Fix metadata

2013-09-19 12:41:13 -05:00 · 2013-09-19 12:41:13 -05:00 · 891a54aad7
parent d6a1182bd4
commit 891a54aad7
1 changed files with 6 additions and 6 deletions
--- a/modules/exploits/unix/webapp/arkeia_upload_exec.rb
+++ b/modules/exploits/unix/webapp/arkeia_upload_exec.rb
@ -19,11 +19,11 @@ class Metasploit3 < Msf::Exploit::Remote
      'Description'    => %q{
        This module exploits a vulnerability found in Western Digital Arkeia Appliance
        version 10.0.10 and lower. By abusing the upload.php file from the scripts directory,
-        a malicious user can upload arbitrary code to the ApplianceUpdate file in
-        the tmp directory without any authentication. Abusing the local file inclusion in
-        the lang cookie to parse this file, results in arbitrary code execution, also without
-        any authentication. The module has been tested successfully on Arkeia 10.0.10.
-        The issues have been fixed in version 10.1.10.
+        a malicious user can upload arbitrary code to the ApplianceUpdate file in the temp
+        directory without any authentication. Abusing the local file inclusion in the lang
+        cookie to parse this file, results in arbitrary code execution, also without any
+        authentication. The module has been tested successfully on Arkeia 10.0.10. The issues
+        have been fixed in version 10.1.10.
      },
      'License'         => MSF_LICENSE,
      'Author'          =>
@ -40,7 +40,7 @@ class Metasploit3 < Msf::Exploit::Remote
        [
          ['Western Digital Arkeia Appliance 10.0.10', {}]
        ],
-      'Privileged'      => false,
+      'Privileged'      => true,
      'DisclosureDate'  => "Sep 16 2013",
      'DefaultTarget'   => 0))