Core Impact Pro Exploits and Security Updates

Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Titlesort descending Description Vulnerabilty Category Platform
Tomcat Deploy Manager Default Account Code Execution Exploit Update This update enhaces the functionality of this module. CVE-2009-3548 Exploits/Remote Windows
Tomcat orderby Cross Site Scripting Exploit The session list screen (provided by sessionList.jsp) in affected versions uses the orderBy and sort request parameters without applying filtering and therefore is vulnerable to a cross-site scripting attack. Users should be aware that Tomcat 6 does not use httpOnly for session cookies by default so this vulnerability could expose session cookies from the manager application to an attacker. CVE-2010-4172 Exploits/Cross Site Scripting (XSS)/Known Vulnerabilities none
Total Video Player M3U Playlist Buffer Overflow Exploit Total Video Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Total Video Player when handling .M3U files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .M3U file CVE-2007-0949 Exploits/Client Side Windows
TP-Link Camera servetest Command Injection Exploit This module exploits an OS command injection vulnerability in the /cgi-bin/admin/servetest file of several TP-Link surveillance cameras. This vulnerability allows remote authenticated users to execute arbitrary commands on affected cameras. CVE-2013-2578 Exploits/Remote none
TP-Link Camera Unauthenticated Remote Firmware Upgrade Exploit The /cgi-bin/firmwareupgrade file in TP-Link IP cameras allows remote unauthenticated attackers to perform firmware upgrades. This module tries to verify if the vulnerability is present in the target device without actually upgrading its firmware. CVE-2013-2581 Exploits/Remote none
TP-Link Camera uploadfile Unauthenticated File Upload Exploit This module exploits an unauthenticated file upload vulnerability on TP-Link IP cameras. Due to improper access restrictions, it is possible for a remote unauthenticated attacker to upload an arbitrary file to the /mnt/mtd directory on the camera by issuing a POST request against the file /cgi-bin/uploadfile. CVE-2013-2580 Exploits/Remote none
Traq Command Injection Exploit Traq is vulnerable to an authentication bypass vulnerability, this module exploits this vulnerability in order to install a plugin hook to ultimately install an agent in the target host. NOCVE-9999-50813 Exploits/Remote Windows, Solaris, Linux, Mac OS X
Trend Micro Control Manager CmdProcessor.exe AddTask Remote Buffer Overflow Exploit The CmdProcessor.exe service of Trend Micro Control Manager is prone to a stack-based buffer overflow, which can be exploited by remote unauthenticated attackers to execute arbitrary code by sending a specially crafted IPC packet to the vulnerable service. CVE-2011-5001 Exploits/Remote Windows
Trend Micro Internet Security Pro 2010 extSetOwner() ActiveX Exploit Remote code execution vulnerability in Trend Micro Internet Security Pro 2010 ActiveX when sending an invalid pointer to the extSetOwner() function of UfPBCtrl.dll. CVE-2010-3189 Exploits/Client Side Windows
Trend Micro InterScan Web Security Suite Privilege Escalation Exploit This module exploits a local vulnerability in Trend Micro IWSS to gain elevated privileges on the affected computer. NOCVE-9999-50131 Exploits/Local Solaris, Linux
Trend Micro InterScan Web Security Virtual Appliance testConfiguration OS Command Injection Exploit Trend Micro InterScan Web Security Virtual Appliance is prone to an OS command injection vulnerability when handling HTTP requests for the /rest/testConfiguration resource. This vulnerability can be leveraged by a remote, unauthenticated attacker to execute arbitrary code on the vulnerable server. NOCVE-9999-74988 Exploits/Remote Linux
Trend Micro OfficeScan Buffer Overflow Exploit The vulnerability is caused due to a boundary error within Trend Micro OfficeScan Corporate Edition when processing passwords with cgiChkMasterPwd.exe vulnerable module. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to this module. CVE-2008-1365 Exploits/Remote Windows
Trend Micro Titanium Maximum Security TMTDI.SYS Privilege Escalation Exploit This module exploits a privilege escalation vulnerability in Trend Micro Titanium Maximum Security tmtdi.sys driver. The vulnerable driver trusts a dword passed from user mode via IOCTL 0x220404, and interprets it as a function pointer without performing validations. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges. NOCVE-9999-45910 Exploits/Local Windows
Trend Micro TMTDI.SYS Privilege Escalation Exploit Update This module exploits a privilege escalation vulnerability in the tmtdi.sys driver of Trend Micro Titanium Maximum Security and OfficeScan products. The vulnerable driver trusts a dword passed from user mode via IOCTL 0x220404, and interprets it as a function pointer without performing validations. This vulnerability allows unprivileged local users to execute code with SYSTEM privileges. This update adds support for the Trend Micro OfficeScan product, as well as support for Windows Server 2003 and Windows Server 2008 platforms. NOCVE-9999-45910 Exploits/Local Windows
TrendMicro node.js HTTP Server Remote Code Execution Exploit The Password Manager component installed by various Trend Micro products runs a Node.js HTTP server by default. This web server opens multiple HTTP RPC ports for handling API requests. For example, the openUrlInDefaultBrowser API function, which internally maps to a ShellExecute function call, allows and attacker to execute arbitrary commands on localhost without the need of any type of credentials. NOCVE-9999-74958 Exploits/Client Side Windows
TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow Exploit A vulnerability exists in TRENDnet SecurView Internet Camera's ActiveX control that can be exploited by sending a long string of data to the OpenFileDlg() function. NOCVE-9999-51950 Exploits/Client Side Windows
Trihedral VTScada Integer Overflow DoS This module exploits a Integer Overflow vulnerability in the HTTP Server by sending a malformed packet to the 80/TCP port to crash the application. CVE-2014-9192 Denial of Service/Remote Windows
Triologic Player M3U Unicode SEH Buffer Overflow Exploit Triologic Media Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Triologic Player when handling misleading m3u files. This situation leads to a buffer overflow and allows an attacker to overwrite an SEH Pointer and get control of execution. This is an UNICODE overflow so special shellcode must be considered. This vulnerability can be exploited via a specially crafted .m3u file. CVE-2009-0266 Exploits/Client Side Windows
TrueCrypt Privilege Escalation Exploit This module exploits a vulnerability in TrueCrypt 4.x when the software is installed with setuid root. An attacker can exploit this vulnerability to obtain root privileges. This exploit mounts a temporary, especially crafted TrueCrypt volume in the /lib/tls directory and executes a setuid application to bypass security controls and execute an agent as root. CVE-2007-1738 Exploits/Local Linux
TUGZip ZIP File Buffer Overflow Exploit TUGZip is vulnerable to a stack buffer overflow due to improper parsing of the filename parameter within zip file if an overly long filename is provided. CVE-2008-4779 Exploits/Client Side Windows
TuneUp Utilities wscapi DLL Hijacking Exploit TuneUp Utilities is prone to a vulnerability that may allow execution of wscapi.dll if this dll is located in the same folder than a .TVS file. The attacker must entice a victim into opening a specially crafted .TVS file. This file and the associated binary may be delivered to a user through remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code. NOCVE-9999-46893 Exploits/Client Side Windows
TurboFTP Server PORT Command Buffer Overflow Exploit TurboFTP Server is prone to a buffer-overflow when processing a malformed PORT command. NOCVE-9999-54992 Exploits/Remote Windows
TweakFS Zip Utility Buffer Overflow Exploit The vulnerability is caused due to a boundary error when processing archives containing an entry with an overly long name. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted .ZIP file. CVE-2010-1458 Exploits/Client Side Windows
TwonkyMedia Server Error Page Cross Site Scripting Exploit Input passed via the URL is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. This update lists the module in Impact's WebApp view. NOCVE-9999-40659 Exploits/Cross Site Scripting (XSS)/Known Vulnerabilities none
TYPSoft FTP Server RETR DoS This module shuts down the TYPSoft FTP Server because it fails to properly handle user-supplied malformed packets using for login the Anonymous user provided by default for the program CVE-2005-3294 Denial of Service/Remote Windows
Ubuntu 5.10 Password Recovery Escalation Exploit The Ubuntu 5.10 installer does not properly clear passwords from the installer log file (questions.dat), and leaves the log file with world-readable permissions, which allows local users to gain privileges CVE-2006-1183 Exploits/Local Linux
Ubuntu Linux USBCreator D-Bus Service KVMTest Privilege Escalation Exploit The KVMTest method in the com.ubuntu.USBCreator D-Bus service in Ubuntu Linux can invoke the kvm binary with root privileges using an arbitrary environment provided by an unprivileged user. This flaw can be leveraged by a local unprivileged attacker to gain root privileges. NOCVE-9999-71867 Exploits/Local Linux
Ultr@VNC Server Error Logging DoS The logging function used by the Ultr@VNC server is affected by a limited buffer-overflow caused by two strcat calls which add a Windows error message to the output buffer causing the server to crash and stop responding to further connections. CVE-2006-1652 Denial of Service/Remote Windows
Ultra Mini HTTPD Stack Buffer Overflow Exploit The vulnerability is caused due to a boundary error within Mini HTTPD when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Arbitrary code can be directly executed by overwriting a return address. NOCVE-9999-58901 Exploits/Remote Windows
Ultra Mini HTTPD Stack Buffer Overflow Exploit Update The vulnerability is caused due to a boundary error within Mini HTTPD when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Arbitrary code can be directly executed by overwriting a return address. This update only adds CVE Number. CVE-2013-5019 Exploits/Remote Windows