLRPC Request putFile Method Remote Code Execution Vulnerability Exploit A vulnerability exists in the ManagementAgentServer.putFile XMLRPC call exposed by the as_agent.exe service, which allows for uploading arbitrary files under the server root. This module abuses the auto deploy feature in the JBoss as_ste.exe instance in order to achieve remote code execution. Abused services listen on a single machine deployment, and also in the backend role in a multiple machine deployment. CVE-2014-1649 Exploits/Remote Windows
SIELCO SISTEMI Winlog Malformed Packet Stack Buffer Overflow Exploit Stack-based buffer overflow in Sielco Sistemi Winlog when Run TCP/IP server is enabled, allows remote attackers to execute arbitrary code via a crafted 0x02 opcode to TCP port 46823. CVE-2011-0517 Exploits/Remote Windows
Novell GroupWise Internet Agent Remote Buffer Overflow Exploit This module exploits an off-by-one condition by sending a specially crafted RCPT verb argument to a Novell GroupWise Internet Agent. CVE-2009-0410 Exploits/Remote Windows