From f5193b595c384dbd74ebfc3e5458e3e9bd412b6b Mon Sep 17 00:00:00 2001 From: sinn3r Date: Mon, 10 Dec 2012 11:42:21 -0600 Subject: [PATCH] Update references --- modules/exploits/linux/http/dolibarr_cmd_exec.rb | 1 + modules/exploits/linux/http/webid_converter.rb | 3 ++- modules/exploits/multi/http/phptax_exec.rb | 1 + modules/exploits/multi/http/snortreport_exec.rb | 3 ++- modules/exploits/unix/misc/qnx_qconn_exec.rb | 3 ++- modules/exploits/unix/ssh/tectia_passwd_changereq.rb | 1 + modules/exploits/unix/webapp/basilic_diff_exec.rb | 1 + modules/exploits/unix/webapp/projectpier_upload_exec.rb | 1 + modules/exploits/unix/webapp/xoda_file_upload.rb | 1 + modules/exploits/windows/browser/asus_net4switch_ipswcom.rb | 1 + modules/exploits/windows/browser/mcafee_mvt_exec.rb | 3 ++- modules/exploits/windows/browser/ubisoft_uplay_cmd_exec.rb | 4 +++- .../exploits/windows/browser/ultramjcam_openfiledig_bof.rb | 1 + modules/exploits/windows/ftp/absolute_ftp_list_bof.rb | 1 + modules/exploits/windows/ftp/odin_list_reply.rb | 3 ++- modules/exploits/windows/ftp/turboftp_port.rb | 1 + modules/exploits/windows/http/zenworks_uploadservlet.rb | 1 + modules/exploits/windows/misc/bcaaa_bof.rb | 3 ++- modules/exploits/windows/misc/hp_imc_uam.rb | 3 ++- modules/exploits/windows/scada/iconics_genbroker.rb | 1 + .../exploits/windows/scada/sunway_force_control_netdbsrv.rb | 1 + 21 files changed, 30 insertions(+), 8 deletions(-) diff --git a/modules/exploits/linux/http/dolibarr_cmd_exec.rb b/modules/exploits/linux/http/dolibarr_cmd_exec.rb index 6f7cb3df03..19375a6ab5 100644 --- a/modules/exploits/linux/http/dolibarr_cmd_exec.rb +++ b/modules/exploits/linux/http/dolibarr_cmd_exec.rb @@ -32,6 +32,7 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '80980'], ['URL', 'http://seclists.org/fulldisclosure/2012/Apr/78'] ], 'Arch' => ARCH_CMD, diff --git a/modules/exploits/linux/http/webid_converter.rb b/modules/exploits/linux/http/webid_converter.rb index 75ed6e68cd..610c3dda19 100644 --- a/modules/exploits/linux/http/webid_converter.rb +++ b/modules/exploits/linux/http/webid_converter.rb @@ -29,7 +29,8 @@ class Metasploit3 < Msf::Exploit::Remote 'References' => [ [ 'OSVDB', '73609' ], - [ 'EDB', '17487' ] + [ 'EDB', '17487' ], + [ 'URL', 'http://www.webidsupport.com/forums/showthread.php?3892' ] ], 'Version' => '$Revision$', 'Privileged' => false, diff --git a/modules/exploits/multi/http/phptax_exec.rb b/modules/exploits/multi/http/phptax_exec.rb index 0f7412a6d3..1f0b1782ee 100644 --- a/modules/exploits/multi/http/phptax_exec.rb +++ b/modules/exploits/multi/http/phptax_exec.rb @@ -31,6 +31,7 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '86992'], ['EDB', '21665'] ], 'Payload' => diff --git a/modules/exploits/multi/http/snortreport_exec.rb b/modules/exploits/multi/http/snortreport_exec.rb index 142463fbba..c4821a3884 100644 --- a/modules/exploits/multi/http/snortreport_exec.rb +++ b/modules/exploits/multi/http/snortreport_exec.rb @@ -32,7 +32,8 @@ class Metasploit3 < Msf::Exploit::Remote 'Version' => '$Revision$', 'References' => [ - ['OSVDB', '67739'] + ['OSVDB', '67739'], + ['URL', 'http://www.symmetrixtech.com/articles/news-016.html'] ], 'Payload' => { diff --git a/modules/exploits/unix/misc/qnx_qconn_exec.rb b/modules/exploits/unix/misc/qnx_qconn_exec.rb index d402ac7cb6..615b7427ca 100644 --- a/modules/exploits/unix/misc/qnx_qconn_exec.rb +++ b/modules/exploits/unix/misc/qnx_qconn_exec.rb @@ -29,9 +29,10 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '86672'], ['EDB', '21520'], ['URL', 'http://www.fishnetsecurity.com/6labs/blog/pentesting-qnx-neutrino-rtos'], - ['URL', 'http://www.qnx.com/developers/docs/6.3.0SP3/neutrino/utilities/q/qconn.html'], + ['URL', 'http://www.qnx.com/developers/docs/6.3.0SP3/neutrino/utilities/q/qconn.html'] ], 'Payload' => { diff --git a/modules/exploits/unix/ssh/tectia_passwd_changereq.rb b/modules/exploits/unix/ssh/tectia_passwd_changereq.rb index eb45b2e40b..5f55802e12 100644 --- a/modules/exploits/unix/ssh/tectia_passwd_changereq.rb +++ b/modules/exploits/unix/ssh/tectia_passwd_changereq.rb @@ -33,6 +33,7 @@ class Metasploit3 < Msf::Exploit::Remote [ ['CVE', '2012-5975'], ['EDB', '23082'], + ['OSVDB', '88103'], ['URL', 'http://seclists.org/fulldisclosure/2012/Dec/12'], ['URL', 'http://www.ssh.com/index.php/component/content/article/531.html'] ], diff --git a/modules/exploits/unix/webapp/basilic_diff_exec.rb b/modules/exploits/unix/webapp/basilic_diff_exec.rb index 5174d8c8e7..f75d47bd8a 100644 --- a/modules/exploits/unix/webapp/basilic_diff_exec.rb +++ b/modules/exploits/unix/webapp/basilic_diff_exec.rb @@ -29,6 +29,7 @@ class Metasploit3 < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '83719' ], [ 'BID', '54234' ] ], 'Platform' => ['linux', 'unix'], diff --git a/modules/exploits/unix/webapp/projectpier_upload_exec.rb b/modules/exploits/unix/webapp/projectpier_upload_exec.rb index 78fc91237f..b577d26c76 100644 --- a/modules/exploits/unix/webapp/projectpier_upload_exec.rb +++ b/modules/exploits/unix/webapp/projectpier_upload_exec.rb @@ -34,6 +34,7 @@ class Metasploit3 < Msf::Exploit::Remote 'References' => [ ['OSVDB', '85881'], + ['EDB', '21929'], ['URL', 'http://packetstormsecurity.org/files/117070/ProjectPier-0.8.8-Shell-Upload.html'] ], 'Platform' => ['linux', 'php'], diff --git a/modules/exploits/unix/webapp/xoda_file_upload.rb b/modules/exploits/unix/webapp/xoda_file_upload.rb index 4c36cafbb4..2838bac3b3 100644 --- a/modules/exploits/unix/webapp/xoda_file_upload.rb +++ b/modules/exploits/unix/webapp/xoda_file_upload.rb @@ -29,6 +29,7 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '85117' ], [ 'BID', '55127' ], [ 'EDB', '20703' ] ], diff --git a/modules/exploits/windows/browser/asus_net4switch_ipswcom.rb b/modules/exploits/windows/browser/asus_net4switch_ipswcom.rb index f91d3fc471..8ea33b1d07 100644 --- a/modules/exploits/windows/browser/asus_net4switch_ipswcom.rb +++ b/modules/exploits/windows/browser/asus_net4switch_ipswcom.rb @@ -29,6 +29,7 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ + [ 'CVE', '2012-4924 ' ], [ 'OSVDB', '79438' ], [ 'URL', 'http://dsecrg.com/pages/vul/show.php?id=417' ] ], diff --git a/modules/exploits/windows/browser/mcafee_mvt_exec.rb b/modules/exploits/windows/browser/mcafee_mvt_exec.rb index c4041f4717..9a8a53fe5d 100644 --- a/modules/exploits/windows/browser/mcafee_mvt_exec.rb +++ b/modules/exploits/windows/browser/mcafee_mvt_exec.rb @@ -31,7 +31,8 @@ class Metasploit3 < Msf::Exploit::Remote 'References' => [ [ 'OSVDB', '81657'], - [ 'EDB', '18805' ] + [ 'EDB', '18805' ], + [ 'URL', 'https://kc.mcafee.com/corporate/index?page=content&id=SB10028' ] ], 'Payload' => { diff --git a/modules/exploits/windows/browser/ubisoft_uplay_cmd_exec.rb b/modules/exploits/windows/browser/ubisoft_uplay_cmd_exec.rb index 3d47bdd342..47b477f2ad 100644 --- a/modules/exploits/windows/browser/ubisoft_uplay_cmd_exec.rb +++ b/modules/exploits/windows/browser/ubisoft_uplay_cmd_exec.rb @@ -33,8 +33,10 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ + [ 'CVE', '2012-4177' ], [ 'OSVDB', '84402'], - [ 'URL', 'http://seclists.org/fulldisclosure/2012/Jul/375'] + [ 'URL', 'http://seclists.org/fulldisclosure/2012/Jul/375'], + [ 'URL', 'http://forums.ubi.com/showthread.php/699940-Uplay-PC-Patch-2-0-4-Security-fix' ] ], 'Platform' => 'win', 'Targets' => diff --git a/modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb b/modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb index dfb08949d9..d100899a37 100644 --- a/modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb +++ b/modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb @@ -31,6 +31,7 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ + [ 'CVE', '2012-4876' ], [ 'OSVDB', '80661' ], [ 'EDB', '18675' ] ], diff --git a/modules/exploits/windows/ftp/absolute_ftp_list_bof.rb b/modules/exploits/windows/ftp/absolute_ftp_list_bof.rb index c7b2725889..3fb57620f4 100644 --- a/modules/exploits/windows/ftp/absolute_ftp_list_bof.rb +++ b/modules/exploits/windows/ftp/absolute_ftp_list_bof.rb @@ -26,6 +26,7 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ + [ 'CVE', '2011-5164' ], [ 'OSVDB', '77105' ], [ 'EDB', '18102' ] ], diff --git a/modules/exploits/windows/ftp/odin_list_reply.rb b/modules/exploits/windows/ftp/odin_list_reply.rb index 1fd0b179eb..2d31be5e79 100644 --- a/modules/exploits/windows/ftp/odin_list_reply.rb +++ b/modules/exploits/windows/ftp/odin_list_reply.rb @@ -32,7 +32,8 @@ class Metasploit3 < Msf::Exploit::Remote 'Version' => "$Revision$", 'References' => [ - [ 'URL', 'http://www.corelan.be:8800/index.php/2010/10/12/death-of-an-ftp-client/' ], + [ 'OSVDB', '68824' ], + [ 'URL', 'http://www.corelan.be:8800/index.php/2010/10/12/death-of-an-ftp-client/' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/ftp/turboftp_port.rb b/modules/exploits/windows/ftp/turboftp_port.rb index 12e5870827..a85def636c 100644 --- a/modules/exploits/windows/ftp/turboftp_port.rb +++ b/modules/exploits/windows/ftp/turboftp_port.rb @@ -32,6 +32,7 @@ class Metasploit3 < Msf::Exploit::Remote 'Platform' => [ 'win' ], 'References' => [ + [ 'EDB', '22161' ], [ 'OSVDB', '85887' ] ], 'Payload' => diff --git a/modules/exploits/windows/http/zenworks_uploadservlet.rb b/modules/exploits/windows/http/zenworks_uploadservlet.rb index f2288a4f41..60088dbad1 100644 --- a/modules/exploits/windows/http/zenworks_uploadservlet.rb +++ b/modules/exploits/windows/http/zenworks_uploadservlet.rb @@ -36,6 +36,7 @@ class Metasploit3 < Msf::Exploit::Remote [ 'BID', '39114' ], [ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-10-078/' ], [ 'URL', 'http://tucanalamigo.blogspot.com/2010/04/pdc-de-zdi-10-078.html' ], + [ 'URL', 'http://www.novell.com/support/kb/doc.php?id=7005573' ] ], 'Privileged' => true, 'Platform' => [ 'java', 'win', 'linux' ], diff --git a/modules/exploits/windows/misc/bcaaa_bof.rb b/modules/exploits/windows/misc/bcaaa_bof.rb index d4dd69b16f..b00342f523 100644 --- a/modules/exploits/windows/misc/bcaaa_bof.rb +++ b/modules/exploits/windows/misc/bcaaa_bof.rb @@ -37,9 +37,10 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ + [ 'CVE', '2011-5124' ], [ 'OSVDB', '72095'], [ 'URL', 'https://kb.bluecoat.com/index?page=content&id=SA55' ], - [ 'URL', 'http://seclists.org/bugtraq/2011/Jul/44' ], + [ 'URL', 'http://seclists.org/bugtraq/2011/Jul/44' ] ], 'Payload' => { diff --git a/modules/exploits/windows/misc/hp_imc_uam.rb b/modules/exploits/windows/misc/hp_imc_uam.rb index 562af3e928..cdf152f2d8 100644 --- a/modules/exploits/windows/misc/hp_imc_uam.rb +++ b/modules/exploits/windows/misc/hp_imc_uam.rb @@ -33,7 +33,8 @@ class Metasploit3 < Msf::Exploit::Remote [ ['OSVDB', '85060'], ['BID', '55271'], - ['URL', 'http://www.zerodayinitiative.com/advisories/ZDI-12-171'] + ['URL', 'http://www.zerodayinitiative.com/advisories/ZDI-12-171'], + ['URL', 'https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03589863'] ], 'Payload' => { diff --git a/modules/exploits/windows/scada/iconics_genbroker.rb b/modules/exploits/windows/scada/iconics_genbroker.rb index 3ae53bea33..2baa05aea6 100644 --- a/modules/exploits/windows/scada/iconics_genbroker.rb +++ b/modules/exploits/windows/scada/iconics_genbroker.rb @@ -39,6 +39,7 @@ class Metasploit3 < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '72817'], ['URL', 'http://aluigi.org/adv/genesis_4-adv.txt'], ['URL', 'http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-02.pdf'] ], diff --git a/modules/exploits/windows/scada/sunway_force_control_netdbsrv.rb b/modules/exploits/windows/scada/sunway_force_control_netdbsrv.rb index 791bf6016a..44f81c8b24 100644 --- a/modules/exploits/windows/scada/sunway_force_control_netdbsrv.rb +++ b/modules/exploits/windows/scada/sunway_force_control_netdbsrv.rb @@ -30,6 +30,7 @@ class Metasploit3 < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'CVE', '2012-1084' ], [ 'OSVDB', '75798'], [ 'BID', '49747' ], [ 'URL', 'http://aluigi.altervista.org/adv/forcecontrol_1-adv.txt' ],