automatic module_metadata_base.json update

2023-02-01 11:15:51 -06:00 · 2023-02-01 11:15:51 -06:00 · b922bb533b
parent 014bdddd1a
commit b922bb533b
1 changed files with 12 additions and 3 deletions
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@ -101987,7 +101987,7 @@
      "Qualys",
      "bcoles <bcoles@gmail.com>"
    ],
-    "description": "This module exploits a vulnerability in the OpenBSD `ld.so`\n        dynamic loader (CVE-2019-19726).\n\n        The `_dl_getenv()` function fails to reset the `LD_LIBRARY_PATH`\n        environment variable when set with approximately `ARG_MAX` colons.\n\n        This can be abused to load `libutil.so` from an untrusted path,\n        using `LD_LIBRARY_PATH` in combination with the `chpass` set-uid\n        executable, resulting in privileged code execution.\n\n        This module has been tested successfully on:\n\n        OpenBSD 6.1 (amd64); and\n        OpenBSD 6.6 (amd64)",
+    "description": "This module exploits a vulnerability in the OpenBSD `ld.so`\n          dynamic loader (CVE-2019-19726).\n\n          The `_dl_getenv()` function fails to reset the `LD_LIBRARY_PATH`\n          environment variable when set with approximately `ARG_MAX` colons.\n\n          This can be abused to load `libutil.so` from an untrusted path,\n          using `LD_LIBRARY_PATH` in combination with the `chpass` set-uid\n          executable, resulting in privileged code execution.\n\n          This module has been tested successfully on:\n\n          OpenBSD 6.1 (amd64); and\n          OpenBSD 6.6 (amd64)",
    "references": [
      "CVE-2019-19726",
      "EDB-47780",
@ -102009,7 +102009,7 @@
    "targets": [
      "Automatic"
    ],
-    "mod_time": "2020-09-18 11:38:43 +0000",
+    "mod_time": "2023-02-01 22:26:44 +0000",
    "path": "/modules/exploits/openbsd/local/dynamic_loader_chpass_privesc.rb",
    "is_install_path": true,
    "ref_name": "openbsd/local/dynamic_loader_chpass_privesc",
@ -102017,6 +102017,15 @@
    "post_auth": false,
    "default_credential": false,
    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ],
+      "SideEffects": [
+        "artifacts-on-disk"
+      ]
    },
    "session_types": [
      "shell"
@ -153313,7 +153322,7 @@
    "targets": [
      "Windows x86/x64 with x86 payload"
    ],
-    "mod_time": "2021-09-08 21:56:02 +0000",
+    "mod_time": "2023-01-28 09:08:51 +0000",
    "path": "/modules/exploits/windows/local/anyconnect_lpe.rb",
    "is_install_path": true,
    "ref_name": "windows/local/anyconnect_lpe",