automatic module_metadata_base.json update
This commit is contained in:
parent
1dd26bca03
commit
0446820d33
|
@ -68294,6 +68294,68 @@
|
|||
],
|
||||
"needs_cleanup": true
|
||||
},
|
||||
"exploit_linux/local/cve_2021_38648_omigod": {
|
||||
"name": "Microsoft OMI Management Interface Authentication Bypass",
|
||||
"fullname": "exploit/linux/local/cve_2021_38648_omigod",
|
||||
"aliases": [
|
||||
|
||||
],
|
||||
"rank": 600,
|
||||
"disclosure_date": "2021-09-14",
|
||||
"type": "exploit",
|
||||
"author": [
|
||||
"Nir Ohfeld",
|
||||
"Shir Tamari",
|
||||
"Spencer McIntyre"
|
||||
],
|
||||
"description": "By removing the authentication exchange, an attacker can issue requests to the local OMI management socket\n that will cause it to execute an operating system command as the root user. This vulnerability was patched in\n OMI version 1.6.8-1 (released September 8th 2021).",
|
||||
"references": [
|
||||
"CVE-2021-38648",
|
||||
"URL-https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38648",
|
||||
"URL-https://www.wiz.io/blog/omigod-critical-vulnerabilities-in-omi-azure",
|
||||
"URL-https://attackerkb.com/topics/08O94gYdF1/cve-2021-38647"
|
||||
],
|
||||
"platform": "Linux,Unix",
|
||||
"arch": "cmd, x86, x64",
|
||||
"rport": null,
|
||||
"autofilter_ports": [
|
||||
|
||||
],
|
||||
"autofilter_services": [
|
||||
|
||||
],
|
||||
"targets": [
|
||||
"Unix Command",
|
||||
"Linux Dropper"
|
||||
],
|
||||
"mod_time": "2021-11-02 10:10:18 +0000",
|
||||
"path": "/modules/exploits/linux/local/cve_2021_38648_omigod.rb",
|
||||
"is_install_path": true,
|
||||
"ref_name": "linux/local/cve_2021_38648_omigod",
|
||||
"check": true,
|
||||
"post_auth": false,
|
||||
"default_credential": false,
|
||||
"notes": {
|
||||
"AKA": [
|
||||
"OMIGOD"
|
||||
],
|
||||
"Stability": [
|
||||
"crash-safe"
|
||||
],
|
||||
"Reliability": [
|
||||
"repeatable-session"
|
||||
],
|
||||
"SideEffects": [
|
||||
"ioc-in-logs",
|
||||
"artifacts-on-disk"
|
||||
]
|
||||
},
|
||||
"session_types": [
|
||||
"shell",
|
||||
"meterpreter"
|
||||
],
|
||||
"needs_cleanup": true
|
||||
},
|
||||
"exploit_linux/local/desktop_privilege_escalation": {
|
||||
"name": "Desktop Linux Password Stealer and Privilege Escalation",
|
||||
"fullname": "exploit/linux/local/desktop_privilege_escalation",
|
||||
|
|
Loading…
Reference in New Issue