infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update description

bug/bundler_fix
Christian Mehlmauer 2015-12-16 14:46:00 +01:00
parent fa3fb1affc
commit 67eba0d708
No known key found for this signature in database
GPG Key ID: DCF54A05D6E62591
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
modules/exploits/multi/http/joomla_http_header_rce.rb
View File

@ -19,7 +19,8 @@ class Metasploit3 < Msf::Exploit::Remote
by sending an UTF-8 character. The custom created payload is then executed once the session is read
from the databse. You also need to have a PHP version before 5.4.45 (including 5.3.x), 5.5.29 or 5.6.13.
In later versions the deserialisation of invalid session data stops on the first error and the
exploit will not work.
exploit will not work. On Ubuntu the PHP Patch was included in versions 5.5.9+dfsg-1ubuntu4.13 and
5.3.10-1ubuntu3.20.
},
'Author' =>
[