dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

automatic module_metadata_base.json update

This commit is contained in:
Metasploit 2021-02-14 00:30:42 -06:00
parent 9460bffbf7
commit 9e740b12bb
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
db/modules_metadata_base.json
View File

@ -58934,7 +58934,7 @@
"needs_cleanup": null
},
"exploit_linux/http/netgear_wnr2000_rce": {
"name": "NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Overflow",
"name": "NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Buffer Overflow",
"fullname": "exploit/linux/http/netgear_wnr2000_rce",
"aliases": [
@ -58945,7 +58945,7 @@
"author": [
"Pedro Ribeiro <pedrib@gmail.com>"
],
"description": "The NETGEAR WNR2000 router has a buffer overflow vulnerability in the hidden_lang_avi\n parameter.\n In order to exploit it, it is necessary to guess the value of a certain timestamp which\n is in the configuration of the router. An authenticated attacker can simply fetch this\n from a page, but an unauthenticated attacker has to brute force it.\n Brute forcing the timestamp token might take a few minutes, a few hours, or days, but\n it is guaranteed that it can be bruteforced.\n This module implements both modes, and it works very reliably. It has been tested with\n the WNR2000v5, firmware versions 1.0.0.34 and 1.0.0.18. It should also work with hardware\n revisions v4 and v3, but this has not been tested - with these routers it might be necessary\n to adjust the LibcBase variable as well as the gadget addresses.",
"description": "The NETGEAR WNR2000 router has a stack buffer overflow vulnerability in the hidden_lang_avi\n parameter.\n In order to exploit it, it is necessary to guess the value of a certain timestamp which\n is in the configuration of the router. An authenticated attacker can simply fetch this\n from a page, but an unauthenticated attacker has to brute force it.\n Brute forcing the timestamp token might take a few minutes, a few hours, or days, but\n it is guaranteed that it can be bruteforced.\n This module implements both modes, and it works very reliably. It has been tested with\n the WNR2000v5, firmware versions 1.0.0.34 and 1.0.0.18. It should also work with hardware\n revisions v4 and v3, but this has not been tested - with these routers it might be necessary\n to adjust the LibcBase variable as well as the gadget addresses.",
"references": [
"CVE-2016-10174",
"URL-https://raw.githubusercontent.com/pedrib/PoC/master/advisories/netgear-wnr2000.txt",
@ -58973,7 +58973,7 @@
"targets": [
"NETGEAR WNR2000v5"
],
"mod_time": "2020-10-02 17:38:06 +0000",
"mod_time": "2021-02-13 04:10:13 +0000",
"path": "/modules/exploits/linux/http/netgear_wnr2000_rce.rb",
"is_install_path": true,
"ref_name": "linux/http/netgear_wnr2000_rce",
@ -88011,7 +88011,7 @@
"Kenzley Alphonse",
"joev <joev@metasploit.com>"
],
"description": "This exploit leverages a stack overflow vulnerability to escalate privileges.\n The vulnerable function nfs_convert_old_nfs_args does not verify the size\n of a user-provided argument before copying it to the stack. As a result, by\n passing a large size as an argument, a local user can overwrite the stack with arbitrary\n content.\n\n Mac OS X Lion Kernel <= xnu-1699.32.7 except xnu-1699.24.8 are affected.",
"description": "This exploit leverages a stack buffer overflow vulnerability to escalate privileges.\n The vulnerable function nfs_convert_old_nfs_args does not verify the size\n of a user-provided argument before copying it to the stack. As a result, by\n passing a large size as an argument, a local user can overwrite the stack with arbitrary\n content.\n\n Mac OS X Lion Kernel <= xnu-1699.32.7 except xnu-1699.24.8 are affected.",
"references": [
"EDB-32813"
],
@ -88027,7 +88027,7 @@
"targets": [
"Mac OS X 10.7 Lion x64 (Native Payload)"
],
"mod_time": "2020-10-02 17:38:06 +0000",
"mod_time": "2021-02-13 04:10:13 +0000",
"path": "/modules/exploits/osx/local/nfs_mount_root.rb",
"is_install_path": true,
"ref_name": "osx/local/nfs_mount_root",
@ -118163,7 +118163,7 @@
"author": [
"MC <mc@metasploit.com>"
],
"description": "This module exploits a stack overflow in Microsoft Visual\n Basic 6.0. When a specially crafted vbp file containing a long\n reference line, an attacker may be able to execute arbitrary\n code.",
"description": "This module exploits a stack buffer overflow in Microsoft Visual\n Basic 6.0. When a specially crafted vbp file containing a long\n reference line, an attacker may be able to execute arbitrary\n code.",
"references": [
"CVE-2007-4776",
"OSVDB-36936",
@ -118181,7 +118181,7 @@
"targets": [
"Windows XP SP2 English"
],
"mod_time": "2020-10-02 17:38:06 +0000",
"mod_time": "2021-02-13 04:10:13 +0000",
"path": "/modules/exploits/windows/fileformat/ms_visual_basic_vbp.rb",
"is_install_path": true,
"ref_name": "windows/fileformat/ms_visual_basic_vbp",
@ -143362,7 +143362,7 @@
"needs_cleanup": null
},
"exploit_windows/misc/plugx": {
"name": "PlugX Controller Stack Overflow",
"name": "PlugX Controller Stack Buffer Overflow",
"fullname": "exploit/windows/misc/plugx",
"aliases": [
@ -143373,7 +143373,7 @@
"author": [
"Professor Plum"
],
"description": "This module exploits a Stack buffer overflow in the PlugX Controller (C2 server)",
"description": "This module exploits a stack buffer overflow in the PlugX Controller (C2 server).",
"references": [
],
@ -143391,7 +143391,7 @@
"PlugX Type I",
"PlugX Type II"
],
"mod_time": "2020-10-02 17:38:06 +0000",
"mod_time": "2021-02-13 04:10:13 +0000",
"path": "/modules/exploits/windows/misc/plugx.rb",
"is_install_path": true,
"ref_name": "windows/misc/plugx",