Network Risk Assessment

By ServerWatch Staff (Send Email)
Posted Jul 22, 2002


CORE SECURITY TECHNOLOGIES announced the release of version 1.1 of the company's risk assessment product, CORE IMPACT, which is designed to streamline the penetration testing process. In addition to enhanced reporting and logging functionality, the new version offers modules for the "Chunked Encoding" vulnerabilities that affect the two most widely used web server programs, Apache and Internet Information Server. The new CORE IMPACT modules should allow customers to better test and understand how the latest vulnerabilities could impact their business. New version of a penetration testing tool includes exploit modules for the 'Chunked Encoding' vulnerabilities recently reported in Apache.

According to the company, CORE IMPACT is a tool for penetration testing, consolidating in one application the ability to perform a test without being reliant on disparate software tools. It is designed to provide a framework to streamline the penetration testing practice, which may make it more efficient and reliable, and help customers to assess the true risks and ramifications of attack.

The newly released version of CORE IMPACT includes improved reporting and logging functionality, new libraries, updated libraries and modules, and the following new modules:

  • Apache chunked encoding exploit: a remote exploit for the Apache web server running on OpenBSD
  • IIS .HTR ChunkedEncoding exploit: a remote exploit for web servers running MS Internet Information Server (IIS)
  • IIS .ASP ChunkedEncoding exploit: a remote exploit for web servers running MS Internet Information Server (IIS)
  • ToolTalk delete any file: a remote exploit for the Common Desktop Environment (CDE) package on Solaris
  • ToolTalk format string exploit: a remote exploit for the Common Desktop Environment on Solaris
  • IIS CGI Filename Decode exploit: a remote exploit for web servers running MS Internet Information Server (IIS)
  • Windows debugging subsystem vulnerability: a local exploit for Windows
  • rwalld format string exploit: a remote exploit for Solaris
  • libsldap exploit: a local exploit for Solaris
  • OpenSSH channel exploit: a local exploit for Linux and OpenBSD
  • ntpd control message overflow exploit: a remote exploit for Linux
  • lprng format string exploit: a remote exploit for Linux
  • snmpXdmid exploit: a remote exploit for Solaris
  • IIS ASP Server-Side Include exploit: a local exploit for Windows
  • IIS FTP STAT DoS: a remote denial of service for IIS
  • IIS SMTP BDAT DoS: a remote denial of service for IIS
  • Tomcat server DoS: a remote denial of service for the Tomcat application server
  • NetBIOS Name Table: a SMB information gathering module
  • SMB Information Gathering: a SMB information gathering module
  • Windows Service Pack discovery using SMTP: a Windows information gathering module
  • NetBIOS Cache Corruption: a remote exploit for Windows
  • Sniffed SMB data export module: a module to export sniffed NTLM hashes to an external file (to be used by third party password crackers like LC3, John the Ripper, etc)
  • IIS Propfind: a MS Windows information gathering module
  • TCP Proxy: a generic TCP proxy server
Availability
CORE IMPACT v1.1 is available now, runs on Microsoft Windows 2000 and has agent support for Linux, Windows 2000, NT, Sun Solaris, and OpenBSD. For more information about CORE IMPACT and CORE SECURITY TECHNOLOGIES please visit http://www.corest.com.

Complete Story

Page 1 of 1


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.