2011. 6. 22. 19:23

Metasploit Framework 3.7.2 Released


“The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task.“

This is the official change log:
Statistics:

  • Metasploit now ships with 698 exploit modules, 358 auxiliary modules, and 54 post modules.
  • 11 new exploits, 1 new auxiliary module, and 15 new post modules have been added since the last release.

New Exploit Modules since 3.7.1:

  • MS11-050 IE mshtml!CObjectElement Use After Free
  • AWStats Totals =< v1.14 multisort Remote Command Execution
  • IBM Tivoli Endpoint Manager POST Query Buffer Overflow
  • Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute
  • Magix Musik Maker 16 .mmm Stack Buffer Overflow
  • VisiWave VWR File Parsing Vulnerability
  • GoldenFTP PASS Stack Buffer Overflow
  • DATAC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE Buffer Overflow
  • 7-Technologies IGSS <= v9.00.00 b11063 IGSSdataServer.exe Stack Overflow
  • 7-Technologies IGSS 9 Data Server/Collector Packet Handling Vulnerabilities
  • 7-Technologies IGSS 9 IGSSdataServer .RMS Rename Buffer Overflow

Notable Features & Closed Bugs:

  • Cachedump merged (#505, #310)
  • Remote Registry commands for Meterpreter (#1894)
  • Create a ROP gadget search tool (#4044)
  • Update Nmap XML parsers to support Nokogiri parsing (#4578)
  • db_import failing with ip360 XML imports (nCircle imports) (#4619)
  • packetfu library – HSRP code (#4430)
  • PCAPRUB support on Windows XP also in Debian 5.0.8 and Ubuntu 10.10 (#4558 / #4554)
  • Egghunter now disables DEP (#4375)
  • Sign the java_signed_applet with OpenSSL instead of RJB. (#3440)
  • Add 64 bit linux shellcode (#4451)
  • Regression in Meterpreter pivoting fixed (#4642)
  • New tools Script – module_rank.rb (#4334)
  • Enhancements to SMTP User Enumeration Utility (aux/scanner/smtp/smtp_enum) (#4031) 


출처 : www.pentestit.com

Trackback 1 Comment 0