This weekly update brings seven new modules and resolves a regression in the previous week's update where sessions would not be properly displayed.
- Cisco Secure ACS Version < 220.127.116.11.5 or 18.104.22.168.2 Unauthorized Password Change
- VMWare Update Manager 4 Directory Traversal
- CCTV DVR Login Scanning Utility
- RuggedCom Telnet Password Generator
- WikkaWiki 1.3.2 Spam Logging PHP Injection
- Firefox 8/9 AttributeChildRemoved() Use-After-Free
- Distinct TFTP 3.10 Writable Directory Traversal Execution
Resolved Bugs & Changes
- Issue #6855 : Added target to adobe_pdf_embedded_exe exploit for Windows XP Spanish
- Issue #6815 : Exception while running post/windows/gather/hashdump
- Issue #6843 : Resolved an error with the TFTP client
- Issue #6862 : Resolved a regression where sessions would not be shown in the UI.
- Issue #6850 : Searching for a tag no longer triggers JSON error
- Issue #6757 : Select all doesn't work for collect or cleanup in Task Chains.
How to Upgrade
Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, "view this video":https://community.rapid7.com/videos/1256 in the Rapid7 Community.
PRO 4.3.0 2012050901 updates to 2012051603
MSF3 4.3.0 2012050901 updates to 2012051603