This update includes ten new modules, including exploits for PhpTax, QNX QCONN, Avaya IP Office, Avaya WinPMD, Microsoft Windows, and InduSoft Web Studio.
In addition, this update fixes six reported issues.
Update: This update now also includes two new modules for CVE-2012-4933. For details, see our blog post, New 0day Exploit: Novell ZENworks CVE-2012-4933 Vulnerability
- PhpTax pfilez Parameter Exec Remote Code Injection by sinn3r and Jean Pascal Pereira
- QNX QCONN Remote Command Execution Vulnerability by Brendan Coles, David Odell, and Mor!p3r
- Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Command Execution by juan vazquez and rgod exploits ZDI-12-106
- Windows Escalate UAC Execute RunAs by mubix
- Windows Escalate UAC Protection Bypass by David Kennedy "ReL1K", mitnick, and mubix
- MS11-080 AfdJoinLeaf Privilege Escalation by Matteo Memelli and Spencer McIntyre exploits MS11-080
- Avaya WinPMD UniteHostRouter Buffer Overflow by juan vazquez, Abdul-Aziz Hariri, and Abysssec exploits OSVDB-73269
- InduSoft Web Studio Arbitrary Upload Remote Code Execution by juan vazquez and Luigi Auriemma exploits ZDI-11-330
Auxiliary and post modules
- Authentication Capture: PostgreSQL by Dhiru Kholia
- Multi Gather GnuPG Credentials Collection by Dhiru Kholia
Note that several of this week's issues popped up in development between updates, so Metasploit Community and Metasploit Pro users were not likely to experience them.
#7297 : Resolved msfupdate cron job issues for Linux installers
#7292 : Resolved conflicts with certain constants when loading modules
#7291 : Resolved 1.8.7 incompatibility with new module loading scheme
#7287 : adobe_flash_otf_font now explains URI truncation
#7282 : Fixed file.rb close paren error
#5800 : Generic ROP chains now supported (see the RopDB blog post)
#4041 : Properly Implemented ROP payloads (basically a dupe of #5800)
How to Upgrade
Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.
PRO 4.4.0 updates to 2012101001
MSF3 4.4.0 updates to 2012101001