This update includes 2 new exploits for Apache Struts and Powershell.
In addition, this update fixes 1 issue.
- Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution by sinn3r, juan vazquez, and Takeshi Terada exploits CVE-2013-2251
- Powershell Payload Web Delivery by Ben Campbell and Chris Campbell
Notable Changes and Resolved Issues
- Fix bug preventing Metasploit from starting on Kali when certain other system Ruby gems were installed
How to Upgrade
Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.
PRO 4.7.0 updates to 4.7.0-2013073101
MSF3 4.7.0 updates to 4.7.0-2013073101