This weekly update contains six new exploit modules and three new auxiliary and post-exploitation modules.
- Linux PolicyKit Race Condition Privilege Escalation by 0a29406d9794e4f9b30b3c5d6702c708 and xi4oyu exploits CVE-2011-1485
- Drupal HTTP Parameter Key/Value SQL Injection by Brandon Perry, Christian Mehlmauer, and SektionEins exploits CVE-2014-3704
- HP Data Protector EXEC_INTEGUTIL Remote Code Execution by juan vazquez and Aniway.Anyway exploits ZDI-14-344
- Joomla Akeeba Kickstart Unserialize Remote Code Execution by Johannes Dahse and us3r777 exploits CVE-2014-7228
- MS14-060 Microsoft Windows OLE Package Manager Code Execution by sinn3r, juan vazquez, and Unknown exploits CVE-2014-4114
- Numara / BMC Track-It! FileStorageService Arbitrary File Upload by Pedro Ribeiro exploits CVE-2014-4872
Auxiliary and Post-Exploitation Modules
- Microsoft SQL Server - SQLi Escalate Db_Owner by nullbind
- BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure by Pedro Ribeiro exploits CVE-2014-4872
- HTTP SSL/TLS Version Detection (POODLE scanner) by todb exploits CVE-2014-3566
Notable Fixes and Changes
- #4002: mscli exposes Actions on the command line
- #4026: Msf::DBManager reorganized
- #4031: Syntax error in PureFTP-d shellshock exploit fixed
- #4034: Added a POODLE scanner module: auxiliary/scanner/http/ssl_version
- #4037: Added "Drupageddon" module for Drupal 7.x pre-7.32
- #4041: Added an animated cursor to msfconsole to signal things aren't hung
- #4042: Fixed overhauled Msf::DBManager NameErorrs
- #4044: Added a Sandworm (CVE-2014-4114) exploit
- Pro: The Configure a Nexpose Console modal, which is accessed from the Vulnerability Validation Wizard, and the New Custom Resource modal, which is accessed from the Custom Reports area, will now close properly after you save or exit them.
- Pro: In response to the POODLE vulnerability (CVE-2014-3566), the ability to set the SSL version for social engineering campaigns has been removed. All campaigns served over SSL will default to TLSv1.
How to Upgrade
To upgrade Metasploit Pro, go to the Administration menu and choose the Software Updates option. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.
PRO 4.10.0 updates to 4.10.0-2014102201
MSF3 4.10.0 updates to 4.10.0-2014102201