This update includes 3 new exploits for Mac OSX, Graphite and Oracle Endeca Server.
NOTE: 2013082802 fixes an issue that prevented some of this week's new modules from loading on certain platforms.
- Mac OS X Sudo Password Bypass by juan vazquez, Todd C. Miller, and joev exploits CVE-2013-1775
- Graphite Web Unsafe Pickle Handling by Charlie Eriksen exploits CVE-2013-5093
- Oracle Endeca Server Remote Command Execution by juan vazquez and rgod exploits ZDI-13-190
How to Upgrade
Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.
PRO 4.7.0 updates to 4.7.0-2013082802
MSF3 4.7.0 updates to 4.7.0-2013082802