automatic module_metadata_base.json update

2018-10-22 14:26:09 -07:00 · 2018-10-22 14:26:09 -07:00 · 9b01f3deaf
parent f742d3bd9a
commit 9b01f3deaf
1 changed files with 47 additions and 5 deletions
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@ -22043,7 +22043,7 @@
      "Trustwave SpiderLabs",
      "Dhiraj Mishra"
    ],
-    "description": "This module exploits an unauthenticated directory traversal vulnerability\n        which exits in administration console of Oracle GlassFish Server 4.1, which is\n        listening by default on port 4848/TCP.",
+    "description": "This module exploits an unauthenticated directory traversal vulnerability\n        which exists in administration console of Oracle GlassFish Server 4.1, which is\n        listening by default on port 4848/TCP.",
    "references": [
      "CVE-2017-1000028",
      "URL-https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-016/?fid=6904",
@ -22070,7 +22070,7 @@
      "https"
    ],
    "targets": null,
-    "mod_time": "2018-08-05 00:15:04 +0000",
+    "mod_time": "2018-10-23 00:01:13 +0000",
    "path": "/modules/auxiliary/scanner/http/glassfish_traversal.rb",
    "is_install_path": true,
    "ref_name": "scanner/http/glassfish_traversal",
@ -37294,7 +37294,7 @@
      "Peter Winter-Smith",
      "wvu <wvu@metasploit.com>"
    ],
-    "description": "This module exploits an authentication bypass in libssh server code\n        where a USERAUTH_SUCCESS message is sent in place of the expected\n        USERAUTH_REQUEST message. Versions 0.6 and later are affected.\n\n        Note that this module's success depends on whether the server code\n        can trigger the correct (shell/exec) callbacks despite only the state\n        machine's authenticated state being set.\n\n        Therefore, you may or may not get a shell if the server requires\n        additional code paths to be followed.",
+    "description": "This module exploits an authentication bypass in libssh server code\n        where a USERAUTH_SUCCESS message is sent in place of the expected\n        USERAUTH_REQUEST message. libssh versions 0.6.0 through 0.7.5 and\n        0.8.0 through 0.8.3 are vulnerable.\n\n        Note that this module's success depends on whether the server code\n        can trigger the correct (shell/exec) callbacks despite only the state\n        machine's authenticated state being set.\n\n        Therefore, you may or may not get a shell if the server requires\n        additional code paths to be followed.",
    "references": [
      "CVE-2018-10933",
      "URL-https://www.libssh.org/security/advisories/CVE-2018-10933.txt"
@ -37311,7 +37311,7 @@

    ],
    "targets": null,
-    "mod_time": "2018-10-18 13:57:32 +0000",
+    "mod_time": "2018-10-19 15:13:45 +0000",
    "path": "/modules/auxiliary/scanner/ssh/libssh_auth_bypass.rb",
    "is_install_path": true,
    "ref_name": "scanner/ssh/libssh_auth_bypass",
@ -71453,6 +71453,48 @@
    "notes": {
    }
  },
+  "exploit_qnx/qconn/qconn_exec": {
+    "name": "QNX qconn Command Execution",
+    "full_name": "exploit/qnx/qconn/qconn_exec",
+    "rank": 600,
+    "disclosure_date": "2012-09-04",
+    "type": "exploit",
+    "author": [
+      "David Odell",
+      "Mor!p3r",
+      "Brendan Coles"
+    ],
+    "description": "This module uses the qconn daemon on QNX systems to gain a shell.\n\n        The QNX qconn daemon does not require authentication and allows\n        remote users to execute arbitrary operating system commands.\n\n        This module has been tested successfully on QNX Neutrino 6.5.0 (x86)\n        and 6.5.0 SP1 (x86).",
+    "references": [
+      "EDB-21520",
+      "URL-https://www.optiv.com/blog/pentesting-qnx-neutrino-rtos",
+      "URL-http://www.qnx.com/developers/docs/6.5.0SP1/neutrino/utilities/q/qconn.html",
+      "URL-http://www.qnx.com/developers/docs/6.5.0/topic/com.qnx.doc.neutrino_utilities/q/qconn.html"
+    ],
+    "is_server": true,
+    "is_client": false,
+    "platform": "Unix",
+    "arch": "cmd",
+    "rport": 8000,
+    "autofilter_ports": [
+
+    ],
+    "autofilter_services": [
+
+    ],
+    "targets": [
+      "Automatic"
+    ],
+    "mod_time": "2018-10-20 18:16:59 +0000",
+    "path": "/modules/exploits/qnx/qconn/qconn_exec.rb",
+    "is_install_path": true,
+    "ref_name": "qnx/qconn/qconn_exec",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+    }
+  },
  "exploit_solaris/dtspcd/heap_noir": {
    "name": "Solaris dtspcd Heap Overflow",
    "full_name": "exploit/solaris/dtspcd/heap_noir",
@ -73340,7 +73382,7 @@
    "targets": [
      "Automatic"
    ],
-    "mod_time": "2018-03-24 00:23:12 +0000",
+    "mod_time": "2018-10-20 18:16:59 +0000",
    "path": "/modules/exploits/unix/misc/qnx_qconn_exec.rb",
    "is_install_path": true,
    "ref_name": "unix/misc/qnx_qconn_exec",