infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

automatic module_metadata_base.json update

4.x
Metasploit 2019-02-08 16:38:54 -08:00
parent ed4acd6b31
commit 38b5abdb2b
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
db/modules_metadata_base.json
View File

@ -51154,13 +51154,17 @@
"author": [ "author": [
"Anton Lopanitsyn", "Anton Lopanitsyn",
"Twoster", "Twoster",
"h00die" "h00die",
"Paolo Serracino",
"Pietro Minniti",
"Damiano Proietti"
], ],
"description": "The imap_open function within php, if called without the /norsh flag, will attempt to preauthenticate an\n IMAP session. On Debian based systems, including Ubuntu, rsh is mapped to the ssh binary. Ssh's ProxyCommand\n option can be passed from imap_open to execute arbitrary commands.\n While many custom applications may use imap_open, this exploit works against the following applications:\n e107 v2, prestashop, SuiteCRM, as well as Custom, which simply prints the exploit strings for use.\n Prestashop exploitation requires the admin URI, and administrator credentials.\n suiteCRM/e107/hostcms require administrator credentials.", "description": "The imap_open function within php, if called without the /norsh flag, will attempt to preauthenticate an\n IMAP session. On Debian based systems, including Ubuntu, rsh is mapped to the ssh binary. Ssh's ProxyCommand\n option can be passed from imap_open to execute arbitrary commands.\n While many custom applications may use imap_open, this exploit works against the following applications:\n e107 v2, prestashop, SuiteCRM, as well as Custom, which simply prints the exploit strings for use.\n Prestashop exploitation requires the admin URI, and administrator credentials.\n suiteCRM/e107 require administrator credentials. Fixed in php 5.6.39.",
"references": [ "references": [
"URL-https://web.archive.org/web/20181118213536/https://antichat.com/threads/463395", "URL-https://web.archive.org/web/20181118213536/https://antichat.com/threads/463395",
"URL-https://github.com/Bo0oM/PHP_imap_open_exploit", "URL-https://github.com/Bo0oM/PHP_imap_open_exploit",
"EDB-45865", "EDB-45865",
"EDB-46136",
"URL-https://bugs.php.net/bug.php?id=76428", "URL-https://bugs.php.net/bug.php?id=76428",
"CVE-2018-19518", "CVE-2018-19518",
"CVE-2018-1000859" "CVE-2018-1000859"
@ -51189,9 +51193,10 @@
"prestashop", "prestashop",
"suitecrm", "suitecrm",
"e107v2", "e107v2",
"Horde IMP H3",
"custom" "custom"
], ],
"mod_time": "2018-12-06 14:59:05 +0000", "mod_time": "2019-01-18 19:43:45 +0000",
"path": "/modules/exploits/linux/http/php_imap_open_rce.rb", "path": "/modules/exploits/linux/http/php_imap_open_rce.rb",
"is_install_path": true, "is_install_path": true,
"ref_name": "linux/http/php_imap_open_rce", "ref_name": "linux/http/php_imap_open_rce",