Metasploit Pro 4.1.4 Update 20111227000001

Document created by jcran on Dec 28, 2011Last modified by jcran on Jan 20, 2012
Version 3Show Document
  • View in full screen mode

Summary

This weekly update contains 7 new modules including the recently-blogged BSD-derived telnet buffer overflow, a remote code execution in Splunk, a remote command injection in Plone and Zope, an overflow in OpenTFP, and finally, a Windows Oracle Job Scheduler command execution. A number of minor post-module bugs were addressed with this update.

 

Module Changes

 

Resolved Bugs & Changes

  • Issue #6164 : Resolved an error when post/multi/manage/system_session ran against an invalid target.
  • Issue #6163 : Resolved an error when post/multi/gather/pidgin_cred ran against an invalid target.
  • Issue #6161 : Resolved an error when  post/windows/manage/payload_inject ran against an invalid target.
  • Issue #6160 : Resolved an error when  post/windows/gather/enum_dirperms ran against an invalid target.
  • Issue #6159 : Resolved an error when  post/windows/gather/credentials/windows_autologin ran against an invalid target.
  • Issue #6158 : Resolved an error when  post/windows/gather/credentials/credential_collector ran against an invalid target.
  • Issue #6027 : Handle Postgres errors when a session has "\U" in its description.
  • Issue #6022 : Fix SMB_COM_NT_TRANSACT structure definition per specification.

 

How to Upgrade

Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.

 

Version Information

PRO 4.1.4 20111219000004 revision 8ec661a4a6e02e02a853f08b8400d8c6ed77fc6b updates to 20111227000001 revision b80c0872e366e8667cea72f88da8e10dcc264b2d 
MSF3 4.1.4 20111219000004 revision c7c16ae52d82b824ba6a67d8073fa5ae21cf4a9a updates to 20111227000001 revision b409560088e09369c5fd4ab7d99555f21352f15f 

Attachments

    Outcomes