This update includes 5 new modules, including exploits for Internet Explorer and AudioCoder. It also includes auxiliary modules for SAP and Windows.
In addition, this update fixes 2 reported issues.
- Microsoft Internet Explorer CGenericElement Object Use-After-Free Vulnerability by sinn3r, juan vazquez, EMH, and Unknown exploits CVE-2013-1347
- AudioCoder .M3U Buffer Overflow by juan vazquez and metacom exploits OSVDB-92939
Auxiliary and post modules
- SAP SOAP RFC PFL_CHECK_OS_FILE_EXISTENCE File Existence Check by lexey Tyurin and nmonkee exploits OSVDB-78537
- SAP SOAP RFC RZL_READ_DIR_LOCAL Directory Contents Listing by Alexey Tyurin and nmonkee exploits OSVDB-92732
- Windows Gather Deleted Files Enumeration and Recovering by Borja Merino
- 7898 - Fix an issue where payload options weren't respected on second run.
- 7926 - Msfconsole search works properly when searching for clients.
How to Upgrade
Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.
PRO 4.6.0 updates to 4.6.0-2013050801
MSF3 4.6.0 updates to 4.6.0-2013050801