Metasploit 4.4.0 Update 2012101001

Document created by todb Employee on Oct 9, 2012Last modified by todb Employee on Oct 15, 2012
Version 2Show Document
  • View in full screen mode

Summary

 

This update includes ten new modules, including exploits for PhpTax, QNX QCONN, Avaya IP Office, Avaya WinPMD, Microsoft Windows, and InduSoft Web Studio.

 

In addition, this update fixes six reported issues.

 

Update: This update now also includes two new modules for CVE-2012-4933. For details, see our blog post, New 0day Exploit: Novell ZENworks CVE-2012-4933 Vulnerability

 

Module Changes

Exploit modules


 

Auxiliary and post modules


 

Resolved Issues

 

Note that several of this week's issues popped up in development between updates, so Metasploit Community and Metasploit Pro users were not likely to experience them.

 

#7297 : Resolved msfupdate cron job issues for Linux installers

#7292 : Resolved conflicts with certain constants when loading modules

#7291 : Resolved 1.8.7 incompatibility with new module loading scheme

#7287 : adobe_flash_otf_font now explains URI truncation

#7282 : Fixed file.rb close paren error

#5800 : Generic ROP chains now supported (see the RopDB blog post)

#4041 : Properly Implemented ROP payloads (basically a dupe of #5800)

 

How to Upgrade

 

Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.

 

Version Information

 

PRO 4.4.0 updates to  2012101001

MSF3 4.4.0 updates to 2012101001

Attachments

    Outcomes