This weekly update contains 2 new exploits module and 8 auxiliary/post modules.
- ManageEngine Desktop Central / Password Manager LinkViewFetchServlet.dat SQL Injection by Pedro Ribeiro exploits CVE-2014-3996
Auxiliary and post modules
- JBoss JMX Console Beanshell Deployer WAR Upload and Deployment by us3r777 exploits CVE-2010-0738
- IP Board Login Auxiliary Module by Christopher Truncer chris
- NTP Mode 7 PEER_LIST DoS Scanner by Jon Hart
- NTP Mode 7 PEER_LIST_SUM DoS Scanner by Jon Hart
- NTP Mode 6 REQ_NONCE DRDoS Scanner by Jon Hart
- NTP Mode 7 GET_RESTRICT DRDoS Scanner by Jon Hart
- NTP Mode 6 UNSETTRAP DRDoS Scanner by Jon Hart
- SSDP ssdp:all M-SEARCH Amplification Scanner by xistence
How to Upgrade
Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.
PRO 4.10.0 updates to 4.10.0-2014082701
MSF3 4.10.0 updates to 4.10.0-2014082701