Land #7308, disclosure date additions

2016-09-13 23:16:30 -05:00 · 2016-09-13 23:16:30 -05:00 · cac890a797
parent a5502264d4 e4e6f5daac
commit cac890a797
2 changed files with 12 additions and 10 deletions
--- a/modules/auxiliary/admin/http/tomcat_utf8_traversal.rb
+++ b/modules/auxiliary/admin/http/tomcat_utf8_traversal.rb
@ -13,8 +13,8 @@ class MetasploitModule < Msf::Auxiliary

  def initialize
    super(
-      'Name'        => 'Tomcat UTF-8 Directory Traversal Vulnerability',
-      'Description' => %q{
+      'Name'           => 'Tomcat UTF-8 Directory Traversal Vulnerability',
+      'Description'    => %q{
        This module tests whether a directory traversal vulnerablity is present
        in versions of Apache Tomcat 4.1.0 - 4.1.37, 5.5.0 - 5.5.26 and 6.0.0
        - 6.0.16 under specific and non-default installations. The connector must have
@ -25,15 +25,16 @@ class MetasploitModule < Msf::Auxiliary
        RedHat 9 running Tomcat 6.0.16 and Sun JRE 1.5.0-05. You may wish to change
        FILE (hosts,sensitive files), MAXDIRS and RPORT depending on your environment.
        },
-      'References'  =>
+      'References'     =>
        [
          [ 'URL', 'http://tomcat.apache.org/' ],
          [ 'OSVDB', '47464' ],
          [ 'CVE', '2008-2938' ],
          [ 'URL', 'http://www.securityfocus.com/archive/1/499926' ],
        ],
-      'Author'      => [ 'patrick','guerrino <ruggine> di massa' ],
-      'License'     => MSF_LICENSE
+      'Author'         => [ 'patrick','guerrino <ruggine> di massa' ],
+      'License'        => MSF_LICENSE,
+      'DisclosureDate' => 'Jan 9 2009'
    )

    register_options(
--- a/modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb
+++ b/modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb
@ -12,8 +12,8 @@ class MetasploitModule < Msf::Auxiliary

  def initialize
    super(
-      'Name'        => 'TrendMicro Data Loss Prevention 5.5 Directory Traversal',
-      'Description' => %q{
+      'Name'           => 'TrendMicro Data Loss Prevention 5.5 Directory Traversal',
+      'Description'    => %q{
        This module tests whether a directory traversal vulnerablity is present
        in Trend Micro DLP (Data Loss Prevention) Appliance v5.5 build <= 1294.
        The vulnerability appears to be actually caused by the Tomcat UTF-8
@ -22,7 +22,7 @@ class MetasploitModule < Msf::Auxiliary
        Note that in the Trend Micro appliance, /etc/shadow is not used and therefore
        password hashes are stored and anonymously accessible in the passwd file.
        },
-      'References'  =>
+      'References'     =>
        [
          [ 'URL', 'http://tomcat.apache.org/' ],
          [ 'OSVDB', '47464' ],
@ -32,8 +32,9 @@ class MetasploitModule < Msf::Auxiliary
          [ 'EDB', '17388' ],
          [ 'BID', '48225' ],
        ],
-      'Author'      => [ 'patrick' ],
-      'License'     => MSF_LICENSE
+      'Author'         => [ 'patrick' ],
+      'License'        => MSF_LICENSE,
+      'DisclosureDate' => 'Jan 9 2009'
    )

    register_options(