Merge branch 'master' of https://github.com/rapid7/metasploit-framework

2013-06-18 14:09:33 -05:00 · 2013-06-18 14:09:33 -05:00 · fd397db6e0
parent 9e3053f24d b514124997
commit fd397db6e0
4 changed files with 12 additions and 8 deletions
--- a/modules/exploits/multi/http/netwin_surgeftp_exec.rb
+++ b/modules/exploits/multi/http/netwin_surgeftp_exec.rb
@ -29,7 +29,8 @@ class Metasploit3 < Msf::Exploit::Remote
 			'License'        => MSF_LICENSE,
 			'References'     =>
 				[
-					['EDB', '23522']
+					[ 'OSVDB', '89105' ],
+					[ 'EDB', '23522' ]
 				],
 			'Targets'        =>
 				[
@ -123,4 +124,4 @@ class Metasploit3 < Msf::Exploit::Remote

 		handler
 	end
-end
+end
--- a/modules/exploits/multi/http/polarcms_upload_exec.rb
+++ b/modules/exploits/multi/http/polarcms_upload_exec.rb
@ -17,9 +17,9 @@ class Metasploit3 < Msf::Exploit::Remote

 	def initialize(info = {})
 		super(update_info(info,
-			'Name'           => 'PolarPearCms PHP File Upload Vulnerability',
+			'Name'           => 'PolarBear CMS PHP File Upload Vulnerability',
 			'Description'    => %q{
-					This module exploits a file upload vulnerability found in PlarPear CMS
+					This module exploits a file upload vulnerability found in PolarBear CMS
 				By abusing the upload.php file, a malicious user can upload a file to a temp
 				directory without authentication, which results in arbitrary code execution.
 			},
@ -30,7 +30,8 @@ class Metasploit3 < Msf::Exploit::Remote
 			'License'        => MSF_LICENSE,
 			'References'     =>
 				[
-					[ 'CVE', '2013-0803' ]
+					[ 'CVE', '2013-0803' ],
+					[ 'OSVDB', '90627' ]
 				],
 			'Payload'	     =>
 				{
--- a/modules/exploits/multi/http/rails_json_yaml_code_exec.rb
+++ b/modules/exploits/multi/http/rails_json_yaml_code_exec.rb
@ -41,7 +41,8 @@ class Metasploit3 < Msf::Exploit::Remote
 			'License'        => MSF_LICENSE,
 			'References'  =>
 				[
-					['CVE', '2013-0333'],
+					[ 'CVE', '2013-0333' ],
+					[ 'OSVDB', '89594' ]
 				],
 			'Platform'       => 'ruby',
 			'Arch'           => ARCH_RUBY,
--- a/modules/exploits/multi/http/v0pcr3w_exec.rb
+++ b/modules/exploits/multi/http/v0pcr3w_exec.rb
@ -27,8 +27,9 @@ class Metasploit3 < Msf::Exploit::Remote
 				],
 			'References'     =>
 				[
-					['URL', 'https://defense.ballastsecurity.net/wiki/index.php/V0pCr3w_shell'],
-					['URL', 'https://defense.ballastsecurity.net/decoding/index.php?hash=f6b534edf37c3cc0aa88997810daf9c0']
+					[ 'OSVDB', '91841'],
+					[ 'URL', 'https://defense.ballastsecurity.net/wiki/index.php/V0pCr3w_shell' ],
+					[ 'URL', 'https://defense.ballastsecurity.net/decoding/index.php?hash=f6b534edf37c3cc0aa88997810daf9c0' ]
 				],
 			'Privileged'     => false,
 			'Payload'        =>