April 8, 2013

Core-HQQ1 has been an interesting one in the cyber security world, the NY Times announced that not only did Chinese hackers gain access to their networks but that held that access for at least four months. Shortly afterwards Mandiant released their report detailing their beliefs that a single Chinese military group was behind the majority of the intrusions they have investigated at various public and private sector organizations around the globe.

We also released v2013 R1.1 of CORE Impact; including over 50 updates including additional scanners that Impact can import the results from and use as the basis of the penetration tests or security assessments performed by our customers. This quick release cycle is something our customers have requested from us, and we are going to ensure we do more releases like this, as well as our traditional major releases throughout the year.

Updates for March 2013 (excludes 9 maintenance updates)

Remote Code Execution

Procyon Core Server HMI Scada Coreservice Buffer Overflow Exploit Update
freeSSHd SSH Server Authentication Bypass Remote Code Execution Exploit
Microsoft Windows Win32k Improper Message Handling Vulnerability Exploit (MS13-005)
ActFax RAW Server Buffer Overflow Exploit
Schneider Electric Interactive Graphical SCADA System Buffer Overflow Exploit
BigAnt Server DUPF Command Arbitrary File Upload Exploit


Cool PDF Reader Buffer Overflow Exploit
Oracle Java 7U11 JMX Remote Code Execution Exploit
KingView KingMess Buffer Overflow Exploit
Microsoft Windows Shell Briefcase Processing Integer Overflow Exploit(MS12-072)
Microsoft Internet Explorer SLayoutRun Use-After-Free Exploit (MS13-009)
Adobe Acrobat Reader acroform api With Sandbox Bypass Exploit
Siemens SIMATIC WinCC SCADA RegReader ActiveX Buffer Overflow Exploit

Denial of Service

Microsoft Windows NFS NULL Dereference DoS (MS13-014)

Among the maintenance updates was an update to the Identity Manager password Dictionaries (based on analysis of recently disclosed password dumps)

Alex Horan – Impact Product Manager



  • Penetration testing

Ready for a Demo?

Eliminate identity-related breaches with SecureAuth!