Resolve #6807, remove all OSVDB references.
OSVDB is no longer a vulnerability database, therefore all the references linked to it are invalid. Resolve #6807bug/bundler_fix
parent
9713124e54
commit
816bc91e45
|
@ -1,4 +1,4 @@
|
|||
# Compiled by RSnake 02/01/2010 Mostly from milw0rm osvdb.org and elsewhere.
|
||||
# Compiled by RSnake 02/01/2010 Mostly from milw0rm and elsewhere.
|
||||
# Change XXpathXX to the path of your backdoor. Note that you may need to
|
||||
# try it against every directory on the target and because of how this was
|
||||
# culled you may need to add a question mark to your own XXpathXX URL:
|
||||
|
|
|
@ -182,7 +182,6 @@ module Msf::DBManager::Import::Nmap
|
|||
:info => 'Microsoft Windows Server Service Crafted RPC Request Handling Unspecified Remote Code Execution',
|
||||
:refs =>['CVE-2008-4250',
|
||||
'BID-31874',
|
||||
'OSVDB-49243',
|
||||
'CWE-94',
|
||||
'MSFT-MS08-067',
|
||||
'MSF-Microsoft Server Service Relative Path Stack Corruption',
|
||||
|
@ -204,8 +203,6 @@ module Msf::DBManager::Import::Nmap
|
|||
'BID-18325',
|
||||
'BID-18358',
|
||||
'BID-18424',
|
||||
'OSVDB-26436',
|
||||
'OSVDB-26437',
|
||||
'MSFT-MS06-025',
|
||||
'MSF-Microsoft RRAS Service RASMAN Registry Overflow',
|
||||
'NSS-21689']
|
||||
|
@ -224,7 +221,6 @@ module Msf::DBManager::Import::Nmap
|
|||
:info => 'Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution',
|
||||
# Add more refs based on nessus/nexpose .. results
|
||||
:refs =>['CVE-2007-1748',
|
||||
'OSVDB-34100',
|
||||
'MSF-Microsoft DNS RPC Service extractQuotedChar()',
|
||||
'NSS-25168']
|
||||
}
|
||||
|
|
|
@ -158,7 +158,6 @@ module Msf::DBManager::ModuleCache
|
|||
# +edb+:: Matches modules with the given Exploit-DB ID.
|
||||
# +name+:: Matches modules with the given full name or name.
|
||||
# +os+, +platform+:: Matches modules with the given platform or target name.
|
||||
# +osvdb+:: Matches modules with the given OSVDB ID.
|
||||
# +ref+:: Matches modules with the given reference ID.
|
||||
# +type+:: Matches modules with the given type.
|
||||
#
|
||||
|
@ -277,7 +276,7 @@ module Msf::DBManager::ModuleCache
|
|||
|
||||
query = query.includes(:refs).references(:refs)
|
||||
union_conditions << Mdm::Module::Ref.arel_table[:name].matches_any(formatted_values)
|
||||
when 'cve', 'bid', 'osvdb', 'edb'
|
||||
when 'cve', 'bid', 'edb'
|
||||
formatted_values = value_set.collect { |value|
|
||||
prefix = keyword.upcase
|
||||
|
||||
|
|
|
@ -77,7 +77,7 @@ class Msf::Module::SiteReference < Msf::Module::Reference
|
|||
|
||||
#
|
||||
# Initializes a site reference from an array. ary[0] is the site and
|
||||
# ary[1] is the site context identifier, such as OSVDB.
|
||||
# ary[1] is the site context identifier, such as CVE.
|
||||
#
|
||||
def self.from_a(ary)
|
||||
return nil if (ary.length < 2)
|
||||
|
@ -95,9 +95,7 @@ class Msf::Module::SiteReference < Msf::Module::Reference
|
|||
self.ctx_id = in_ctx_id
|
||||
self.ctx_val = in_ctx_val
|
||||
|
||||
if (in_ctx_id == 'OSVDB')
|
||||
self.site = "http://www.osvdb.org/#{in_ctx_val}"
|
||||
elsif (in_ctx_id == 'CVE')
|
||||
if (in_ctx_id == 'CVE')
|
||||
self.site = "http://cvedetails.com/cve/#{in_ctx_val}/"
|
||||
elsif (in_ctx_id == 'CWE')
|
||||
self.site = "https://cwe.mitre.org/data/definitions/#{in_ctx_val}.html"
|
||||
|
@ -150,7 +148,7 @@ class Msf::Module::SiteReference < Msf::Module::Reference
|
|||
#
|
||||
attr_reader :site
|
||||
#
|
||||
# The context identifier of the site, such as OSVDB.
|
||||
# The context identifier of the site, such as CVE.
|
||||
#
|
||||
attr_reader :ctx_id
|
||||
#
|
||||
|
|
|
@ -86,8 +86,6 @@ module Msf::Module::Search
|
|||
match = [t,w] if refs.any? { |ref| ref =~ /^cve\-/i and ref =~ r }
|
||||
when 'bid'
|
||||
match = [t,w] if refs.any? { |ref| ref =~ /^bid\-/i and ref =~ r }
|
||||
when 'osvdb'
|
||||
match = [t,w] if refs.any? { |ref| ref =~ /^osvdb\-/i and ref =~ r }
|
||||
when 'edb'
|
||||
match = [t,w] if refs.any? { |ref| ref =~ /^edb\-/i and ref =~ r }
|
||||
end
|
||||
|
|
|
@ -1605,7 +1605,6 @@ class Core
|
|||
'cve' => 'Modules with a matching CVE ID',
|
||||
'edb' => 'Modules with a matching Exploit-DB ID',
|
||||
'name' => 'Modules with a matching descriptive name',
|
||||
'osvdb' => 'Modules with a matching OSVDB ID',
|
||||
'platform' => 'Modules affecting this platform',
|
||||
'ref' => 'Modules with a matching ref',
|
||||
'type' => 'Modules of a specific type (exploit, auxiliary, or post)',
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2007-4387' ],
|
||||
[ 'OSVDB', '37667' ],
|
||||
[ 'BID', '36075' ],
|
||||
[ 'URL', 'http://seclists.org/bugtraq/2007/Aug/225' ],
|
||||
],
|
||||
|
|
|
@ -38,7 +38,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' => [
|
||||
[ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2014/09/15/major-android-bug-is-a-privacy-disaster-cve-2014-6041'],
|
||||
[ 'URL', 'http://1337day.com/exploit/description/22581' ],
|
||||
[ 'OSVDB', '110664' ],
|
||||
[ 'CVE', '2014-6041' ]
|
||||
],
|
||||
'DefaultAction' => 'WebServer'
|
||||
|
|
|
@ -27,7 +27,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
['CVE', '2005-2611'],
|
||||
['OSVDB', '18695'],
|
||||
['BID', '14551'],
|
||||
['URL', 'http://www.fpns.net/willy/msbksrc.lzh'],
|
||||
],
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
[ 'OSVDB', '17627' ],
|
||||
[ 'CVE', '2005-0771' ],
|
||||
[ 'URL', 'http://www.idefense.com/application/poi/display?id=269&type=vulnerabilities'],
|
||||
],
|
||||
|
|
|
@ -28,8 +28,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[
|
||||
[ 'BID', '19680' ],
|
||||
[ 'CVE', '2006-4313' ],
|
||||
[ 'OSVDB', '28139' ],
|
||||
[ 'OSVDB', '28138' ]
|
||||
],
|
||||
'DisclosureDate' => 'Aug 23 2006'))
|
||||
|
||||
|
|
|
@ -23,7 +23,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2004-0795' ],
|
||||
[ 'OSVDB', '4180' ],
|
||||
[ 'BID', '9821' ],
|
||||
],
|
||||
'DisclosureDate' => 'Mar 4 2004'))
|
||||
|
|
|
@ -22,7 +22,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
},
|
||||
'References' =>
|
||||
[
|
||||
['OSVDB', '60035'],
|
||||
],
|
||||
'Author' => 'hdm',
|
||||
'License' => MSF_LICENSE
|
||||
|
|
|
@ -22,7 +22,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[
|
||||
[ 'CVE', '2008-0926' ],
|
||||
[ 'BID', '28441' ],
|
||||
[ 'OSVDB', '43690' ]
|
||||
],
|
||||
'Author' =>
|
||||
[
|
||||
|
|
|
@ -22,7 +22,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=703' ],
|
||||
[ 'OSVDB', '45715' ],
|
||||
[ 'CVE', '2008-2157' ],
|
||||
[ 'BID', '29398' ],
|
||||
],
|
||||
|
|
|
@ -23,7 +23,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[
|
||||
[ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=703' ],
|
||||
[ 'CVE', '2008-2157' ],
|
||||
[ 'OSVDB', '45715' ],
|
||||
[ 'BID', '29398' ],
|
||||
],
|
||||
'DisclosureDate' => 'May 27 2008'))
|
||||
|
|
|
@ -31,7 +31,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2011-0923' ],
|
||||
[ 'OSVDB', '72526' ],
|
||||
[ 'ZDI', '11-055' ],
|
||||
[ 'URL', 'http://hackarandas.com/blog/2011/08/04/hp-data-protector-remote-shell-for-hpux' ]
|
||||
],
|
||||
|
|
|
@ -23,7 +23,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2013-4824' ],
|
||||
[ 'OSVDB', '98249' ],
|
||||
[ 'BID', '62902' ],
|
||||
[ 'ZDI', '13-240' ],
|
||||
[ 'URL', 'https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03943547' ]
|
||||
|
|
|
@ -29,7 +29,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[
|
||||
[ 'US-CERT-VU', '586556' ],
|
||||
[ 'CVE', '2012-4940' ],
|
||||
[ 'OSVDB', '86802' ]
|
||||
],
|
||||
'Actions' =>
|
||||
[
|
||||
|
|
|
@ -20,7 +20,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
},
|
||||
'References' =>
|
||||
[
|
||||
[ 'OSVDB', '54551' ],
|
||||
[ 'URL', 'http://www.aushack.com/200904-contentkeeper.txt' ],
|
||||
],
|
||||
'Author' => [ 'patrick' ],
|
||||
|
|
|
@ -24,7 +24,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
[ 'OSVDB', '89861' ],
|
||||
[ 'EDB', '24453' ],
|
||||
[ 'URL', 'http://www.dlink.com/uk/en/home-solutions/connect/routers/dir-600-wireless-n-150-home-router' ],
|
||||
[ 'URL', 'http://www.s3cur1ty.de/home-network-horror-days' ],
|
||||
|
|
|
@ -20,7 +20,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
},
|
||||
'References' =>
|
||||
[
|
||||
[ 'OSVDB', '90733' ],
|
||||
[ 'BID', '58231' ],
|
||||
[ 'PACKETSTORM', '120591' ]
|
||||
],
|
||||
|
|
|
@ -21,7 +21,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'EDB', '25252' ],
|
||||
[ 'OSVDB', '93013' ],
|
||||
[ 'URL', 'http://www.s3cur1ty.de/m1adv2013-018' ]
|
||||
],
|
||||
'Author' => [
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
['BID', '60835'],
|
||||
['CVE', '2013-2113'],
|
||||
['CWE', '915'],
|
||||
['OSVDB', '94655'],
|
||||
['URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=966804'],
|
||||
['URL', 'http://projects.theforeman.org/issues/2630']
|
||||
],
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
[ 'OSVDB', '5798' ],
|
||||
[ 'BID', '10224' ],
|
||||
#[ 'CVE', '' ],# No CVE!
|
||||
[ 'EDB', '294' ]
|
||||
|
|
|
@ -20,7 +20,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2010-2731' ],
|
||||
[ 'OSVDB', '66160' ],
|
||||
[ 'MSB', 'MS10-065' ],
|
||||
[ 'URL', 'http://soroush.secproject.com/blog/2010/07/iis5-1-directory-authentication-bypass-by-using-i30index_allocation/' ]
|
||||
],
|
||||
|
|
|
@ -20,7 +20,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
},
|
||||
'References' =>
|
||||
[
|
||||
[ 'OSVDB', '55586' ],
|
||||
[ 'CVE', '2009-2367' ],
|
||||
],
|
||||
'Author' => [ 'patrick' ],
|
||||
|
|
|
@ -24,7 +24,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2010-0738' ], # using a VERB other than GET/POST
|
||||
[ 'OSVDB', '64171' ],
|
||||
[ 'URL', 'http://www.redteam-pentesting.de/publications/jboss' ],
|
||||
[ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=574105' ]
|
||||
],
|
||||
|
|
|
@ -23,7 +23,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2010-0738' ], # using a VERB other than GET/POST
|
||||
[ 'OSVDB', '64171' ],
|
||||
[ 'URL', 'http://www.redteam-pentesting.de/publications/jboss' ],
|
||||
[ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=574105' ]
|
||||
],
|
||||
|
|
|
@ -31,7 +31,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2010-1871' ],
|
||||
[ 'OSVDB', '66881']
|
||||
],
|
||||
'DefaultTarget' => 0,
|
||||
'DisclosureDate' => 'Jul 19 2010'))
|
||||
|
|
|
@ -23,7 +23,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
[ 'OSVDB', '89912' ],
|
||||
[ 'BID', '57760' ],
|
||||
[ 'EDB', '24475' ],
|
||||
[ 'URL', 'http://www.s3cur1ty.de/m1adv2013-004' ]
|
||||
|
|
|
@ -27,7 +27,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'EDB', '31758' ],
|
||||
[ 'OSVDB', '103521' ],
|
||||
[ 'URL', 'http://www.devttys0.com/2014/02/wrt120n-fprintf-stack-overflow/' ] # a huge amount of details about this vulnerability and the original exploit
|
||||
],
|
||||
'DisclosureDate' => 'Feb 19 2014'))
|
||||
|
|
|
@ -33,7 +33,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[ 'URL', 'http://www.s3cur1ty.de/attacking-linksys-wrt54gl' ],
|
||||
[ 'EDB', '24202' ],
|
||||
[ 'BID', '57459' ],
|
||||
[ 'OSVDB', '89421' ]
|
||||
],
|
||||
'DefaultTarget' => 0,
|
||||
'DisclosureDate' => 'Jan 18 2013'))
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
['CVE', '2014-7862'],
|
||||
['OSVDB', '116554'],
|
||||
['URL', 'http://seclists.org/fulldisclosure/2015/Jan/2'],
|
||||
['URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_dc9_admin.txt'],
|
||||
],
|
||||
|
|
|
@ -35,7 +35,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
['CVE', '2014-7863'],
|
||||
['OSVDB', '117696'],
|
||||
['URL', 'http://seclists.org/fulldisclosure/2015/Jan/114'],
|
||||
['URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_failservlet.txt']
|
||||
],
|
||||
|
|
|
@ -33,7 +33,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
['CVE', '2014-7863'],
|
||||
['OSVDB', '117695'],
|
||||
['URL', 'http://seclists.org/fulldisclosure/2015/Jan/114'],
|
||||
['URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_failservlet.txt']
|
||||
],
|
||||
|
|
|
@ -33,7 +33,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2014-8499' ],
|
||||
[ 'OSVDB', '114485' ],
|
||||
[ 'URL', 'http://seclists.org/fulldisclosure/2014/Nov/18' ],
|
||||
[ 'URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_pmp_privesc.txt' ],
|
||||
],
|
||||
|
|
|
@ -27,7 +27,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2014-5445' ],
|
||||
[ 'OSVDB', '115340' ],
|
||||
[ 'URL', 'http://seclists.org/fulldisclosure/2014/Dec/9' ],
|
||||
[ 'URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_netflow_it360_file_dl.txt' ]
|
||||
],
|
||||
|
|
|
@ -31,7 +31,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'BID', '72640' ],
|
||||
[ 'OSVDB', '118316' ],
|
||||
[ 'URL', 'https://github.com/darkarnium/secpub/tree/master/NetGear/SOAPWNDR' ]
|
||||
],
|
||||
'Author' =>
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2011-2750' ],
|
||||
[ 'OSVDB', '73729' ],
|
||||
[ 'URL', 'http://aluigi.org/adv/nfr_2-adv.txt'],
|
||||
]
|
||||
))
|
||||
|
|
|
@ -30,7 +30,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
['CVE', '2013-3617'],
|
||||
['OSVDB', '99141'],
|
||||
['BID', '63431'],
|
||||
['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats']
|
||||
],
|
||||
|
|
|
@ -38,7 +38,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2013-0233'],
|
||||
[ 'OSVDB', '89642' ],
|
||||
[ 'BID', '57577' ],
|
||||
[ 'URL', 'http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/'],
|
||||
[ 'URL', 'http://www.phenoelit.org/blog/archives/2013/02/05/mysql_madness_and_rails/index.html'],
|
||||
|
|
|
@ -20,7 +20,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2012-2626' ],
|
||||
[ 'OSVDB', '84318' ],
|
||||
[ 'URL', 'https://www.trustwave.com/spiderlabs/advisories/TWSL2012-014.txt' ]
|
||||
],
|
||||
'Author' =>
|
||||
|
|
|
@ -28,7 +28,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2013-2641' ],
|
||||
[ 'OSVDB', '91953' ],
|
||||
[ 'BID', '58833' ],
|
||||
[ 'EDB', '24932' ],
|
||||
[ 'URL', 'http://www.sophos.com/en-us/support/knowledgebase/118969.aspx' ],
|
||||
|
|
|
@ -28,7 +28,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'URL', 'http://tomcat.apache.org/' ],
|
||||
[ 'OSVDB', '47464' ],
|
||||
[ 'CVE', '2008-2938' ],
|
||||
[ 'URL', 'http://www.securityfocus.com/archive/1/499926' ],
|
||||
],
|
||||
|
|
|
@ -25,8 +25,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'URL', 'http://tomcat.apache.org/' ],
|
||||
[ 'OSVDB', '47464' ],
|
||||
[ 'OSVDB', '73447' ],
|
||||
[ 'CVE', '2008-2938' ],
|
||||
[ 'URL', 'http://www.securityfocus.com/archive/1/499926' ],
|
||||
[ 'EDB', '17388' ],
|
||||
|
|
|
@ -20,7 +20,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
},
|
||||
'References' =>
|
||||
[
|
||||
['OSVDB', '51536'],
|
||||
['URL', 'http://blog.c22.cc/advisories/typo3-sa-2009-001'],
|
||||
['URL', 'http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/'],
|
||||
],
|
||||
|
|
|
@ -22,7 +22,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
['OSVDB', '52048'],
|
||||
['CVE', '2009-0815'],
|
||||
['URL', 'http://secunia.com/advisories/33829/'],
|
||||
['EDB', '8038'],
|
||||
|
|
|
@ -27,7 +27,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'URL', 'http://blog.imperva.com/2013/10/threat-advisory-a-vbulletin-exploit-administrator-injection.html'],
|
||||
[ 'OSVDB', '98370' ],
|
||||
[ 'URL', 'http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/3991423-potential-vbulletin-exploit-vbulletin-4-1-vbulletin-5']
|
||||
],
|
||||
'DisclosureDate' => 'Oct 09 2013'))
|
||||
|
|
|
@ -32,7 +32,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[
|
||||
['CVE', '2014-6324'],
|
||||
['MSB', 'MS14-068'],
|
||||
['OSVDB', '114751'],
|
||||
['URL', 'http://blogs.technet.com/b/srd/archive/2014/11/18/additional-information-about-cve-2014-6324.aspx'],
|
||||
['URL', 'https://labs.mwrinfosecurity.com/blog/2014/12/16/digging-into-ms14-068-exploitation-and-defence/'],
|
||||
['URL', 'https://github.com/bidord/pykek'],
|
||||
|
|
|
@ -21,7 +21,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
['OSVDB', '40210' ],
|
||||
['BID', '27206'],
|
||||
['CVE', '2008-0244'],
|
||||
],
|
||||
|
|
|
@ -52,7 +52,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
],
|
||||
'References' =>
|
||||
[
|
||||
[ 'OSVDB', '101653' ],
|
||||
[ 'URL', 'https://github.com/elvanderb/TCP-32764' ]
|
||||
],
|
||||
'DisclosureDate' => "Dec 31 2013" ))
|
||||
|
|
|
@ -23,7 +23,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' => [
|
||||
[ 'CVE', '2004-1550' ],
|
||||
[ 'OSVDB', '10232' ],
|
||||
[ 'URL', 'http://seclists.org/bugtraq/2004/Sep/0339.html'],
|
||||
],
|
||||
'DisclosureDate' => 'Sep 24 2004'))
|
||||
|
|
|
@ -25,7 +25,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[
|
||||
[ 'MSB', 'MS08-059' ],
|
||||
[ 'CVE', '2008-3466' ],
|
||||
[ 'OSVDB', '49068' ],
|
||||
[ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=745' ],
|
||||
],
|
||||
'DisclosureDate' => 'Oct 14 2008'))
|
||||
|
|
|
@ -21,7 +21,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
},
|
||||
'References' =>
|
||||
[
|
||||
[ 'OSVDB', '48730' ],
|
||||
[ 'CVE', '2008-2439' ],
|
||||
[ 'BID', '31531' ],
|
||||
[ 'URL', 'http://www.trendmicro.com/ftp/documentation/readme/OSCE_7.3_Win_EN_CriticalPatch_B1372_Readme.txt' ],
|
||||
|
|
|
@ -20,7 +20,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2008-5448' ],
|
||||
[ 'OSVDB', '51342' ],
|
||||
[ 'URL', 'http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2009.html' ],
|
||||
[ 'ZDI', '09-003' ],
|
||||
],
|
||||
|
|
|
@ -23,9 +23,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2009-1977' ],
|
||||
[ 'OSVDB', '55903' ],
|
||||
[ 'CVE', '2009-1978' ],
|
||||
[ 'OSVDB', '55904' ],
|
||||
[ 'ZDI', '09-058' ],
|
||||
[ 'ZDI', '09-059' ],
|
||||
],
|
||||
|
|
|
@ -23,7 +23,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2010-0904' ],
|
||||
[ 'OSVDB', '66338'],
|
||||
[ 'ZDI', '10-118' ],
|
||||
],
|
||||
'DisclosureDate' => 'Jul 13 2010'))
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
[ 'OSVDB', '368' ],
|
||||
[ 'BID', '1484' ],
|
||||
],
|
||||
'DisclosureDate' => 'Jul 14 2000'))
|
||||
|
|
|
@ -24,7 +24,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
[ 'OSVDB', '92704' ],
|
||||
[ 'EDB', '24963' ],
|
||||
[ 'URL', 'http://erpscan.com/wp-content/uploads/2012/11/Breaking-SAP-Portal-HackerHalted-2012.pdf']
|
||||
],
|
||||
|
|
|
@ -25,7 +25,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[
|
||||
[ 'CVE', '2014-0763' ],
|
||||
[ 'ZDI', '14-077' ],
|
||||
[ 'OSVDB', '105572' ],
|
||||
[ 'BID', '66740' ],
|
||||
[ 'URL', 'https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03' ]
|
||||
],
|
||||
|
|
|
@ -28,7 +28,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2013-0653' ],
|
||||
[ 'OSVDB', '89490' ],
|
||||
[ 'BID', '57505' ],
|
||||
[ 'URL', 'http://ics-cert.us-cert.gov/advisories/ICSA-13-022-02' ]
|
||||
],
|
||||
|
|
|
@ -29,7 +29,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2007-6507' ],
|
||||
[ 'OSVDB', '44318' ],
|
||||
[ 'ZDI', '07-077'],
|
||||
],
|
||||
'Actions' =>
|
||||
|
|
|
@ -34,7 +34,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' => [
|
||||
[ 'CVE', '1999-0504'], # Administrator with no password (since this is the default)
|
||||
[ 'OSVDB', '3106'],
|
||||
[ 'URL', 'http://www.accuvant.com/blog/2012/11/13/owning-computers-without-shell-access' ],
|
||||
[ 'URL', 'http://sourceforge.net/projects/smbexec/' ],
|
||||
[ 'URL', 'http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx' ]
|
||||
|
|
|
@ -34,7 +34,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
],
|
||||
'References' =>
|
||||
[
|
||||
['OSVDB', '62145'],
|
||||
['URL', 'http://www.samba.org/samba/news/symlink_attack.html']
|
||||
],
|
||||
'License' => MSF_LICENSE
|
||||
|
|
|
@ -32,7 +32,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
['CVE', '2003-0027'],
|
||||
['OSVDB', '8201'],
|
||||
['BID', '6665'],
|
||||
['URL', 'http://marc.info/?l=bugtraq&m=104326556329850&w=2']
|
||||
],
|
||||
|
|
|
@ -23,7 +23,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
['OSVDB', '30172'],
|
||||
['BID', '20858'],
|
||||
['CVE', '2006-5702'],
|
||||
['URL', 'http://secunia.com/advisories/22678/'],
|
||||
|
|
|
@ -29,7 +29,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
['BID', '17978'],
|
||||
['OSVDB', '25479'],
|
||||
['URL', 'http://secunia.com/advisories/20107/'],
|
||||
['CVE', '2006-2369'],
|
||||
],
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
['OSVDB', '66842'],
|
||||
['URL', 'http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html'],
|
||||
['US-CERT-VU', '362332']
|
||||
]
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
['OSVDB', '66842'],
|
||||
['URL', 'http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html'],
|
||||
['US-CERT-VU', '362332']
|
||||
]
|
||||
|
|
|
@ -21,7 +21,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
['OSVDB', '66842'],
|
||||
['URL', 'http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html'],
|
||||
['US-CERT-VU', '362332']
|
||||
],
|
||||
|
|
|
@ -23,7 +23,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
['OSVDB', '66842'],
|
||||
['URL', 'http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html'],
|
||||
['US-CERT-VU', '362332']
|
||||
],
|
||||
|
|
|
@ -27,7 +27,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
['OSVDB', '85247'],
|
||||
['BID', '55446'],
|
||||
['CVE', '2012-2983'],
|
||||
['URL', 'http://www.americaninfosec.com/research/dossiers/AISG-12-002.pdf'],
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
['OSVDB', '26772'],
|
||||
['BID', '18744'],
|
||||
['CVE', '2006-3392'],
|
||||
['US-CERT-VU', '999601'],
|
||||
|
|
|
@ -23,7 +23,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' =>
|
||||
[
|
||||
[ 'OSVDB', '71420'],
|
||||
[ 'ZDI', '11-113' ],
|
||||
[ 'EDB', '17078' ],
|
||||
],
|
||||
|
|
|
@ -27,7 +27,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[
|
||||
[ 'BID', '1154'],
|
||||
[ 'CVE', '2000-0380'],
|
||||
[ 'OSVDB', '1302' ],
|
||||
],
|
||||
'DisclosureDate' => 'Apr 26 2000'))
|
||||
|
||||
|
|
|
@ -29,7 +29,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2010-2156' ],
|
||||
[ 'OSVDB', '65246'],
|
||||
[ 'EDB', '14185']
|
||||
]
|
||||
)
|
||||
|
|
|
@ -24,7 +24,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'BID', '16838' ],
|
||||
[ 'OSVDB', '23511' ],
|
||||
[ 'CVE', '2006-0900' ],
|
||||
]))
|
||||
|
||||
|
|
|
@ -27,7 +27,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2011-0514' ],
|
||||
[ 'OSVDB', '70617' ],
|
||||
[ 'EDB', '15940' ],
|
||||
],
|
||||
'DisclosureDate' => 'Jan 8 2011' ))
|
||||
|
|
|
@ -28,7 +28,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
# patrickw - I am not sure if these are correct, but the closest match!
|
||||
[ 'OSVDB', '7246' ],
|
||||
[ 'CVE', '2004-2691' ],
|
||||
[ 'URL', 'http://support.3com.com/infodeli/tools/switches/dna1695-0aaa17.pdf' ],
|
||||
],
|
||||
|
|
|
@ -44,7 +44,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2010-0425' ],
|
||||
[ 'OSVDB', '62674'],
|
||||
[ 'BID', '38494' ],
|
||||
[ 'URL', 'https://issues.apache.org/bugzilla/show_bug.cgi?id=48509' ],
|
||||
[ 'URL', 'http://www.gossamer-threads.com/lists/apache/cvs/381537' ],
|
||||
|
|
|
@ -40,7 +40,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[ 'BID', '49303'],
|
||||
[ 'CVE', '2011-3192'],
|
||||
[ 'EDB', '17696'],
|
||||
[ 'OSVDB', '74721' ],
|
||||
],
|
||||
'DisclosureDate' => 'Aug 19 2011'
|
||||
))
|
||||
|
|
|
@ -29,7 +29,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2010-2227' ],
|
||||
[ 'OSVDB', '66319' ],
|
||||
[ 'BID', '41544' ]
|
||||
],
|
||||
'DisclosureDate' => 'Jul 09 2010'))
|
||||
|
|
|
@ -29,7 +29,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[
|
||||
[ 'URL', 'http://archives.neohapsis.com/archives/bugtraq/2004-02/0650.html' ],
|
||||
[ 'BID', '9750' ],
|
||||
[ 'OSVDB', '4077' ],
|
||||
[ 'CVE', '2004-0331' ],
|
||||
],
|
||||
'DisclosureDate' => 'Feb 26 2004'))
|
||||
|
|
|
@ -25,7 +25,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
['CVE', '2013-3843'],
|
||||
['OSVDB', '93853'],
|
||||
['BID', '60333']
|
||||
],
|
||||
'DisclosureDate' => 'May 30 2013'))
|
||||
|
|
|
@ -30,7 +30,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2013-4450' ],
|
||||
[ 'OSVDB', '98724' ],
|
||||
[ 'BID' , '63229' ],
|
||||
[ 'URL', 'http://blog.nodejs.org/2013/10/22/cve-2013-4450-http-server-pipeline-flood-dos' ]
|
||||
],
|
||||
|
|
|
@ -30,7 +30,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2013-6414' ],
|
||||
[ 'OSVDB', '100525' ],
|
||||
[ 'BID', '64074' ],
|
||||
[ 'URL', 'http://seclists.org/oss-sec/2013/q4/400' ],
|
||||
[ 'URL', 'https://github.com/rails/rails/commit/bee3b7f9371d1e2ddcfe6eaff5dcb26c0a248068' ]
|
||||
|
|
|
@ -30,7 +30,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2013-4164' ],
|
||||
[ 'OSVDB', '100113' ],
|
||||
[ 'URL', 'https://www.ruby-lang.org/en/news/2013/11/22/ruby-1-9-3-p484-is-released/' ]
|
||||
],
|
||||
'DisclosureDate' => 'Nov 22 2013'))
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' => [
|
||||
[ 'BID', '35145' ],
|
||||
#[ 'CVE', '' ], # no CVE?
|
||||
[ 'OSVDB', '54881' ],
|
||||
[ 'URL', 'http://www.aushack.com/200905-sonicwall.txt' ],
|
||||
],
|
||||
'DisclosureDate' => 'May 29 2009'))
|
||||
|
|
|
@ -24,7 +24,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' => [
|
||||
[ 'BID', '30644'],
|
||||
[ 'CVE', '2008-3656'],
|
||||
[ 'OSVDB', '47471' ],
|
||||
[ 'URL', 'http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/']
|
||||
],
|
||||
'DisclosureDate' => 'Aug 08 2008'))
|
||||
|
|
|
@ -27,7 +27,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
['URL', 'http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9034'],
|
||||
['OSVDB', '114857'],
|
||||
['WPVDB', '7681']
|
||||
],
|
||||
'DisclosureDate' => 'Nov 20 2014'
|
||||
|
|
|
@ -21,7 +21,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'References' => [
|
||||
[ 'CVE', '2008-5081' ],
|
||||
[ 'OSVDB', '50929' ],
|
||||
],
|
||||
'DisclosureDate' => 'Nov 14 2008')
|
||||
|
||||
|
|
|
@ -22,7 +22,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2009-3591' ],
|
||||
[ 'OSVDB', '58884' ],
|
||||
[ 'BID', '36606' ]
|
||||
],
|
||||
'DisclosureDate' => "Oct 05 2009" ))
|
||||
|
|
|
@ -45,7 +45,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
[ 'CVE', '2013-3986' ],
|
||||
[ 'OSVDB', '99552' ],
|
||||
[ 'BID', '63611'],
|
||||
[ 'URL', 'http://www-01.ibm.com/support/docview.wss?uid=swg21654041' ],
|
||||
[ 'URL', 'http://xforce.iss.net/xforce/xfdb/84969' ]
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
['EDB', '38979'],
|
||||
['OSVDB', '132307']
|
||||
],
|
||||
'DisclosureDate' => "Dec 15 2015",
|
||||
))
|
||||
|
|
|
@ -23,7 +23,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[
|
||||
[ 'URL', 'https://code.google.com/p/memcached/issues/detail?id=192' ],
|
||||
[ 'CVE', '2011-4971' ],
|
||||
[ 'OSVDB', '92867' ]
|
||||
],
|
||||
'Author' => [ 'Gregory Man <man.gregory[at]gmail.com>' ],
|
||||
'License' => MSF_LICENSE
|
||||
|
|
|
@ -29,7 +29,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[
|
||||
[ 'BID', '37255' ],
|
||||
[ 'CVE', '2009-3563' ],
|
||||
[ 'OSVDB', '60847' ],
|
||||
[ 'URL', 'https://support.ntp.org/bugs/show_bug.cgi?id=1331' ]
|
||||
],
|
||||
'DisclosureDate' => 'Oct 04 2009'))
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
[
|
||||
[ 'BID', '5807' ],
|
||||
[ 'CVE', '2002-1214' ],
|
||||
[ 'OSVDB', '13422' ],
|
||||
[ 'MSB', 'MS02-063' ],
|
||||
],
|
||||
'DisclosureDate' => 'Sep 26 2002'))
|
||||
|
|
|
@ -25,7 +25,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
['CVE', '2007-2446'],
|
||||
['OSVDB', '34699'],
|
||||
]
|
||||
))
|
||||
|
||||
|
|
|
@ -25,7 +25,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'References' =>
|
||||
[
|
||||
['CVE', '2007-2446'],
|
||||
['OSVDB', '34699'],
|
||||
]
|
||||
))
|
||||
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue