This weekly update fixes a large number of UI- and module-related bugs. Additionally, 10 new and updated modules are included. Highlights include the Traq <= 2.3 and PMWiki <= 2.2.34 remote exploits as well as an Oracle SQL injection and a CoDeSys SCADA Webserver buffer overflow.
- Oracle DB SQL Injection via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION
- PmWiki <= 2.2.34 (pagelist) Remote PHP Code Injection Exploit
- Traq <= 2.3 Authentication Bypass / Remote Code Execution Exploit
- CoDeSys SCADA v2.3 Webserver Stack Buffer Overflow
- Family Connections less.php Remote Command Execution
- Windows Gather Privileges Enumeration
- Ability Server 2.34 STOR Command Stack Buffer Overflow
- DNS and DNSSEC fuzzer
- Yaws Web Server Directory Traversal
- Multiple Linux / Unix Post Sudo Upgrade Shell
Resolved Bugs & Changes
- Issue #6087 : Obscured license key in Software Updates.
- Issue #6081 : Updated service_permissions.rb to check platform correctly.
- Issue #6080 : Updated description in win_privs.rb.
- Issue #6077 : Whatsup Gold module now stores loot.
- Issue #6074 : Updated persistence module.
- Issue #6072 : Updated Ipswitch TFTP Server Directory Traversal to support TFTP acks.
- Issue #6070 : Resolved an error with wlan_profile when no wireless installed.
- Issue #6012 : Error in post module post/windows/manage/enable_rdp resolved.
- Issue #1874 : Connecting to HTTPS port using HTTP now gives a warning.
- Issue #6114 : exploit/unix/http/lifesize_room now supports cmd/unix/reverse_bash payload.
- Issue #6113 : Resolved error "undefined method `code'" during automatic exploitation.
- Issue #6111 : Clone site now works as expected for https URLs.
- Issue #6098 : Resolved a search issue with on the hosts page.
- Issue #6096 : Network Topology Map now renders.
- Issue #5693 : Importing a metasploit zip export now includes loot.
- Issue #2731 : Added a note to the UI about host.windows.processes.
- Issue #5941 : Failed task no longer shows stack trace.
- Issue #6097 : Exploit form now shows an error when invalid options are passed.
- Issue #5934 : Service count is no longer including closed/filtered services.
- Issue #5869 : Searching services by port/proto/name is now supported.
- Issue #5119 : Analysis tab now allows selection of all matching hosts (gmail style).
- Issue #5283 : Known credentials are now used 1x per service.
- Issue #4871 : Bruteforce now accepts a specified Oracle SID.
- Issue #3945 : IP List import now documented in the UI.
- Issue #6109 : Resolved report generation issues.
How to Upgrade
Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.
PRO 4.1.4 20111205000001 revision 19b19036a658ab756acc0e49e57c4d69877bd35a updates to 20111214013016 revision 38dffeaf2128cdf5d4ee8e52bc76232649dc2e95
MSF3 4.1.4 20111205000001 revision b7ccbcd6b507ee259041b9e1753a3329bb249e28 updates to 20111214013016 revision 8dc85f1cc5b19e141c82e4b8b55cb2f1879160fa