add CVE for cognos express

git-svn-id: file:///home/svn/framework3/trunk@9502 4d416f70-5f16-0410-b530-b9f4589650da

modules/auxiliary/scanner/http/tomcat_mgr_login.rb

@@ -36,6 +36,7 @@ class Metasploit3 < Msf::Auxiliary
 					[ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-09-085/' ],
 					# IBM Cognos Express Default user/pass
 					[ 'BID', '38084' ],
+					[ 'CVE', '2010-0557' ],
 					[ 'URL', 'http://www-01.ibm.com/support/docview.wss?uid=swg21419179' ],
 					# General
 					[ 'URL', 'http://tomcat.apache.org/' ]

modules/exploits/multi/http/tomcat_mgr_deploy.rb

@@ -82,6 +82,7 @@ class Metasploit3 < Msf::Exploit::Remote
 				OptBool.new('VERBOSE', [ false, 'Enable verbose output', false ]),
 				OptString.new('USERNAME', [ false, 'The username to authenticate as' ]),
 				OptString.new('PASSWORD', [ false, 'The password for the specified username' ]),
+				# /cognos_express/manager/ for Cognos Express (19300)
 				OptString.new('PATH', [ true,  "The URI path of the manager app (/deploy and /undeploy will be used)", '/manager'])
 			], self.class)
 	end
@@ -90,9 +91,6 @@ class Metasploit3 < Msf::Exploit::Remote
 	def auto_target
 		print_status("Attempting to automatically select a target...")
 
-
-		# /cognos_express/manager/ for Cognos Express (19300)
-
 		path = datastore['PATH'] + '/serverinfo'
 		res = send_request_raw(
 			{