From 655601968eb772d1e1d2232ba3767dbe2f1d6648 Mon Sep 17 00:00:00 2001
From: Metasploit <metasploit@rapid7.com>
Date: Mon, 3 Dec 2018 14:41:29 -0800
Subject: [PATCH] automatic module_metadata_base.json update

---
 db/modules_metadata_base.json | 44 +++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)

diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
index 7d304c73e0..a1471b321e 100644
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@@ -74136,6 +74136,50 @@
     "notes": {
     }
   },
+  "exploit_unix/local/emacs_movemail": {
+    "name": "Emacs movemail Privilege Escalation",
+    "full_name": "exploit/unix/local/emacs_movemail",
+    "rank": 600,
+    "disclosure_date": "1986-08-01",
+    "type": "exploit",
+    "author": [
+      "Markus Hess",
+      "Cliff Stoll",
+      "wvu <wvu@metasploit.com>"
+    ],
+    "description": "This module exploits a SUID installation of the Emacs movemail utility\n        to run a command as root by writing to 4.3BSD's /usr/lib/crontab.local.\n        The vulnerability is documented in Cliff Stoll's book The Cuckoo's Egg.",
+    "references": [
+      "URL-https://en.wikipedia.org/wiki/Movemail",
+      "URL-https://en.wikipedia.org/wiki/The_Cuckoo%27s_Egg",
+      "URL-http://pdf.textfiles.com/academics/wilyhacker.pdf",
+      "URL-https://www.gnu.org/software/emacs/manual/html_node/efaq/Security-risks-with-Emacs.html",
+      "URL-https://www.gnu.org/software/emacs/manual/html_node/emacs/Movemail.html",
+      "URL-https://mailutils.org/manual/html_node/movemail.html"
+    ],
+    "is_server": true,
+    "is_client": false,
+    "platform": "Unix",
+    "arch": "cmd",
+    "rport": null,
+    "autofilter_ports": [
+
+    ],
+    "autofilter_services": [
+
+    ],
+    "targets": [
+      "/usr/lib/crontab.local"
+    ],
+    "mod_time": "2018-12-03 12:22:40 +0000",
+    "path": "/modules/exploits/unix/local/emacs_movemail.rb",
+    "is_install_path": true,
+    "ref_name": "unix/local/emacs_movemail",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+    }
+  },
   "exploit_unix/local/exim_perl_startup": {
     "name": "Exim \"perl_startup\" Privilege Escalation",
     "full_name": "exploit/unix/local/exim_perl_startup",