This update includes six new modules, including exploits for Openfiler NetworkCard, WAN Emulator, HP SiteScope, Sflog! CMS, ActiveFax, and Winamp.
Update: This update now also includes the new Internet Explorer exploit described in http://osvdb.org/85532.
In addition, this update fixes three reported issues.
- Openfiler v2.x NetworkCard Command Execution by Brendan Coles exploits BID-55490
- WAN Emulator v2.3 Command Execution by Brendan Coles exploits an uncategorized vulnerability
- HP SiteScope Remote Code Execution by juan vazquez and rgod exploits ZDI-12-175
- Sflog! CMS 1.0 Arbitrary File Upload Vulnerability by sinn3r and dun exploits OSVDB-83767
- ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow by juan vazquez, Brandon Perry, and Craig Freyman exploits OSVDB-85175
- Winamp MAKI Buffer Overflow by juan vazquez and Monica Sojeong Hong exploits CVE-2009-1831
#6389 : Added the ability to upload loot via a Add Captured Data button
#7204 : Social engineering campaigns now show the correct payloads for the selected target
#7233 : Meterpreter sessions are more reliable in non-SYSTEM contexts
How to Upgrade
Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.
PRO 4.4.0 updates to 2012091202
MSF3 4.4.0 updates to 20120091202