From 14850cd387ccba2303229351ed74d14af94b8f1e Mon Sep 17 00:00:00 2001 From: Steve Tornio Date: Sat, 22 Jun 2013 07:28:04 -0500 Subject: [PATCH 1/3] reference updates for multiple modules --- modules/exploits/unix/http/freepbx_callmenum.rb | 3 ++- modules/exploits/unix/smtp/exim4_string_format.rb | 6 +++--- modules/exploits/unix/webapp/joomla_comjce_imgmanager.rb | 7 ++++--- modules/exploits/unix/webapp/mybb_backdoor.rb | 1 + .../exploits/unix/webapp/zoneminder_packagecontrol_exec.rb | 5 ++++- .../exploits/windows/fileformat/apple_quicktime_pnsize.rb | 2 ++ modules/exploits/windows/fileformat/bsplayer_m3u.rb | 1 + modules/exploits/windows/fileformat/cutezip_bof.rb | 3 ++- modules/exploits/windows/fileformat/gta_samp.rb | 1 + .../windows/fileformat/mcafee_hercules_deletesnapshot.rb | 3 ++- modules/exploits/windows/fileformat/mini_stream_pls_bof.rb | 1 + .../windows/fileformat/real_networks_netzip_bof.rb | 5 +++-- .../windows/fileformat/shadow_stream_recorder_bof.rb | 5 +++-- .../windows/fileformat/subtitle_processor_m3u_bof.rb | 3 ++- 14 files changed, 31 insertions(+), 15 deletions(-) diff --git a/modules/exploits/unix/http/freepbx_callmenum.rb b/modules/exploits/unix/http/freepbx_callmenum.rb index 505e9a5d9e..5a2cf73df7 100644 --- a/modules/exploits/unix/http/freepbx_callmenum.rb +++ b/modules/exploits/unix/http/freepbx_callmenum.rb @@ -32,7 +32,8 @@ class Metasploit3 < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ - [ 'CVE', '2005-2561' ], + [ 'CVE', '2012-4869' ], + [ 'OSVDB', '80544' ], [ 'EDB', '18649' ] ], 'Platform' => ['unix'], diff --git a/modules/exploits/unix/smtp/exim4_string_format.rb b/modules/exploits/unix/smtp/exim4_string_format.rb index c2f44a16f8..b524233914 100644 --- a/modules/exploits/unix/smtp/exim4_string_format.rb +++ b/modules/exploits/unix/smtp/exim4_string_format.rb @@ -51,10 +51,10 @@ class Metasploit3 < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-4344' ], - [ 'OSVDB', '69685' ], - [ 'BID', '45308' ], [ 'CVE', '2010-4345' ], - #[ 'OSVDB', '' ], + [ 'OSVDB', '69685' ], + [ 'OSVDB', '69860' ], + [ 'BID', '45308' ], [ 'BID', '45341' ], [ 'URL', 'http://seclists.org/oss-sec/2010/q4/311' ], [ 'URL', 'http://www.gossamer-threads.com/lists/exim/dev/89477' ], diff --git a/modules/exploits/unix/webapp/joomla_comjce_imgmanager.rb b/modules/exploits/unix/webapp/joomla_comjce_imgmanager.rb index b2699c66d7..7bbc1d8faa 100644 --- a/modules/exploits/unix/webapp/joomla_comjce_imgmanager.rb +++ b/modules/exploits/unix/webapp/joomla_comjce_imgmanager.rb @@ -33,8 +33,9 @@ class Metasploit3 < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ - ['BID', '49338'], - ['EDB', '17734'] + ['OSVDB', '74839'], + ['EDB', '17734'], + ['BID', '49338'] ], 'Payload' => { @@ -192,4 +193,4 @@ class Metasploit3 < Msf::Exploit::Remote end -end \ No newline at end of file +end diff --git a/modules/exploits/unix/webapp/mybb_backdoor.rb b/modules/exploits/unix/webapp/mybb_backdoor.rb index d6d421da5c..0d08b59604 100644 --- a/modules/exploits/unix/webapp/mybb_backdoor.rb +++ b/modules/exploits/unix/webapp/mybb_backdoor.rb @@ -26,6 +26,7 @@ class Metasploit3 < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '76111' ], [ 'BID', '49993' ], [ 'SECUNIA', '46300' ], [ 'URL', 'http://blog.mybb.com/2011/10/06/1-6-4-security-vulnerabilit/' ], diff --git a/modules/exploits/unix/webapp/zoneminder_packagecontrol_exec.rb b/modules/exploits/unix/webapp/zoneminder_packagecontrol_exec.rb index 0920ef652d..e31405d28b 100644 --- a/modules/exploits/unix/webapp/zoneminder_packagecontrol_exec.rb +++ b/modules/exploits/unix/webapp/zoneminder_packagecontrol_exec.rb @@ -25,7 +25,10 @@ class Metasploit3 < Msf::Exploit::Remote }, 'References' => [ - ['URL', 'http://itsecuritysolutions.org/2013-01-22-ZoneMinder-Video-Server-arbitrary-command-execution-vulnerability/'], + ['CVE', '2013-0232'], + ['OSVDB', '89529'], + ['EDB', '24310'], + ['URL', 'http://itsecuritysolutions.org/2013-01-22-ZoneMinder-Video-Server-arbitrary-command-execution-vulnerability/'] ], 'Author' => [ diff --git a/modules/exploits/windows/fileformat/apple_quicktime_pnsize.rb b/modules/exploits/windows/fileformat/apple_quicktime_pnsize.rb index 9ac8e2435e..d2c8cbf420 100644 --- a/modules/exploits/windows/fileformat/apple_quicktime_pnsize.rb +++ b/modules/exploits/windows/fileformat/apple_quicktime_pnsize.rb @@ -29,6 +29,8 @@ class Metasploit3 < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-0257' ], + [ 'OSVDB', '74687' ], + [ 'EDB', '17777' ], [ 'BID', '49144' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/bsplayer_m3u.rb b/modules/exploits/windows/fileformat/bsplayer_m3u.rb index b52c447742..5462076a2e 100644 --- a/modules/exploits/windows/fileformat/bsplayer_m3u.rb +++ b/modules/exploits/windows/fileformat/bsplayer_m3u.rb @@ -30,6 +30,7 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '82528' ], [ 'EDB', '15934' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/cutezip_bof.rb b/modules/exploits/windows/fileformat/cutezip_bof.rb index 109df2d824..2cbf1ddc4c 100644 --- a/modules/exploits/windows/fileformat/cutezip_bof.rb +++ b/modules/exploits/windows/fileformat/cutezip_bof.rb @@ -34,8 +34,9 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ - [ 'BID', '46375' ], + [ 'OSVDB', '85709' ], [ 'EDB', '16162' ], + [ 'BID', '46375' ] ], 'Platform' => [ 'win' ], 'Payload' => diff --git a/modules/exploits/windows/fileformat/gta_samp.rb b/modules/exploits/windows/fileformat/gta_samp.rb index 26f6865d40..50d6d4d3f3 100644 --- a/modules/exploits/windows/fileformat/gta_samp.rb +++ b/modules/exploits/windows/fileformat/gta_samp.rb @@ -28,6 +28,7 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '83433' ], [ 'EDB', '17893' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/mcafee_hercules_deletesnapshot.rb b/modules/exploits/windows/fileformat/mcafee_hercules_deletesnapshot.rb index 232faab382..bab975b7c6 100644 --- a/modules/exploits/windows/fileformat/mcafee_hercules_deletesnapshot.rb +++ b/modules/exploits/windows/fileformat/mcafee_hercules_deletesnapshot.rb @@ -25,7 +25,8 @@ class Metasploit3 < Msf::Exploit::Remote 'Author' => [ 'MC' ], 'References' => [ - [ 'URL', 'http://www.metasploit.com' ], + [ 'EDB', '16639' ], + [ 'URL', 'http://www.metasploit.com' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/fileformat/mini_stream_pls_bof.rb b/modules/exploits/windows/fileformat/mini_stream_pls_bof.rb index 9620228327..9f3f67d5b8 100644 --- a/modules/exploits/windows/fileformat/mini_stream_pls_bof.rb +++ b/modules/exploits/windows/fileformat/mini_stream_pls_bof.rb @@ -29,6 +29,7 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '78078' ], [ 'EDB', '14373' ], [ 'BID', '34514' ], ], diff --git a/modules/exploits/windows/fileformat/real_networks_netzip_bof.rb b/modules/exploits/windows/fileformat/real_networks_netzip_bof.rb index 5d8add038b..fe861dd971 100644 --- a/modules/exploits/windows/fileformat/real_networks_netzip_bof.rb +++ b/modules/exploits/windows/fileformat/real_networks_netzip_bof.rb @@ -31,9 +31,10 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ - [ 'BID', '46059' ], - [ 'URL', 'http://proforma.real.com' ], + [ 'OSVDB', '83436' ], [ 'EDB', '16083' ], + [ 'BID', '46059' ], + [ 'URL', 'http://proforma.real.com' ] ], 'Platform' => [ 'win' ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/shadow_stream_recorder_bof.rb b/modules/exploits/windows/fileformat/shadow_stream_recorder_bof.rb index 742f36a6de..f2ed17723c 100644 --- a/modules/exploits/windows/fileformat/shadow_stream_recorder_bof.rb +++ b/modules/exploits/windows/fileformat/shadow_stream_recorder_bof.rb @@ -29,8 +29,9 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ - [ 'BID', '34864' ], - [ 'EDB', '11957' ] + [ 'OSVDB', '81487' ], + [ 'EDB', '11957' ], + [ 'BID', '34864' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/fileformat/subtitle_processor_m3u_bof.rb b/modules/exploits/windows/fileformat/subtitle_processor_m3u_bof.rb index 0beb3762c7..766d376402 100644 --- a/modules/exploits/windows/fileformat/subtitle_processor_m3u_bof.rb +++ b/modules/exploits/windows/fileformat/subtitle_processor_m3u_bof.rb @@ -31,8 +31,9 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ - [ 'URL', 'http://sourceforge.net/projects/subtitleproc/' ], + [ 'OSVDB', '72050' ], [ 'EDB', '17217' ], + [ 'URL', 'http://sourceforge.net/projects/subtitleproc/' ] ], 'Payload' => { From 1e25dedb664ed41d18ebfab6f78023ecdf5f49ec Mon Sep 17 00:00:00 2001 From: Steve Tornio Date: Sat, 22 Jun 2013 07:31:47 -0500 Subject: [PATCH 2/3] fix formatting --- modules/exploits/windows/fileformat/apple_quicktime_pnsize.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/exploits/windows/fileformat/apple_quicktime_pnsize.rb b/modules/exploits/windows/fileformat/apple_quicktime_pnsize.rb index d2c8cbf420..604c3a512a 100644 --- a/modules/exploits/windows/fileformat/apple_quicktime_pnsize.rb +++ b/modules/exploits/windows/fileformat/apple_quicktime_pnsize.rb @@ -31,7 +31,7 @@ class Metasploit3 < Msf::Exploit::Remote [ 'CVE', '2011-0257' ], [ 'OSVDB', '74687' ], [ 'EDB', '17777' ], - [ 'BID', '49144' ], + [ 'BID', '49144' ] ], 'DefaultOptions' => { From 427f063c48a26dc8b7f7693319d1ad895db6a199 Mon Sep 17 00:00:00 2001 From: Steve Tornio Date: Sat, 22 Jun 2013 07:32:29 -0500 Subject: [PATCH 3/3] fix formatting --- modules/exploits/windows/fileformat/mini_stream_pls_bof.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/exploits/windows/fileformat/mini_stream_pls_bof.rb b/modules/exploits/windows/fileformat/mini_stream_pls_bof.rb index 9f3f67d5b8..5e477f4658 100644 --- a/modules/exploits/windows/fileformat/mini_stream_pls_bof.rb +++ b/modules/exploits/windows/fileformat/mini_stream_pls_bof.rb @@ -31,7 +31,7 @@ class Metasploit3 < Msf::Exploit::Remote [ [ 'OSVDB', '78078' ], [ 'EDB', '14373' ], - [ 'BID', '34514' ], + [ 'BID', '34514' ] ], 'DefaultOptions' => {