Core Impact Pro Exploits and Security Updates

Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
PHPMyAdmin Server_databases Remote Code Execution Exploit This module exploits a vulnerability in PHPMyAdmin. server_databases.php fails when it attemps to sanitize the sort_by parameter. It allows an attacker to inject code, and execute it on the web server with www-data privileges. CVE-2008-4096 Exploits/Remote Linux
IBM Lotus Domino LDAP ModifyRequest Add Exploit The specific flaw exists within LDAP handling functionality which listens by default on TCP port 389. The vulnerable code blindly copies attacker supplied data from a specially formatted LDAP ModifyRequest packet to a fixed length stack buffer. CVE-2015-0117 Exploits/Remote Windows
Easy File Sharing FTP Server PASS Buffer Overflow Exploit The vulnerability is caused due to a boundary error with the handling of passwords. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted passwords passed to the affected server. CVE-2006-3952 Exploits/Remote Windows
Microsoft Office SharePoint Server 2007 Document Conversions Exploit Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082 CVE-2010-3964 Exploits/Remote Windows
SAP Netweaver DiagTraceR3Info Remote Buffer Overflow Exploit The DiagTraceR3Info function of the disp+work.exe component of SAP Netweaver is prone to a remote buffer overflow when the work process trace level is set to values 2 or 3 for the Dialog Processor component. This vulnerability can be exploited to execute arbitrary code on the vulnerable machine by sending a specially crafted packet containing ST_R3INFO CODEPAGE items. CVE-2012-2611 Exploits/Remote Windows
Apache mod_php Exploit Update 2 This update fixes an issue with the 'reuse connection' mode on Impact V7.5 CVE-2002-0081 Exploits/Remote Linux
HP Data Protector Cell Manager Opcode 259 Remote Code Execution Exploit The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing different opcodes, the process blindly copies user supplied data into a fixed-length stack buffer. A remote attacker can abuse this to execute remote code under the context of the SYSTEM user. CVE-2013-2329 Exploits/Remote Windows
AIX rpc.cmsd Buffer Overflow Exploit This module exploits a remote buffer overflow vulnerability on the Calendar Manager Service Daemon. CVE-2009-3699 Exploits/Remote AIX
Jenkins XStream Java Library Deserialization Vulnerability Remote Code Execution Exploit Jenkins is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution. There are several API endpoints that allow low-privilege users to POST XML files that then get deserialized by Jenkins. Maliciously crafted XML files sent to these API endpoints could result in arbitrary code execution. CVE-2016-0792 Exploits/Remote Windows, Linux
RealVNC 4.1.1 Authentication Exploit This exploit simulates a RealVNC client and establishes a connection with a Real VNC server without using a password. After that, it opens a console, writes the exploit and executes it in ntsd.exe CVE-2006-2369 Exploits/Remote Windows
AT TFTP Server Long Filename Buffer Overflow Exploit Update 2 The vulnerability is caused due to a boundary error during the processing of TFTP Read/Write request packet types. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet with an overly long filename field. This update ensures that the program receives all data. This update fixes an error on Impact v12.3. CVE-2006-6184 Exploits/Remote Windows
InduSoft Web Studio CEServer Remote Code Execution Exploit The flaw exists in the Remote Agent (CEServer.exe) that listens by default on TCP port 4322, the process can not perform any authentication and copy the packages designed to a fixed size buffer. CVE-2011-4051 Exploits/Remote Windows
Apache Struts 2 DefaultActionMapper redirect Remote Code Execution Exploit The DefaultActionMapper class in Apache Struts2 supports a method for short-circuit navigation state changes by prefixing parameters with "action:" or "redirect:". The information contained in these prefixes is not properly sanitized before being evaluated as OGNL expressions on the server side, which allows remote attackers to execute arbitrary Java code on the server. This module exploits the vulnerability in any web application built on top of vulnerable versions of the Apache Struts 2 framework. CVE-2013-2251 Exploits/Remote Windows, Linux, Mac OS X
SurgeMail Mail Server Exploit update This module exploits a buffer overflow in SurgeMail Mail Server and installs an agent into the target host. A buffer overflow vulnerability is located in the function which handles the real CGI executables. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to this module. This exploit perform three attempts to disable DEP in XP SP2 and Windows 2003. CVE-2008-1054 Exploits/Remote Windows
Golden FTP Server PASS Buffer Overflow Exploit This vulnerability on installations of Golden FTP Server is due to a boundary error with the handling of passwords. This can be exploited to cause a stack-based buffer overflow via the use of overly long, specially-crafted passwords passed to the affected server. CVE-2006-6576 Exploits/Remote Windows
IBM Informix librpc Remote Buffer Overflow Exploit This module exploits a remote buffer overflow in the RPC protocol parsing library (librpc.dll) included on IBM Informix Dynamic Server by sending a specially crafted authentication packet to the 36890/TCP port. CVE-2009-2753 Exploits/Remote Windows
Apache Struts 2 devMode OGNL Remote Code Execution Exploit Update The best practice for web applications built on top of the Apache Struts 2 framework is to switch off Developer Mode (struts.devMode parameter in the struts.xml configuration file) before going into production. When devMode is left enabled, attackers can gain remote code execution by setting the 'debug=command' URL parameter and sending OGNL expressions through the 'expression' URL parameter. This module takes advantage of this misconfiguration scenario in order to deploy an agent in the target system. This update fixes the CVE identifier associated with the vulnerability exploited by this module. CVE-2012-0394 Exploits/Remote Windows, Mac OS X, Linux
Symantec Endpoint Protection Manager Authentication Bypass Exploit This module exploit three different vulnerabilities in Symantec Endpoint Protection Manager (SEPM) in order to install an agent on a vunlerable target machine. CVE-2015-1486 allows unauthenticated attackers access to SEPM. CVE-2015-1487 allows reading and writing arbitrary files, resulting in the execution of arbitrary commands with 'NT Service\semsrv' privileges. CVE-2015-1489 allows the execution of arbitrary OS commands with 'NT Authority\SYSTEM' privileges. CVE-2015-1486 Exploits/Remote Windows
SAdminD Buffer Overflow Exploit This modules exploits a stack buffer overflow of the sadmind daemon, and installs an agent as root. CVE-2008-4556 Exploits/Remote Solaris
Oracle Web Logic IIS JSESSIONID Buffer Overflow Exploit This module exploits a vulnerability in Oracle WebLogic IIS Connector when sending a specially crafted POST message with a specially JSESSIONID cookie. CVE-2008-5457 Exploits/Remote Windows
Iconics Genesis SCADA HMI Genbroker Server Exploit The Genesis GenBroker service is listening port 38080 and is affected by integer overflow vulnerabilities while handling crafted packets in opcode 0x4b0. NOCVE-9999-47722 Exploits/Remote Windows
CA BrightStor ARCserve Backup Media Server Exploit Update This module exploits a buffer overflow in the handling of RPC data in the Computer Associates BrightStor ARCServe Backup Media Server service (mediasvr.exe) which is a component of BrightStor ARCserve Backup Tape Engine. This update adds support for Windows 2003 SP1 and SP2, Windows Vista SP1 and Windows XP SP3. CVE-2007-1785 Exploits/Remote Windows
General Electric ihDataArchiver Service Remote Buffer Overflow Exploit This module exploits a remote buffer overflow vulnerability in the ihDataArchiver.exe service included in several GE SCADA applications by sending a malformed packet to the 14000/TCP port. CVE-2011-1918 Exploits/Remote Windows
Adobe ColdFusion locale Remote Code Execution Exploit An important vulnerability has been identified in ColdFusion version 8.0, 8.0.1, 9.0, 9.0.1 for Windows, Macintosh and UNIX. This directory traversal vulnerability could lead to information disclosure (CVE-2010-2861). Adobe has provided a solution for this reported vulnerability. It recomends that users update their product. CVE-2010-2861 Exploits/Remote Windows, Linux
SIELCO SISTEMI Winlog Malformed Packet Stack Buffer Overflow Exploit Stack-based buffer overflow in Sielco Sistemi Winlog when Run TCP/IP server is enabled, allows remote attackers to execute arbitrary code via a crafted 0x02 opcode to TCP port 46823. CVE-2011-0517 Exploits/Remote Windows
Symantec Workspace Streaming Agent XMLRPC Request putFile Method Remote Code Execution Vulnerability Exploit A vulnerability exists in the ManagementAgentServer.putFile XMLRPC call exposed by the as_agent.exe service, which allows for uploading arbitrary files under the server root. This module abuses the auto deploy feature in the JBoss as_ste.exe instance in order to achieve remote code execution. Abused services listen on a single machine deployment, and also in the backend role in a multiple machine deployment. CVE-2014-1649 Exploits/Remote Windows
MSRPC MSMQ Buffer Overflow exploit This module exploits a buffer overflow in the Message Queuing component of Microsoft Windows allowing remote attackers to execute arbitrary code via a crafted message and installing an agent. CVE-2005-0059 Exploits/Remote Windows
HP Data Protector Cell Manager Opcode 263 Buffer Overflow Exploit The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcodes 214, 215, 216, 219, 257, and 263, the process blindly copies user supplied data into a fixed-length stack buffer. CVE-2013-6195 Exploits/Remote Windows
AIX libtt.a rpc.ttdbserver Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the ToolTalk library libtt.a. After successful exploitation an agent running as root will be installed on the target machine. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. NOCVE-9999-38844 Exploits/Remote AIX
AzeoTech DAQFactory NETB Datagram Parsing Buffer Overflow Exploit A Buffer Overflow exist in DAQFactory service who listens on the UDP port 20034 when logs the informations of the incoming NETB packets. CVE-2011-3492 Exploits/Remote Windows