infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix typos 

git-svn-id: file:///home/svn/framework3/trunk@9066 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Joshua Drake 2010-04-14 00:37:06 +00:00
parent a97e4c78bd
commit 7788873235
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
modules/exploits/linux/mysql/mysql_yassl_getname.rb
View File

@ -28,8 +28,8 @@ class Metasploit3 < Msf::Exploit::Remote
client certificate, an attacker can execute arbitrary code.
This vulnerability is present within the CertDecoder::GetName function inside
./taocrypt/src/asn.cpp. However, the stack buffer that is written to exists
within a parent function stack frame.
"taocrypt/src/asn.cpp". However, the stack buffer that is written to exists
within a parent function's stack frame.
NOTE: This vulnerability requires a non-default configuration. First, the attacker
must be able to pass the host-based authentication. Next, the server must be
@ -41,7 +41,7 @@ class Metasploit3 < Msf::Exploit::Remote
Testing was also done with mysql on Ubuntu 9.04. Although the vulnerable code is
present, both version 5.5.0-m2 built from source and version 5.0.75 from a binary
pacakge were not exploitable due to the use of the compiler's FORTIFY feature.
package were not exploitable due to the use of the compiler's FORTIFY feature.
Although suse11 was mentioned in the original blog post, the binary package they
provide does not contain yaSSL or support SSL.