Core Impact Pro Exploits and Security Updates

Core Impact Pro Exploits and Security Updates

When you buy Core Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact Pro keeps you there.

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort ascending Platform
PHP Hash Table Collisions DoS Update This module sends HTTP requests with specially crafted data making the PHP interpreter to consume lot of resources. This attack prevents the victim server from processing requests from legitimate clients and probably will make the server non-operational. This is update fixes an issue when launching the module from an agent running in a linux system. CVE-2011-4885 Denial of Service/Remote Solaris, AIX, Windows, Linux, OpenBSD, FreeBSD
Microsoft Windows Remote Desktop Protocol DoS (MS12-020) Update This update fixes the failure when running this module on multiple systems. CVE-2012-0002 Denial of Service/Remote Windows
Microsoft Windows Active Directory Remote DoS (MS09-066) This module exploits an error in the Windows Active Directory implementation by sending a specially crafted LDAP request to crash the lsass.exe process, leading to the reboot of the target machine. CVE-2009-1928 Denial of Service/Remote Windows
Microsoft Windows DNS Resolution Remote DoS (MS11-030) This module exploits a memory corruption in the DNS Client Service by sending a specially crafted LLMNR broadcast query to crash the service. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2011-0657 Denial of Service/Remote Windows
Microsoft Firewall Remote DoS This module exploits a vulnerability in the Microsoft Windows NAT Helper Component (ipnathlp.dll) when Internet Connection Sharing is enabled, sending a specially crafted DNS query. CVE-2006-5614 Denial of Service/Remote Windows
Asterisk HTTP Digest DoS This module triggers a stack corruption vulnerability in Asterisk by sending a malformed packet to the 8088/TCP port. CVE-2012-1184 Denial of Service/Remote Solaris, Linux
Microsoft Windows TCP TimeStamp Option Vulnerability DoS (MS14-031) This module exploits a vulnerability in "tcpip.sys" by sending a large number of TCP packets with the Time Stamp option enabled. CVE-2014-1811 Denial of Service/Remote Windows
Microsoft Windows Remote Desktop Protocol DoS (MS12-036) This modules exploits a kernel vulnerability in Microsoft Remote Desktop server by sending a sequence of specially crafted RDP packets to the target system. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2012-0173 Denial of Service/Remote Windows
MSRPC WKSSVC NetrGetJoinInformation Heap Corruption DoS (MS09-041) This module exploits an improperly memory free by sending a specially crafted RPC packet to cause a DoS condition on the target machine. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2009-1544 Denial of Service/Remote Windows
NVIDIA RealityServer Web Services RTMP Server DoS This module exploits a NULL pointer dereference in NVIDIA Reality Server Software, when a crafted package is send to port 1935. NOCVE-9999-48568 Denial of Service/Remote Windows
Microsoft Windows Schannel Heap Overflow DoS (MS14-066) Update This module exploits a vulnerability in "schannel.dll" by sending a crafted certificate packet to the "Internet Information Services" server via TLS protocol producing a heap overflow in the critical LSASS Windows process. This update reduces the time of the target exploitation. Besides, all targets supported are added in the documentation. CVE-2014-6321 Denial of Service/Remote Windows
Inetserv POP3 Server RETR DoS Inetserv shuts down the POP3 Server because it fails to properly handle user-supplied malformed RETR packets. NOCVE-9999-47321 Denial of Service/Remote Windows
Wireshark DRDA Dissector DoS The DRDA protocol dissector in Wireshark can enter an infinite loop when processing an specially crafted DRDA packet with the iLength field set to 0, causing Wireshark to stop responding. CVE-2012-3548 Denial of Service/Remote Windows, Linux
XM Easy Personal FTP Server DoS XM Easy Personal FTP Server is prone to multiple remote denial-of- service vulnerabilities because it fails to properly handle user-supplied input. CVE-2006-2225 Denial of Service/Remote Windows
WireShark SNMP Dissector DoS This module exploits a vulnerability in the WireShark SNMP dissector, sending a specially crafted SNMP packet, causing WireShark to crash. CVE-2008-1071 Denial of Service/Remote Windows
Squid Web Proxy Cache HTTP Version Number DoS This module sends HTTP requests that causes the Squid Web Proxy to stop running. NOCVE-9999-35968 Denial of Service/Remote Linux
PHP Hash Table Collisions DoS This module sends HTTP requests with specially crafted data making the PHP interpreter to consume lot of resources. This attack prevents the victim server from processing requests from legitimate clients and probably will make the server non-operational. This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2011-4885 Denial of Service/Remote Solaris, AIX, Windows, Linux, OpenBSD, FreeBSD
Microsoft IIS FastCGI HTTP Header Remote DoS (MS10-065) This module exploits a memory corruption in Microsoft Internet Information Server by sending a specially crafted HTTP request. CVE-2010-2730 Denial of Service/Remote Windows
OpenBSD PF IP ICMPV6 Remote DoS Update OpenBSD's PF is prone to a remote denial-of-service vulnerability. Exploiting this issue allows remote attackers to cause a kernel panic on affected computers, denying further service to legitimate users. This update improves reliability in Impact 10. CVE-2009-0687 Denial of Service/Remote OpenBSD
ISC BIND Dynamic Update Message DoS Exploit A vulnerability has been identified in ISC BIND, which could be exploited by remote attackers to cause a denial of service. This issue is caused due to the "dns_db_findrdataset()" function failing when the prerequisite section of a dynamic update message contains a record of type "ANY" and where at least one RRset for this FQDN exists on the server, which could allow attackers to cause a vulnerable server to exit when receiving a specially crafted dynamic update message sent to a zone for which the server is the master. CVE-2009-0696 Denial of Service/Remote Solaris, AIX, Linux, Mac OS X
IIS FTP Telnet IAC Remote DoS This modules causes a Denial of Service in module ftpsvc.dll contained in Microsoft IIS Server. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2010-3972 Denial of Service/Remote Windows
EMC RepliStor Server rep_serv Remote DoS EMC RepliStor Server is prone to a remote denial-of-service vulnerability. The vulnerability is caused due to an error in rep_srv.exe when processing network packets. CVE-2009-3744 Denial of Service/Remote Windows
CA ARCserve D2D Apache Axis2 Default Credentials Remote Code Execution Exploit CA ARCserve D2D installs the Apache Axis2 Web services engine with the default password for the administrator account, which can be abused by a remote attacker to upload an .AAR web service and execute arbitrary code with SYSTEM privileges on the machine where the vulnerable software is installed. CVE-2010-0219 Exploits/Remote Code Execution Windows
Zen Cart record_company Remote Code Execution Exploit Zen Cart is prone to a vulnerability that attackers can leverage to execute arbitrary code. This issue occurs in the 'admin/record_company.php' script. Specifically, the application fails to sufficiently sanitize user-supplied input to the 'frmdt_content' parameter of the 'record_company_image' array. NOCVE-9999-38922 Exploits/Remote Code Execution Linux
Postgres Plus Advanced Server DBA Management Server Remote Code Execution Exploit The DBA Management Server component of EnterpriseDB Postgres Plus Advanced Server does not restrict access to the underlying JBoss JMX Console. This can be abused by remote, unauthenticated attackers to execute arbitrary code on the vulnerable server. NOCVE-9999-47537 Exploits/Remote Code Execution Windows, Linux
TinyWebGallery Remote Code Execution Exploit This module exploits a TinyWebGallery local file-include vulnerability because TinyWebGallery fails to properly sanitize user-supplied input. The module takes advantage of the logging capabilities of the attacked software to remotely execute arbitrary code. CVE-2009-1911 Exploits/Remote Code Execution Windows, Solaris, AIX, Linux
EMC Replication Manager Client irccd.exe Misconfiguration Exploit The best practice for installations of EMC Replication Manager is to register a Replication Manager Client (irccd.exe) instance with the appropiate Replication Manager Server (ird.exe) as soon as the client software is installed on a host. Registration is performed by Replication Manager administrators from within the Replication Manager Server. In the time span exposed before registering a Replication Manager Client instance with a Replication Manager Server, the RunProgram function of the Replication Manager Client instance can be invoked with arbitrary arguments by remote unauthenticated attackers in order to execute arbitrary code with SYSTEM privileges on the vulnerable machine. This module exploits this misconfiguration scenario in order to install an agent on machines running still unregistered instances of EMC Replication Manager Client. NOCVE-9999-55211 Exploits/Remote Code Execution Windows
JBoss Seam 2 Framework actionOutcome Remote Code Execution Exploit An input sanitization flaw was found in the way JBoss Seam processes certain parameterized JBoss Expression Language (EL) expressions. A remote unauthenticated attacker could use this flaw to execute arbitrary code via GET requests, containing specially-crafted expression language parameters, provided to web applications based on the JBoss Seam framework. This module exploits the vulnerability in any web application based on vulnerable versions of the Seam 2 framework. CVE-2010-1871 Exploits/Remote Code Execution Linux
CA Total Defense UNCWS Web Service getDBConfigSettings Remote Code Execution Exploit The UNCWS Web Service component of CA Total Defense listens for SOAP requests. A remote unauthenticated attacker can invoke the getDBConfigSettings method, and the Web Service will answer with the server's database credentials. Once that the database credentials are captured, it is possible for a remote attacker to connect to the database and execute arbitrary code under the context of the database administrator. CVE-2011-1655 Exploits/Remote Code Execution Windows
Symantec Web Gateway Management Console Remote Code Execution Exploit The Symantec Web Gateway Management Console before 5.2.5 allows some specially crafted entries to update the whitelist without validation. A lower-privileged but authorized management console user can bypass the whitelist validation using a specifically-modified script to create an unauthorized whitelist entry. This whitelist entry could potentially be leveraged in further malicious attempts against the network. CVE-2016-5313 Exploits/Remote Code Execution Linux