This first post-4.3.0 update fixes a number of issues in the 4.3.0 release, and adds eight new modules including a UDP Wake-on-Lan utility and a Java RMI endpoint scanner (integrated into the discovery process). Exploits for Webcalendar, McAfee Virtual Technician MVTControl, VLC, MS12-027, and Shadow Stream Recorder have been added. Additionally, a post module for generic command execution across a variety of platforms has been included.
- UDP Wake-On-Lan
- WebCalendar 1.2.4 Pre-Auth Remote Code Injection
- McAfee Virtual Technician MVTControl 126.96.36.1991 GetObject Vulnerability
- VLC MMS Stream Handling Buffer Overflow
- MS12-027 MSCOMCTL ActiveX Buffer Overflow
- Shadow Stream Recorder 188.8.131.52 Buffer Overflow
- Multi Generic Operating System Session Command Execution
How to Upgrade
Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.
PRO 4.3.0 revision e50783badc93f239f299eb2b46822a0525f9be8d updates to 2012050202 revision 710a85884823f84d845fd195838c5823cc074720
MSF3 4.3.0 revision ec831a1658def24a9a42926b576371d5897b6688 updates to 2012050202 revision e12c29a5dc7223da64b005b658821e83f5b0a8c0