Land #2363, updated info about the Hitcon bug

2013-09-13 11:16:57 -05:00 · 2013-09-13 11:16:57 -05:00 · c0a1c58215
parent 705e262061 4847976995
commit c0a1c58215
1 changed files with 10 additions and 4 deletions
--- a/modules/exploits/windows/browser/ms13_055_canchor.rb
+++ b/modules/exploits/windows/browser/ms13_055_canchor.rb
@ -31,17 +31,21 @@ class Metasploit3 < Msf::Exploit::Remote
        context of the user.

        This bug is specific to Internet Explorer 8 only. It was originally discovered by
-        Orange Tsai at Hitcon 2013, but was silently patched in the July 2013 update.
+        Jose Antonio Vazquez Gonzalez and reported to iDefense, but was discovered again
+        by Orange Tsai at Hitcon 2013.
      },
      'License'        => MSF_LICENSE,
      'Author'         =>
        [
-          'Orange Tsai',        # Original discovery, PoC
-          'Peter Vreugdenhil',  # Joins the party (wtfuzz)
-          'sinn3r'              # Joins the party
+          'Jose Antonio Vazquez Gonzalez', # Original discovery reported from iDefense
+          'Orange Tsai',                   # Rediscovery, published at Hitcon 2013
+          'Peter Vreugdenhil',             # Joins the party (wtfuzz)
+          'sinn3r'                         # Joins the party
        ],
      'References'     =>
        [
+          [ 'CVE', '2013-3163' ],
+          [ 'OSVDB', '94981' ],
          [ 'MSB', 'MS13-055'  ],
          [ 'URL', 'https://speakerd.s3.amazonaws.com/presentations/0df98910d26c0130e8927e81ab71b214/for-share.pdf' ]
        ],
@ -75,6 +79,8 @@ class Metasploit3 < Msf::Exploit::Remote
          'InitialAutoRunScript' => 'migrate -f'
        },
      'Privileged'     => false,
+      # Bug was patched in July 2013. Tsai was the first to publish the bug.
+      # But Jose already reported way back in Oct 2012 (to iDefense)
      'DisclosureDate' => "Jul 09 2013",
      'DefaultTarget'  => 0))
  end