CORE Impact Pro Exploits and Security Updates

When you buy CORE Impact Pro, we provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within CORE Impact Pro. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because CORE Impact Pro keeps you there.

Use the controls below to navigate CORE Impact exploits and other modules.

Released Date Title Description Vulnerabilty Categorysort descending Platform
12.05.2011 Tikiwiki jhot Remote Code Execution Exploit An unrestricted file upload vulnerability in jhot.php in TikiWiki 1.9.4 Sirius and earlier allows remote attackers to execute arbitrary PHP code via a filepath parameter that contains a filename with a .php extension, which is uploaded to the img/wiki/ directory. CVE-2006-4602 Exploits/Remote Solaris, Linux
05.29.2013 Novell ZENworks Mobile Management Remote Code Execution Exploit This module exploits a vulnerability in the Novell ZENworks Mobile Management application by injecting code in the PHP session file and leveraging a Local File Inclusion in mdm.php to execute the injected PHP code. CVE-2013-1081 Exploits/Remote Windows
08.14.2011 RPT exploits ordering improvements With this update, RPT will prioritize newer exploits when attacking a target. CVE-2011-1567 Exploits/Remote Windows, AIX, Linux, Mac OS X, Solaris, FreeBSD
11.18.2012 Avaya IP Office Customer Call Reporter ImageUpload Exploit The specific flaw exists because Avaya IP Office Customer Call Reporter allows to upload files to the webserver through ImageUpload.ashx. The uploaded files will not be stripped of their file extensions and the directory where they are saved has no scripting restrictions. CVE-2012-3811 Exploits/Remote Windows
08.24.2011 MSRPC Server Service Remote Buffer Overflow Exploit Reliability Enhancement This updates improves the reliability and AV Evasion of MSRPC Server Service Remote Buffer Overflow Exploit against Windows 2000 targets, in those cases where the target OS and Version is unknown before launching the exploit. Exploits/Remote Windows
04.15.2014 HP ProCurve Agent AgentServlet Remote Code Execution Exploit The AgentServlet class in the Web interface of HP ProCurve Agent is prone to an authentication bypass vulnerability when handling HEAD requests. This vulnerability can be abused by remote unauthenticated attackers to modify the configuration of the HP ProCurve Agent, which can ultimately be leveraged to access the Tornado service component and finally execute arbitrary code with SYSTEM privileges on the target machine. CVE-2013-4813 Exploits/Remote Windows
02.05.2007 CA BrightStor Tape Engine exploit for Windows Vista We are pleased to announce the availability of the first CORE IMPACT exploit for Windows Vista along with initial support for Windows Vista as an exploit target. The first exploit we are releasing is an exploit for a vulnerability in CA BrightStor ARCserve Backup v11.5 (CVE-2007-0169). More exploits for Vista will follow as part of our exploit update service. This update adds support for Windows Vista as a target for the exploit, and includes modifications to the Windows agent and accompanying payloads to run on all previously supported versions of Windows. CVE-2007-0168 Exploits/Remote Windows
12.19.2011 e107 Install Script Command Injection Exploit Update This update appends support for solaris and Mac OS X. CVE-2011-1513 Exploits/Remote Windows, Solaris, Linux, Mac OS X
09.05.2011 EMC AutoStart Domain Name Logging Buffer Overflow Exploit A remote user can send specially crafted data via TCP to trigger a buffer overflow and execute arbitrary code on the target system. CVE-2011-2735 Exploits/Remote Windows
12.18.2008 MiniShare HTTP GET Request Buffer Overflow Exploit The vulnerability is caused due to a boundary error in the handling of HTTP "GET" requests. This can be exploited to cause a buffer overflow by sending a specially crafted overly long request with a pathname larger than 1787 bytes. CVE-2004-2271 Exploits/Remote Windows
01.23.2013 Tectia SSH Server Authentication Bypass Remote Code Execution Exploit The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session involving entry of blank passwords. CVE-2012-5975 Exploits/Remote Linux
01.12.2010 BigAnt IM Server USV Request Remote Buffer Overflow Exploit This module exploits a vulnerability in the AntServer Module (AntServer.exe) to cause a stack-based buffer overflow, by sending a specially crafted, overly long "USV" request to the TCP port where the server is listening. NOCVE-9999-41693 Exploits/Remote Windows
08.15.2012 Interactive Graphical SCADA System Command Injection Exploit This module exploits a command injection vulnerability in Interactive Graphical SCADA System and install an agent into the target machine. CVE-2011-1566 Exploits/Remote Windows
04.16.2007 MSRPC DNS Server exploit This module exploits a buffer overflow in the DNS Server via a specially crafted RPC request. CVE-2007-1748 Exploits/Remote Windows
10.27.2013 TinyWebGallery Remote Code Execution Exploit Update This module exploits a TinyWebGallery local file-include vulnerability because TinyWebGallery fails to properly sanitize user-supplied input. The module takes advantage of the logging capabilities of the attacked software to remotely execute arbitrary code. This update fixes some issues related with an updated library. Support for various platforms was added. CVE-2009-1911 Exploits/Remote Windows, Solaris, Linux
12.20.2011 PhpMyAdmin Unserialize Remote Code Execution Exploit Update phpMyAdmin is vulnerable to a remote code execution due the use of the unserialize method on user supplied data. This data is written in the config file and is accessible from the internet by default. This update adds support for Solaris and Mac OS X. CVE-2009-4605 Exploits/Remote Windows, Solaris, Linux, Mac OS X
01.02.2007 VERITAS NetBackup BPJava Exploit update NetBackup Java user-interface is affected by a remote format string vulnerability. An attacker can exploit this vulnerability by crafting a malicious request that contains format specifiers. This module exploits this vulnerability and installs an agent. This update adds support for Linux. CVE-2005-2715 Exploits/Remote Windows, Linux
07.04.2013 HP System Management Homepage ginkgosnmp.inc Command Injection Exploit The ginkgosnmp.inc PHP script in HP System Management Homepage is vulnerable to OS command injection. This vulnerability allows remote authenticated attackers to execute arbitrary code on the affected machine with SYSTEM privileges. CVE-2013-3576 Exploits/Remote Windows
05.31.2010 HP OpenView NNM getnnmdata CGI Buffer Overflow Exploit This module exploits a stack-based buffer overflow in HP OpenView Network Node Manager by sending a specially crafted request to getnnmdata.exe. CVE-2010-1553 Exploits/Remote Windows
01.28.2010 Net Transport eDonkey Protocol Buffer Overflow Exploit The vulnerability is caused due to a boundary error in the processing of eDonkey "OP_LOGINREQUEST" packets. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet to the ed2k port of an affected system. NOCVE-9999-41933 Exploits/Remote Windows
09.26.2012 HP OpenView Performance Agent coda.exe Opcode 0x8C Buffer Overflow Exploit A buffer overflow exists in coda.exe process which listens on a random TCP port by default. The process trusts a value within a GET request as a size then proceeds to copy that many bytes of user-supplied data into a fixed-length buffer on the stack. CVE-2012-2020 Exploits/Remote Windows
08.11.2009 Bopup Communications Server Remote Buffer Overflow Exploit The vulnerability is caused due to a boundary error and can be exploited to cause a stack-based buffer overflow via a specially crafted TCP packet sent to port 19810. Successful exploitation allows execution of arbitrary code. CVE-2009-2227 Exploits/Remote Windows
01.11.2012 Citrix Provisioning Services Streamprocess Opcode 0x40020000 Buffer Overflow Exploit This module exploits a remote buffer overflow in the streamprocess.exe service included in the Citrix Provisioning Services application by sending a malformed packet to the 6905/UDP port. NOCVE-9999-50874 Exploits/Remote Windows
10.16.2012 HP SiteScope Remote Code Execution Exploit This module exploits two vulnerabilities in HP SiteScope to gain remote code execution. The first vulnerability is an authentication bypass in the getSiteScopeConfiguration operation available through the APISiteScopeImpl AXIS service to grab the administrator credentials from the server running HP SiteScope. The second vulnerability is a directory traversal in the UploadFileHandler url that allows to upload files to the server into a directory that allows for scripting. NOCVE-9999-54993 Exploits/Remote Windows
07.17.2014 Apache Struts 2 devMode OGNL Remote Code Execution Exploit Update The best practice for web applications built on top of the Apache Struts 2 framework is to switch off Developer Mode (struts.devMode parameter in the struts.xml configuration file) before going into production. When devMode is left enabled, attackers can gain remote code execution by setting the 'debug=command' URL parameter and sending OGNL expressions through the 'expression' URL parameter. This module takes advantage of this misconfiguration scenario in order to deploy an agent in the target system. This update fixes the CVE identifier associated with the vulnerability exploited by this module. CVE-2012-0394 Exploits/Remote Windows, Mac OS X, Linux
04.03.2008 MSRPC Trend Micro Server Protect buffer overflow exploit Update TrendMicro ServerProtect is prone to a buffer overflow vulnerability on the rpc interface that could permit the execution of arbitrary remote code. This update corrects the actual exploited CVE number. CVE-2007-2508 Exploits/Remote Windows
02.01.2009 Microsoft SQL Server sp_replwritetovarbin Remote Heap Overflow Exploit This module exploits a heap-based buffer overflow in the Microsoft SQL Server by sending a specially crafted SQL query. It has two uses: One as a Remote Exploit which needs authentication, and another as an SQL Injection Agent installer module, which needs an SQL Agent as a target. CVE-2008-5416 Exploits/Remote Windows
08.17.2005 VERITAS Backup Exec Agent exploit This module exploits a stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows allowing remote attackers to execute arbitrary code. CVE-2005-0773 Exploits/Remote Windows
08.01.2011 HP Operations Manager Server Backdoor Account Exploit Update This module exploits a remote code execution vulnerability in HP Operations Manager by using an undocumented user account to upload an arbitrary file. This update fixes an issue in the agent injector. CVE-2009-3843 Exploits/Remote Windows
12.25.2006 Novell Client NWSPOOL.DLL Buffer Overflow Exploit Novell Client for Netware is prone to a buffer overflow vulnerability on the nwspool.dll that could permit the execution of arbitrary remote code. The nwspool.dll library does not properly handle long arguments to the Win32 OpenPrinter() functions. CVE-2006-5854 Exploits/Remote Windows

Pages