This weekly update contains 5 new exploit modules and 3 new auxiliary and post modules.
- D-Link authentication.cgi Buffer Overflow by Craig Heffner, Michael Messner, and Roberto Paleari exploits OSVDB-95951
- D-Link hedwig.cgi Buffer Overflow in Cookie Header by Craig Heffner, Michael Messner, and Roberto Paleari exploits OSVDB-95950
- AlienVault OSSIM av-centerd Command Injection by juan vazquez and Unknown exploits ZDI-14-202
- Rocket Servergraph Admin Center fileRequestor Remote Code Execution by juan vazquez and rgod exploits ZDI-14-162
- Ericom AccessNow Server Buffer Overflow by juan vazquez and Unknown exploits ZDI-14-160
Auxiliary and post modules
- Chromecast Factory Reset DoS by wvu
- Chromecast Wifi Enumeration by wvu
- Supermicro Onboard IPMI Port 49152 Sensitive File Exposure by hdm, Dan Farmer, John Matherly, and Zach Wikholm
How to Upgrade
Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.
PRO 4.9.3 updates to 4.9.3-2014062501
MSF3 4.9.3 updates to 4.9.3-2014062501