From 1981e9be0cd5a3ebdd007269d5118b4b5f22d33f Mon Sep 17 00:00:00 2001 From: Metasploit Date: Tue, 26 Mar 2019 16:52:37 -0700 Subject: [PATCH] automatic module_metadata_base.json update --- db/modules_metadata_base.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json index 248f393d3f..6df1577abc 100644 --- a/db/modules_metadata_base.json +++ b/db/modules_metadata_base.json @@ -68367,19 +68367,19 @@ } }, "exploit_multi/misc/weblogic_deserialize_rawobject": { - "name": "Oracle Weblogic Server Deserialization RCE - RMI UnicastRef", + "name": "Oracle Weblogic Server Deserialization RCE - Raw Object", "full_name": "exploit/multi/misc/weblogic_deserialize_rawobject", "rank": 600, - "disclosure_date": "2017-01-25", + "disclosure_date": "2015-01-28", "type": "exploit", "author": [ "Andres Rodriguez", - "Jacob Baines", + "Stephen Breen", "Aaron Soto" ], - "description": "An unauthenticated attacker with network access to the Oracle Weblogic Server T3\n interface can send a serialized object (sun.rmi.server.UnicastRef)\n to the interface to execute code on vulnerable hosts.", + "description": "An unauthenticated attacker with network access to the Oracle Weblogic Server T3\n interface can send a serialized object (weblogic.jms.common.StreamMessageImpl)\n to the interface to execute code on vulnerable hosts.", "references": [ - "CVE-2017-3248" + "CVE-2015-4852" ], "platform": "Solaris,Unix,Windows", "arch": "", @@ -68395,7 +68395,7 @@ "Windows", "Solaris" ], - "mod_time": "2019-03-26 16:45:17 +0000", + "mod_time": "2019-03-26 17:44:52 +0000", "path": "/modules/exploits/multi/misc/weblogic_deserialize_rawobject.rb", "is_install_path": true, "ref_name": "multi/misc/weblogic_deserialize_rawobject",