Version 2.3 Updates - February 14, 2005

[hdm at metasploit.com (H D Moore)]

Hello everyone,

Gentoo Linux users can now install the Metasploit Framework from portage 
(emerge --sync && emerge metasploit), big thanks to Stefano for writing 
up the ebuild and submitting it. If you encounter problems with tab 
completion,  may need to emerge the perl-dev/TermReadKey package from 
portage (BUG #81936 at bugs.gentoo.org).

Two new exploits have been added for the Computer Associates 
BrightStor/ARCServe Discovery Service. The UDP overflow module was 
submitted by Syscall and the TCP overflow was originally posted by 
Cybertronic to Bugtraq and then rewritten as an exploit module by myself.  
The TCP overflow is *not* addressed by the recent BrightStor patch...

Matt Miller's new Opcode Database has been moved out of Beta and has 
replaced the old database. The new database is a massive improvement in 
terms of instruction coverage, flexibility, and speed. The old database 
will be left online for a month or two, assuming that no major bugs crop 
up in the new system.

If anyone on the list uses RSS feeds, you can now point your reader at the 
URL below to see the last 10 exploit modules added to the Framework.
 - http://metasploit.com/projects/Framework/updates/rss.html

The donations page at metasploit.com has been updated to include our 
wish-list of hardware and some basic guidelines for submitting code to 
the project. If you have donated to the project and would like to your 
name, company, or web site listed on this page, please contact me 
off-list.

Happy Valentines Day,

-HD