You cannot discuss events in October without mentioning Hurricane Sandy - our hearts go out to all who were affected by this storm.
October was a busy month for us, it was the first full month after the release of v12.5 of Impact and the Exploit Writing Team was in full force, writing exploits for this new release. This is also the first month we saw a big push from our L3 team to release the custom modules they have generated for individual customers out to the main product. The L3 team is a full-time group of engineers who take customer requests for tweaks to existing capabilities and make them a reality. With these two teams working to produce updates and exploits that are both timely and important to our customers, we produced 39 updates for the month of October.
Updates for October 2012 (excluding maintenance updates)
Remote Code Execution
EMC NetWorker nsrd RPC Service Format String Exploit
EMC Replication Manager Client irccd.exe Misconfiguration Exploit
HP Intelligent Management Center UAM sprintf Buffer Overflow Exploit
HP SiteScope Remote Code Execution Exploit
Novell File Reporter NFRAgent PATH Tag Buffer Overflow Exploit
Novell File Reporter NFRAgent VOL Tag Buffer Overflow Exploit
PHP apache_request_headers Function Buffer Overflow Exploit
Symantec Messaging Gateway SSH Support Account Exploit
TurboFTP Server PORT Command Buffer Overflow Exploit
Advantech Studio ISSymbol ActiveX Control Buffer Overflow Exploit
GE Proficy Historian KeyHelp ActiveX LaunchTriPane Code Execution Exploit
HP Lifecycle Management XGO ActiveX SetShapeNodeType Type Method Exploit
Oracle Outside In XPM Image Processing Buffer Overflow Exploit
Libdbus DBUS_SYSTEM_BUS_ADDRESS Variable Local Privilege Escalation
Microsoft Windows Sysret Instruction Privilege Escalation Exploit (MS12-042)
Included in the non-exploit updates updates were six produced by our L3 team and three modules coded to provide additional ability for our agent to evade anti virus detection.
Alex Horan, Senior Product Manager.