automatic module_metadata_base.json update
This commit is contained in:
parent
9c6a198453
commit
91f2a48270
|
@ -56976,6 +56976,59 @@
|
|||
"session_types": false,
|
||||
"needs_cleanup": null
|
||||
},
|
||||
"exploit_linux/fileformat/unrar_cve_2022_30333": {
|
||||
"name": "UnRAR Path Traversal (CVE-2022-30333)",
|
||||
"fullname": "exploit/linux/fileformat/unrar_cve_2022_30333",
|
||||
"aliases": [
|
||||
|
||||
],
|
||||
"rank": 600,
|
||||
"disclosure_date": "2022-06-28",
|
||||
"type": "exploit",
|
||||
"author": [
|
||||
"Simon Scannell",
|
||||
"Ron Bowes"
|
||||
],
|
||||
"description": "This module creates a RAR file that exploits CVE-2022-30333, which is a\n path-traversal vulnerability in unRAR that can extract an arbitrary file\n to an arbitrary location on a Linux system. UnRAR fixed this\n vulnerability in version 6.12 (open source version 6.1.7).\n\n The core issue is that when a symbolic link is unRAR'ed, Windows\n symbolic links are not properly validated on Linux systems and can\n therefore write a symbolic link that points anywhere on the filesystem.\n If a second file in the archive has the same name, it will be written\n to the symbolic link path.",
|
||||
"references": [
|
||||
"CVE-2022-30333",
|
||||
"URL-https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/",
|
||||
"URL-https://github.com/pmachapman/unrar/commit/22b52431a0581ab5d687747b65662f825ec03946",
|
||||
"URL-https://attackerkb.com/topics/RCa4EIZdbZ/cve-2022-30333/rapid7-analysis"
|
||||
],
|
||||
"platform": "Linux",
|
||||
"arch": "x86, x64",
|
||||
"rport": null,
|
||||
"autofilter_ports": [
|
||||
|
||||
],
|
||||
"autofilter_services": [
|
||||
|
||||
],
|
||||
"targets": [
|
||||
"Generic RAR file"
|
||||
],
|
||||
"mod_time": "2022-08-01 10:03:35 +0000",
|
||||
"path": "/modules/exploits/linux/fileformat/unrar_cve_2022_30333.rb",
|
||||
"is_install_path": true,
|
||||
"ref_name": "linux/fileformat/unrar_cve_2022_30333",
|
||||
"check": false,
|
||||
"post_auth": false,
|
||||
"default_credential": false,
|
||||
"notes": {
|
||||
"Stability": [
|
||||
"crash-safe"
|
||||
],
|
||||
"Reliability": [
|
||||
|
||||
],
|
||||
"SideEffects": [
|
||||
|
||||
]
|
||||
},
|
||||
"session_types": false,
|
||||
"needs_cleanup": null
|
||||
},
|
||||
"exploit_linux/ftp/proftp_sreplace": {
|
||||
"name": "ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux)",
|
||||
"fullname": "exploit/linux/ftp/proftp_sreplace",
|
||||
|
@ -69645,6 +69698,70 @@
|
|||
"session_types": false,
|
||||
"needs_cleanup": null
|
||||
},
|
||||
"exploit_linux/http/zimbra_unrar_cve_2022_30333": {
|
||||
"name": "UnRAR Path Traversal in Zimbra (CVE-2022-30333)",
|
||||
"fullname": "exploit/linux/http/zimbra_unrar_cve_2022_30333",
|
||||
"aliases": [
|
||||
|
||||
],
|
||||
"rank": 600,
|
||||
"disclosure_date": "2022-06-28",
|
||||
"type": "exploit",
|
||||
"author": [
|
||||
"Simon Scannell",
|
||||
"Ron Bowes"
|
||||
],
|
||||
"description": "This module creates a RAR file that can be emailed to a Zimbra server\n to exploit CVE-2022-30333. If successful, it plants a JSP-based\n backdoor in the public web directory, then executes that backdoor.\n\n The core vulnerability is a path-traversal issue in unRAR that can\n extract an arbitrary file to an arbitrary location on a Linux system.\n\n This issue is exploitable on the following versions of Zimbra, provided\n UnRAR version 6.11 or earlier is installed:\n\n * Zimbra Collaboration 9.0.0 Patch 24 (and earlier)\n * Zimbra Collaboration 8.8.15 Patch 31 (and earlier)",
|
||||
"references": [
|
||||
"CVE-2022-30333",
|
||||
"URL-https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/",
|
||||
"URL-https://github.com/pmachapman/unrar/commit/22b52431a0581ab5d687747b65662f825ec03946",
|
||||
"URL-https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P25",
|
||||
"URL-https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P32",
|
||||
"URL-https://attackerkb.com/topics/RCa4EIZdbZ/cve-2022-30333/rapid7-analysis"
|
||||
],
|
||||
"platform": "Linux",
|
||||
"arch": "x86, x64",
|
||||
"rport": 443,
|
||||
"autofilter_ports": [
|
||||
80,
|
||||
8080,
|
||||
443,
|
||||
8000,
|
||||
8888,
|
||||
8880,
|
||||
8008,
|
||||
3000,
|
||||
8443
|
||||
],
|
||||
"autofilter_services": [
|
||||
"http",
|
||||
"https"
|
||||
],
|
||||
"targets": [
|
||||
"Zimbra Collaboration Suite"
|
||||
],
|
||||
"mod_time": "2022-08-04 08:24:32 +0000",
|
||||
"path": "/modules/exploits/linux/http/zimbra_unrar_cve_2022_30333.rb",
|
||||
"is_install_path": true,
|
||||
"ref_name": "linux/http/zimbra_unrar_cve_2022_30333",
|
||||
"check": false,
|
||||
"post_auth": false,
|
||||
"default_credential": false,
|
||||
"notes": {
|
||||
"Stability": [
|
||||
"crash-safe"
|
||||
],
|
||||
"Reliability": [
|
||||
"repeatable-session"
|
||||
],
|
||||
"SideEffects": [
|
||||
"ioc-in-logs"
|
||||
]
|
||||
},
|
||||
"session_types": false,
|
||||
"needs_cleanup": true
|
||||
},
|
||||
"exploit_linux/http/zimbra_xxe_rce": {
|
||||
"name": "Zimbra Collaboration Autodiscover Servlet XXE and ProxyServlet SSRF",
|
||||
"fullname": "exploit/linux/http/zimbra_xxe_rce",
|
||||
|
|
Loading…
Reference in New Issue