Metasploit 4.8.2 (Update 2013121101)

Document created by Brandon Turner Employee on Dec 9, 2013
Version 1Show Document
  • View in full screen mode

Summary

This updates Metasploit to 4.8.2.

 

This update includes 8 new modules, including exploits for Up.Time Monitoring Station, Wordpress OptimizePress Theme, vBulletin and Kaseya.  It also contains new modules for Ruby on Rails, vBulletin, Cisco ASA, and Windows.

 

In addition, this update fixes 6 issues.

 

Exploit modules

 

Auxiliary and post modules

 

Notable Changes and Resolved Issues

  • Upgrades Rails to 3.2.16 due to CVE-2013-4491, CVE-2013-6414 and CVE-2013-4492
  • Upgrade Postgres to 9.3.2
  • Protect against RJS vulnerability
  • 8140 - Avoid migration in ppr_flatten_rec
  • 8283 - Meterpreter Win32-SshServer fails to check status
  • 8696 - Meterpreter session hangs around even when 'exit'ed from an AutoRunScript

 

How to Upgrade

Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.

 

Version Information

PRO 4.8.1 updates to 4.8.2-2013121101

MSF3 4.8.1 updates to 4.8.2-2013121101

Attachments

    Outcomes