automatic module_metadata_base.json update

2021-11-09 10:49:06 -06:00 · 2021-11-09 10:49:06 -06:00 · 0446820d33
parent 1dd26bca03
commit 0446820d33
1 changed files with 62 additions and 0 deletions
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@ -68294,6 +68294,68 @@
    ],
    "needs_cleanup": true
  },
+  "exploit_linux/local/cve_2021_38648_omigod": {
+    "name": "Microsoft OMI Management Interface Authentication Bypass",
+    "fullname": "exploit/linux/local/cve_2021_38648_omigod",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2021-09-14",
+    "type": "exploit",
+    "author": [
+      "Nir Ohfeld",
+      "Shir Tamari",
+      "Spencer McIntyre"
+    ],
+    "description": "By removing the authentication exchange, an attacker can issue requests to the local OMI management socket\n          that will cause it to execute an operating system command as the root user. This vulnerability was patched in\n          OMI version 1.6.8-1 (released September 8th 2021).",
+    "references": [
+      "CVE-2021-38648",
+      "URL-https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38648",
+      "URL-https://www.wiz.io/blog/omigod-critical-vulnerabilities-in-omi-azure",
+      "URL-https://attackerkb.com/topics/08O94gYdF1/cve-2021-38647"
+    ],
+    "platform": "Linux,Unix",
+    "arch": "cmd, x86, x64",
+    "rport": null,
+    "autofilter_ports": [
+
+    ],
+    "autofilter_services": [
+
+    ],
+    "targets": [
+      "Unix Command",
+      "Linux Dropper"
+    ],
+    "mod_time": "2021-11-02 10:10:18 +0000",
+    "path": "/modules/exploits/linux/local/cve_2021_38648_omigod.rb",
+    "is_install_path": true,
+    "ref_name": "linux/local/cve_2021_38648_omigod",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "AKA": [
+        "OMIGOD"
+      ],
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ],
+      "SideEffects": [
+        "ioc-in-logs",
+        "artifacts-on-disk"
+      ]
+    },
+    "session_types": [
+      "shell",
+      "meterpreter"
+    ],
+    "needs_cleanup": true
+  },
  "exploit_linux/local/desktop_privilege_escalation": {
    "name": "Desktop Linux Password Stealer and Privilege Escalation",
    "fullname": "exploit/linux/local/desktop_privilege_escalation",