infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

automatic module_metadata_base.json update

GSoC/Meterpreter_Web_Console
Metasploit 2018-08-30 08:55:58 -07:00
parent 6ec8522786
commit 6ba9307a61
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
1 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
db/modules_metadata_base.json
View File

@ -37240,6 +37240,45 @@
"post_auth": false,
"default_credential": false
},
"exploit_linux/local/network_manager_vpnc_username_priv_esc": {
"name": "Network Manager VPNC Username Privilege Escalation",
"full_name": "exploit/linux/local/network_manager_vpnc_username_priv_esc",
"rank": 600,
"disclosure_date": "2018-07-26",
"type": "exploit",
"author": [
"Denis Andzakovic",
"Brendan Coles"
],
"description": "This module exploits an injection vulnerability in the Network Manager\n VPNC plugin to gain root privileges.\n\n This module uses a new line injection vulnerability in the configured\n username for a VPN network connection to inject a `Password helper`\n configuration directive into the connection configuration.\n\n The specified helper is executed by Network Manager as root when the\n connection is started.\n\n Network Manager VPNC versions prior to 1.2.6 are vulnerable.\n\n This module has been tested successfully with VPNC versions:\n 1.2.4-4 on Debian 9.0.0 (x64); and\n 1.1.93-1 on Ubuntu Linux 16.04.4 (x64).",
"references": [
"CVE-2018-10900",
"URL-http://seclists.org/oss-sec/2018/q3/51",
"URL-https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc",
"URL-https://gitlab.gnome.org/GNOME/NetworkManager-vpnc/commit/07ac18a32b4",
"URL-https://security-tracker.debian.org/tracker/CVE-2018-10900",
"URL-https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-10900.html",
"URL-https://launchpad.net/ubuntu/+source/network-manager-vpnc/0.9.8.6-1ubuntu2.1",
"URL-https://www.debian.org/security/2018/dsa-4253",
"URL-https://bugzilla.redhat.com/show_bug.cgi?id=1605919",
"URL-https://bugzilla.novell.com/show_bug.cgi?id=1101147"
],
"is_server": true,
"is_client": false,
"platform": "Linux",
"arch": "x86, x64",
"rport": null,
"targets": [
"Auto"
],
"mod_time": "2018-08-19 08:15:04 +0000",
"path": "/modules/exploits/linux/local/network_manager_vpnc_username_priv_esc.rb",
"is_install_path": true,
"ref_name": "linux/local/network_manager_vpnc_username_priv_esc",
"check": true,
"post_auth": false,
"default_credential": false
},
"exploit_linux/local/ntfs3g_priv_esc": {
"name": "Debian/Ubuntu ntfs-3g Local Privilege Escalation",
"full_name": "exploit/linux/local/ntfs3g_priv_esc",