Metasploit 4.9.3 (Update 2014060501)

Document created by Brandon Turner Employee on Jun 6, 2014
Version 1Show Document
  • View in full screen mode



This updates Metasploit to 4.9.3.


This addresses CVE-2014-0224 (OpenSSL SSL/TLS MITM vulnerability).  All components have been recompiled with non-vulnerable versions of OpenSSL, including:

  • Nginx - OpenSSL 1.0.1h
  • Nmap - OpenSSL 1.0.1h
  • PostgreSQL - OpenSSL 1.0.1h
  • Ruby - OpenSSL 1.0.1h on Linux, OpenSSL 1.0.0m on Windows
  • Meterpreter Windows - OpenSSL 0.9.8za


This update does not contain any new modules, features or bugfixes since the last weekly release.


How to Upgrade

Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.


Version Information

PRO 4.9.2 updates to 4.9.3-2014060501

MSF3 4.9.2 updates to 4.9.3-2014060501