From 41c81a1e12189666bed06d0e0bdad91a3b48e463 Mon Sep 17 00:00:00 2001
From: HD Moore <hd_moore@rapid7.com>
Date: Wed, 13 Sep 2006 06:49:39 +0000
Subject: [PATCH] Consistency changes for exploit titles and additional
 references

git-svn-id: file:///home/svn/framework3/trunk@3878 4d416f70-5f16-0410-b530-b9f4589650da
---
 modules/exploits/windows/dcerpc/ms03_026_dcom.rb     | 4 +++-
 modules/exploits/windows/dcerpc/ms05_017_msmq.rb     | 3 ++-
 modules/exploits/windows/mssql/ms02_039_slammer.rb   | 2 +-
 modules/exploits/windows/mssql/ms02_056_hello.rb     | 2 +-
 modules/exploits/windows/smb/ms03_049_netapi.rb      | 2 +-
 modules/exploits/windows/smb/ms04_011_lsass.rb       | 4 +++-
 modules/exploits/windows/smb/ms04_031_netdde.rb      | 2 +-
 modules/exploits/windows/smb/ms05_039_pnp.rb         | 2 +-
 modules/exploits/windows/smb/ms06_025_rasmans_reg.rb | 2 +-
 modules/exploits/windows/smb/ms06_025_rras.rb        | 2 +-
 modules/exploits/windows/smb/ms06_040_netapi.rb      | 2 +-
 modules/exploits/windows/ssl/ms04_011_pct.rb         | 8 +++++---
 modules/exploits/windows/wins/ms04_045_wins.rb       | 2 +-
 13 files changed, 22 insertions(+), 15 deletions(-)

diff --git a/modules/exploits/windows/dcerpc/ms03_026_dcom.rb b/modules/exploits/windows/dcerpc/ms03_026_dcom.rb
index cdadce665c..61f3434a5d 100644
--- a/modules/exploits/windows/dcerpc/ms03_026_dcom.rb
+++ b/modules/exploits/windows/dcerpc/ms03_026_dcom.rb
@@ -8,7 +8,7 @@ class Exploits::Windows::Dcerpc::MS03_026_DCOM < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,
-			'Name'           => 'Microsoft RPC DCOM MSO3-026',
+			'Name'           => 'Microsoft RPC DCOM Interface Overflow',
 			'Description'    => %q{
 				This module exploits a stack overflow in the RPCSS service, this vulnerability
 				was originally found by the Last Stage of Delirium research group and has bee
@@ -22,6 +22,8 @@ class Exploits::Windows::Dcerpc::MS03_026_DCOM < Msf::Exploit::Remote
 				[
 					[ 'OSVDB', '2100'     ],
 					[ 'MSB',   'MS03-026' ],
+					[ 'BID', '8205'       ],
+					[ 'CVE', '2003-0352'  ],
 				],
 			'Privileged'     => true,
 			'DefaultOptions' =>
diff --git a/modules/exploits/windows/dcerpc/ms05_017_msmq.rb b/modules/exploits/windows/dcerpc/ms05_017_msmq.rb
index 3588045b1c..3f34b0d92e 100644
--- a/modules/exploits/windows/dcerpc/ms05_017_msmq.rb
+++ b/modules/exploits/windows/dcerpc/ms05_017_msmq.rb
@@ -9,7 +9,7 @@ class Exploits::Windows::Dcerpc::MS05_017_MSMQ < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,	
-			'Name'           => 'Microsoft Message Queueing Service MSO5-017',
+			'Name'           => 'Microsoft Message Queueing Service Path Overflow',
 			'Description'    => %q{
 				This module exploits a stack overflow in the RPC interface
 				to the Microsoft Message Queueing service. The offset to the
@@ -28,6 +28,7 @@ class Exploits::Windows::Dcerpc::MS05_017_MSMQ < Msf::Exploit::Remote
 					[ 'CVE', '2005-0059'],
 					[ 'MSB', 'MS05-017'],
 					[ 'MIL', '41'],
+					[ 'BID', '13112'],
 
 				],
 			'Privileged'     => true,
diff --git a/modules/exploits/windows/mssql/ms02_039_slammer.rb b/modules/exploits/windows/mssql/ms02_039_slammer.rb
index c2ca164dae..7496ab86f6 100644
--- a/modules/exploits/windows/mssql/ms02_039_slammer.rb
+++ b/modules/exploits/windows/mssql/ms02_039_slammer.rb
@@ -8,7 +8,7 @@ class Exploits::Windows::Mssql::MS02_039_ResOverflow < Msf::Exploit::Remote
 	
 	def initialize(info = {})
 		super(update_info(info,	
-			'Name'           => 'MSSQL 2000/MSDE Resolution Overflow',
+			'Name'           => 'Microsoft SQL Server Resolution Overflow',
 			'Description'    => %q{
 				This is an exploit for the SQL Server 2000 resolution
 				service buffer overflow. This overflow is triggered by
diff --git a/modules/exploits/windows/mssql/ms02_056_hello.rb b/modules/exploits/windows/mssql/ms02_056_hello.rb
index ffabba280e..5c62556e4e 100644
--- a/modules/exploits/windows/mssql/ms02_056_hello.rb
+++ b/modules/exploits/windows/mssql/ms02_056_hello.rb
@@ -8,7 +8,7 @@ class Exploits::Windows::Mssql::MS02_056_HelloOverflow < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,	
-			'Name'           => 'MSSQL 2000/MSDE Hello Buffer Overflow',
+			'Name'           => 'Microsoft SQL Server Hello Overflow',
 			'Description'    => %q{
 				By sending malformed data to TCP port 1433, an
 				unauthenticated remote attacker could overflow a buffer and
diff --git a/modules/exploits/windows/smb/ms03_049_netapi.rb b/modules/exploits/windows/smb/ms03_049_netapi.rb
index a188c8b8d1..42ec55bb8a 100644
--- a/modules/exploits/windows/smb/ms03_049_netapi.rb
+++ b/modules/exploits/windows/smb/ms03_049_netapi.rb
@@ -10,7 +10,7 @@ class Exploits::Windows::Smb::MS03_049_NETAPI < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,	
-			'Name'           => 'Microsoft NetAddAlternateComputerName MS03-049 Overflow',
+			'Name'           => 'Microsoft Workstation Service NetAddAlternateComputerName Overflow',
 			'Description'    => %q{
         		This module exploits a stack overflow in the NetApi32 NetAddAlternateComputerName
 				function using the Workstation service in Windows XP.
diff --git a/modules/exploits/windows/smb/ms04_011_lsass.rb b/modules/exploits/windows/smb/ms04_011_lsass.rb
index ea67d424c4..ccf5dc20ae 100644
--- a/modules/exploits/windows/smb/ms04_011_lsass.rb
+++ b/modules/exploits/windows/smb/ms04_011_lsass.rb
@@ -14,7 +14,7 @@ class Exploits::Windows::Smb::MS04_011_LSASS < Msf::Exploit::Remote
 	
 	def initialize(info = {})
 		super(update_info(info,
-			'Name'           => 'Microsoft LSASS MSO4-011 Overflow',
+			'Name'           => 'Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow',
 			'Description'    => %q{
 				This module exploits a stack overflow in the LSASS service, this vulnerability
 				was originally found by eEye. When re-exploiting a Windows XP system, you will need
@@ -26,6 +26,8 @@ class Exploits::Windows::Smb::MS04_011_LSASS < Msf::Exploit::Remote
 			'Version'        => '$Revision$',
 			'References'     =>
 				[
+					[ 'BID', '10108' ],
+					[ 'CVE', '2003-0533' ],
 					[ 'OSVDB', '5248'     ],
 					[ 'MSB',   'MS04-011' ],
 					[ 'MIL',   '36' ],
diff --git a/modules/exploits/windows/smb/ms04_031_netdde.rb b/modules/exploits/windows/smb/ms04_031_netdde.rb
index 347715c0f3..369a9d5cf7 100644
--- a/modules/exploits/windows/smb/ms04_031_netdde.rb
+++ b/modules/exploits/windows/smb/ms04_031_netdde.rb
@@ -9,7 +9,7 @@ class Exploits::Windows::Smb::MS04_039_NETDDE < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,	
-			'Name'           => 'Microsoft Network Dynamic Data Exchange Server MS04-031',
+			'Name'           => 'Microsoft NetDDE Service Overflow',
 			'Description'    => %q{
 				This module exploits a stack overflow in the NetDDE service, which is the 
 				precursor to the DCOM interface.  This exploit effects only operating systems
diff --git a/modules/exploits/windows/smb/ms05_039_pnp.rb b/modules/exploits/windows/smb/ms05_039_pnp.rb
index 9a98f0ada9..f4edfc0407 100644
--- a/modules/exploits/windows/smb/ms05_039_pnp.rb
+++ b/modules/exploits/windows/smb/ms05_039_pnp.rb
@@ -10,7 +10,7 @@ class Exploits::Windows::Smb::MS05_039_PNP < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,	
-			'Name'           => 'Microsoft PnP MS05-039 Overflow',
+			'Name'           => 'Microsoft Plug and Play Service Overflow',
 			'Description'    => %q{
 				This module exploits a stack overflow in the Windows Plug
 				and Play service. This vulnerability can be exploited on
diff --git a/modules/exploits/windows/smb/ms06_025_rasmans_reg.rb b/modules/exploits/windows/smb/ms06_025_rasmans_reg.rb
index 79cd9cf515..44a81eb8eb 100644
--- a/modules/exploits/windows/smb/ms06_025_rasmans_reg.rb
+++ b/modules/exploits/windows/smb/ms06_025_rasmans_reg.rb
@@ -10,7 +10,7 @@ class Exploits::Windows::Smb::MS06_025_RASMANS_REG < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,	
-			'Name'           => 'Microsoft RASMAN Registry MS06-025 Overflow',
+			'Name'           => 'Microsoft RRAS Service RASMAN Registry Overflow',
 			'Description'    => %q{
         		This module exploits a registry-based stack overflow in the Windows Routing 
 				and Remote Access Service. Since the service is hosted inside svchost.exe, 
diff --git a/modules/exploits/windows/smb/ms06_025_rras.rb b/modules/exploits/windows/smb/ms06_025_rras.rb
index b67fcf7987..9ddd991c50 100644
--- a/modules/exploits/windows/smb/ms06_025_rras.rb
+++ b/modules/exploits/windows/smb/ms06_025_rras.rb
@@ -10,7 +10,7 @@ class Exploits::Windows::Smb::MS06_025_RRAS < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,	
-			'Name'           => 'Microsoft RRAS MS06-025 Overflow',
+			'Name'           => 'Microsoft RRAS Service Overflow',
 			'Description'    => %q{
         		This module exploits a stack overflow in the Windows Routing and Remote
 				Access Service. Since the service is hosted inside svchost.exe, a failed 
diff --git a/modules/exploits/windows/smb/ms06_040_netapi.rb b/modules/exploits/windows/smb/ms06_040_netapi.rb
index e245835b24..87e7fa51e2 100644
--- a/modules/exploits/windows/smb/ms06_040_netapi.rb
+++ b/modules/exploits/windows/smb/ms06_040_netapi.rb
@@ -10,7 +10,7 @@ class Exploits::Windows::Smb::MS06_040_NETAPI < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,	
-			'Name'           => 'Microsoft NetpwPathCanonicalize MS06-040 Overflow',
+			'Name'           => 'Microsoft Server Service NetpwPathCanonicalize Overflow',
 			'Description'    => %q{
         		This module exploits a stack overflow in the NetApi32 CanonicalizePathName() function
 				using the NetpwPathCanonicalize RPC call in the Server Service. It is likely that
diff --git a/modules/exploits/windows/ssl/ms04_011_pct.rb b/modules/exploits/windows/ssl/ms04_011_pct.rb
index 5680d105b5..4049b37cec 100644
--- a/modules/exploits/windows/ssl/ms04_011_pct.rb
+++ b/modules/exploits/windows/ssl/ms04_011_pct.rb
@@ -8,7 +8,7 @@ class Exploits::Windows::Ssl::MS04_011_PCT < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,	
-			'Name'           => 'Microsoft SSL PCT MS04-011 Overflow',
+			'Name'           => 'Microsoft Private Communications Transport Overflow',
 			'Description'    => %q{
 				This module exploits a buffer overflow in the Microsoft
 				Windows SSL PCT protocol stack. This code is based on Johnny
@@ -25,11 +25,13 @@ class Exploits::Windows::Ssl::MS04_011_PCT < Msf::Exploit::Remote
 				crash of the remote system.
 					
 			},
-			'Author'         => [ 'hdm', 'Johnny Cyberpunk <jcyberpunk@thc.org>' ],
+			'Author'         => [ 'hdm' ],
 			'License'        => MSF_LICENSE,
 			'Version'        => '$Revision$',
 			'References'     =>
 				[
+					[ 'BID', '10116'],
+					[ 'CVE', '2003-0719'],
 					[ 'OSVDB', '5250'],
 					[ 'MSB', 'MS04-011'],
 					[ 'MIL', '77'],
@@ -114,7 +116,7 @@ class Exploits::Windows::Ssl::MS04_011_PCT < Msf::Exploit::Remote
 		
 		# This is a heap ptr to the ssl request
 		# ... and just happens to not die ...
-		# Thanks to Core ST, Halvar, JohnnyC :)
+		# Thanks to CORE and Halvar
 		#
 		#   80620101     =>  and byte ptr [esi+1], 0x2
 		#   bd00010001   =>  mov ebp, 0x1000100
diff --git a/modules/exploits/windows/wins/ms04_045_wins.rb b/modules/exploits/windows/wins/ms04_045_wins.rb
index 6268892665..db04dbdc53 100644
--- a/modules/exploits/windows/wins/ms04_045_wins.rb
+++ b/modules/exploits/windows/wins/ms04_045_wins.rb
@@ -8,7 +8,7 @@ class Exploits::Windows::Wins::MS04_045 < Msf::Exploit::Remote
 
 	def initialize(info = {})
 		super(update_info(info,	
-			'Name'           => 'Microsoft WINS MS04-045 Code Execution',
+			'Name'           => 'Microsoft WINS Service Memory Overwrite',
 			'Description'    => %q{
 				This module exploits a arbitrary memory write flaw in the
 				WINS service. This exploit has been tested against Windows