This weekly update contains 7 new modules including the recently-blogged BSD-derived telnet buffer overflow, a remote code execution in Splunk, a remote command injection in Plone and Zope, an overflow in OpenTFP, and finally, a Windows Oracle Job Scheduler command execution. A number of minor post-module bugs were addressed with this update.
- Telnet Service Encyption Key ID Overflow Detection
- FreeBSD Telnet Service Encyption Key ID Buffer Overflow
- Linux BSD-derived Telnet Service Encyption Key ID Buffer Overflow
- Plone and Zope Remote CMD Injection Exploit
- Splunk Search Remote Code Execution
- Oracle Job Scheduler Named Pipe Command Execution
- OpenTFTP SP 1.4 Error Packet Overflow
Resolved Bugs & Changes
- Issue #6164 : Resolved an error when post/multi/manage/system_session ran against an invalid target.
- Issue #6163 : Resolved an error when post/multi/gather/pidgin_cred ran against an invalid target.
- Issue #6161 : Resolved an error when post/windows/manage/payload_inject ran against an invalid target.
- Issue #6160 : Resolved an error when post/windows/gather/enum_dirperms ran against an invalid target.
- Issue #6159 : Resolved an error when post/windows/gather/credentials/windows_autologin ran against an invalid target.
- Issue #6158 : Resolved an error when post/windows/gather/credentials/credential_collector ran against an invalid target.
- Issue #6027 : Handle Postgres errors when a session has "\U" in its description.
- Issue #6022 : Fix SMB_COM_NT_TRANSACT structure definition per specification.
How to Upgrade
Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.
PRO 4.1.4 20111219000004 revision 8ec661a4a6e02e02a853f08b8400d8c6ed77fc6b updates to 20111227000001 revision b80c0872e366e8667cea72f88da8e10dcc264b2d
MSF3 4.1.4 20111219000004 revision c7c16ae52d82b824ba6a67d8073fa5ae21cf4a9a updates to 20111227000001 revision b409560088e09369c5fd4ab7d99555f21352f15f