Permalink
Browse files

Fix first chunk of msftidy "bad char" errors

There needs to be a better way to go about preventing/fixing these.
  • Loading branch information...
1 parent 045900b commit 170608e97b2b92c356c108be34e09887c4304e19 @wvu-r7 wvu-r7 committed Mar 11, 2014
Showing with 95 additions and 83 deletions.
  1. +1 −1 modules/auxiliary/admin/cisco/cisco_secure_acs_bypass.rb
  2. +18 −15 modules/auxiliary/dos/http/apache_mod_isapi.rb
  3. +2 −2 modules/auxiliary/dos/mdns/avahi_portzero.rb
  4. +1 −1 modules/auxiliary/dos/smtp/sendmail_prescan.rb
  5. +1 −1 modules/auxiliary/dos/ssl/dtls_changecipherspec.rb
  6. +1 −1 modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb
  7. +1 −1 modules/auxiliary/dos/windows/ftp/iis_list_exhaustion.rb
  8. +5 −4 modules/auxiliary/dos/windows/ftp/solarftp_user.rb
  9. +5 −5 modules/auxiliary/dos/windows/http/pi3web_isapi.rb
  10. +7 −5 modules/auxiliary/gather/eaton_nsm_creds.rb
  11. +1 −1 modules/auxiliary/scanner/http/dolibarr_login.rb
  12. +1 −1 modules/exploits/freebsd/tacacs/xtacacsd_report.rb
  13. +2 −2 modules/exploits/linux/http/dolibarr_cmd_exec.rb
  14. +1 −1 modules/exploits/linux/http/peercast_url.rb
  15. +1 −1 modules/exploits/multi/browser/mozilla_compareto.rb
  16. +1 −1 modules/exploits/multi/fileformat/peazip_command_injection.rb
  17. +5 −4 modules/exploits/multi/http/activecollab_chat.rb
  18. +6 −5 modules/exploits/multi/http/phpldapadmin_query_engine.rb
  19. +1 −1 modules/exploits/multi/http/pmwiki_pagelist.rb
  20. +1 −1 modules/exploits/multi/http/sit_file_upload.rb
  21. +5 −4 modules/exploits/multi/http/spree_searchlogic_exec.rb
  22. +1 −1 modules/exploits/multi/http/struts_code_exec.rb
  23. +1 −1 modules/exploits/multi/http/struts_code_exec_exception_delegator.rb
  24. +7 −6 modules/exploits/multi/http/vbseo_proc_deutf.rb
  25. +1 −1 modules/exploits/unix/smtp/exim4_string_format.rb
  26. +1 −1 modules/exploits/unix/webapp/awstatstotals_multisort.rb
  27. +6 −5 modules/exploits/unix/webapp/cakephp_cache_corruption.rb
  28. +9 −8 modules/exploits/unix/webapp/coppermine_piceditor.rb
  29. +1 −1 modules/exploits/unix/webapp/sphpblog_file_upload.rb
  30. +1 −1 modules/exploits/unix/webapp/sugarcrm_unserialize_exec.rb
@@ -13,7 +13,7 @@ class Metasploit4 < Msf::Auxiliary
def initialize(info = {})
super(update_info(info,
- 'Name' => 'Cisco Secure ACS Version < 5.1.0.44.5 or 5.2.0.26.2 Unauthorized Password Change',
+ 'Name' => 'Cisco Secure ACS Unauthorized Password Change',
'Description' => %q{
This module exploits an authentication bypass issue which allows arbitrary
password change requests to be issued for any user in the local store.
@@ -12,25 +12,28 @@ class Metasploit3 < Msf::Auxiliary
def initialize(info = {})
super(update_info(info,
- 'Name' => 'Apache mod_isapi <= 2.2.14 Dangling Pointer',
+ 'Name' => 'Apache mod_isapi Dangling Pointer',
'Description' => %q{
- This module triggers a use-after-free vulnerability in the Apache Software
- Foundation mod_isapi extension. In order to reach the vulnerable code, the
- target server must have an ISAPI module installed and configured.
+ This module triggers a use-after-free vulnerability in the Apache
+ Software Foundation mod_isapi extension for versions 2.2.14 and earlier.
+ In order to reach the vulnerable code, the target server must have an
+ ISAPI module installed and configured.
- By making a request that terminates abnormally (either an aborted TCP connection or
- an unsatisfied chunked request), mod_isapi will unload the ISAPI extension. Later,
- if another request comes for that ISAPI module, previously obtained pointers will
- be used resulting in an access violation or potentially arbitrary code execution.
+ By making a request that terminates abnormally (either an aborted TCP
+ connection or an unsatisfied chunked request), mod_isapi will unload the
+ ISAPI extension. Later, if another request comes for that ISAPI module,
+ previously obtained pointers will be used resulting in an access
+ violation or potentially arbitrary code execution.
- Although arbitrary code execution is theoretically possible, a real-world method of
- invoking this consequence has not been proven. In order to do so, one would need to
- find a situation where a particular ISAPI module loads at an image base address
- that can be re-allocated by a remote attacker.
+ Although arbitrary code execution is theoretically possible, a
+ real-world method of invoking this consequence has not been proven. In
+ order to do so, one would need to find a situation where a particular
+ ISAPI module loads at an image base address that can be re-allocated by
+ a remote attacker.
- Limited success was encountered using two separate ISAPI modules. In this scenario,
- a second ISAPI module was loaded into the same memory area as the previously
- unloaded module.
+ Limited success was encountered using two separate ISAPI modules. In
+ this scenario, a second ISAPI module was loaded into the same memory
+ area as the previously unloaded module.
},
'Author' =>
[
@@ -12,10 +12,10 @@ class Metasploit3 < Msf::Auxiliary
def initialize
super(
- 'Name' => 'Avahi < 0.6.24 Source Port 0 DoS',
+ 'Name' => 'Avahi Source Port 0 DoS',
'Description' => %q{
Avahi-daemon versions prior to 0.6.24 can be DoS'd
- with an mDNS packet with a source port of 0
+ with an mDNS packet with a source port of 0.
},
'Author' => 'kris katterjohn',
'License' => MSF_LICENSE,
@@ -13,7 +13,7 @@ class Metasploit3 < Msf::Auxiliary
def initialize(info = {})
super(update_info(info,
- 'Name' => 'Sendmail SMTP Address prescan <= 8.12.8 Memory Corruption',
+ 'Name' => 'Sendmail SMTP Address prescan Memory Corruption',
'Description' => %q{
This is a proof of concept denial of service module for Sendmail versions
8.12.8 and earlier. The vulnerability is within the prescan() method when
@@ -14,7 +14,7 @@ class Metasploit3 < Msf::Auxiliary
def initialize(info = {})
super(update_info(info,
- 'Name' => 'OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS',
+ 'Name' => 'OpenSSL DTLS ChangeCipherSpec Remote DoS',
'Description' => %q{
This module performs a Denial of Service Attack against Datagram TLS in OpenSSL
version 0.9.8i and earlier. OpenSSL crashes under these versions when it recieves a
@@ -13,7 +13,7 @@ class Metasploit3 < Msf::Auxiliary
def initialize(info = {})
super(update_info(info,
- 'Name' => 'FileZilla FTP Server <=0.9.21 Malformed PORT Denial of Service',
+ 'Name' => 'FileZilla FTP Server Malformed PORT Denial of Service',
'Description' => %q{
This module triggers a Denial of Service condition in the FileZilla FTP
Server versions 0.9.21 and earlier. By sending a malformed PORT command
@@ -12,7 +12,7 @@ class Metasploit3 < Msf::Auxiliary
def initialize(info = {})
super(update_info(info,
- 'Name' => 'Microsoft IIS FTP Server <= 7.0 LIST Stack Exhaustion',
+ 'Name' => 'Microsoft IIS FTP Server LIST Stack Exhaustion',
'Description' => %q{
This module triggers Denial of Service condition in the Microsoft Internet
Information Services (IIS) FTP Server 5.0 through 7.0 via a list (ls) -R command
@@ -12,11 +12,12 @@ class Metasploit3 < Msf::Auxiliary
def initialize(info={})
super(update_info(info,
- 'Name' => 'Solar FTP Server <= 2.1.1 Malformed (User) Denial of Service',
+ 'Name' => 'Solar FTP Server Malformed USER Denial of Service',
'Description' => %q{
- This module will send a format string as USER to Solar FTP, causing a READ
- violation in function "__output_1()" found in "sfsservice.exe" while trying to
- calculate the length of the string.
+ This module will send a format string as USER to Solar FTP, causing a
+ READ violation in function "__output_1()" found in "sfsservice.exe"
+ while trying to calculate the length of the string. This vulnerability
+ affects versions 2.1.1 and earlier.
},
'Author' =>
[
@@ -12,12 +12,12 @@ class Metasploit3 < Msf::Auxiliary
def initialize(info = {})
super(update_info(info,
- 'Name' => 'Pi3Web <=2.0.13 ISAPI DoS',
+ 'Name' => 'Pi3Web ISAPI DoS',
'Description' => %q{
- The Pi3Web HTTP server crashes when a request is made
- for an invalid DLL file in /isapi. By default, the
- non-DLLs in this directory after installation are
- users.txt, install.daf and readme.daf.
+ The Pi3Web HTTP server crashes when a request is made for an invalid DLL
+ file in /isapi for versions 2.0.13 and earlier. By default, the non-DLLs
+ in this directory after installation are users.txt, install.daf and
+ readme.daf.
},
'Author' => 'kris katterjohn',
'License' => MSF_LICENSE,
@@ -12,12 +12,14 @@ class Metasploit3 < Msf::Auxiliary
def initialize(info = {})
super(update_info(info,
- 'Name' => 'Network Shutdown Module <= 3.21 (sort_values) Credential Dumper',
+ 'Name' => 'Network Shutdown Module sort_values Credential Dumper',
'Description' => %q{
- This module will extract user credentials from Network Shutdown Module by exploiting
- a vulnerability found in lib/dbtools.inc, which uses unsanitized user input inside a
- eval() call. Please note that in order to extract credentials,the vulnerable service
- must have at least one USV module (an entry in the "nodes" table in mgedb.db)
+ This module will extract user credentials from Network Shutdown Module
+ versions 3.21 and earlier by exploiting a vulnerability found in
+ lib/dbtools.inc, which uses unsanitized user input inside a eval() call.
+ Please note that in order to extract credentials,the vulnerable service
+ must have at least one USV module (an entry in the "nodes" table in
+ mgedb.db).
},
'References' =>
[
@@ -13,7 +13,7 @@ class Metasploit3 < Msf::Auxiliary
def initialize(info = {})
super(update_info(info,
- 'Name' => 'Dolibarr ERP & CRM 3 Login Utility',
+ 'Name' => 'Dolibarr ERP/CRM Login Utility',
'Description' => %q{
This module attempts to authenticate to a Dolibarr ERP/CRM's admin web interface,
and should only work against version 3.1.1 or older, because these versions do not
@@ -13,7 +13,7 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'XTACACSD <= 4.1.2 report() Buffer Overflow',
+ 'Name' => 'XTACACSD report() Buffer Overflow',
'Description' => %q{
This module exploits a stack buffer overflow in XTACACSD <= 4.1.2. By
sending a specially crafted XTACACS packet with an overly long
@@ -12,9 +12,9 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info={})
super(update_info(info,
- 'Name' => "Dolibarr ERP & CRM 3 Post-Auth OS Command Injection",
+ 'Name' => "Dolibarr ERP/CRM Post-Auth OS Command Injection",
'Description' => %q{
- This module exploits a vulnerability found in Dolibarr ERP/CRM's
+ This module exploits a vulnerability found in Dolibarr ERP/CRM 3's
backup feature. This software is used to manage a company's business
information such as contacts, invoices, orders, stocks, agenda, etc.
When processing a database backup request, the export.php function
@@ -12,7 +12,7 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'PeerCast <= 0.1216 URL Handling Buffer Overflow (linux)',
+ 'Name' => 'PeerCast URL Handling Buffer Overflow',
'Description' => %q{
This module exploits a stack buffer overflow in PeerCast <= v0.1216.
The vulnerability is caused due to a boundary error within the
@@ -28,7 +28,7 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'Mozilla Suite/Firefox InstallVersion->compareTo() Code Execution',
+ 'Name' => 'Mozilla Suite/Firefox compareTo() Code Execution',
'Description' => %q{
This module exploits a code execution vulnerability in the Mozilla
Suite, Mozilla Firefox, and Mozilla Thunderbird applications. This exploit
@@ -13,7 +13,7 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'PeaZip <= 2.6.1 Zip Processing Command Injection',
+ 'Name' => 'PeaZip Zip Processing Command Injection',
'Description' => %q{
This module exploits a command injection vulnerability in PeaZip. All
versions prior to 2.6.2 are suspected vulnerable. Testing was conducted with
@@ -12,11 +12,12 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info={})
super(update_info(info,
- 'Name' => 'Active Collab "chat module" <= 2.3.8 Remote PHP Code Injection Exploit',
+ 'Name' => 'Active Collab "chat module" Remote PHP Code Injection Exploit',
'Description' => %q{
- This module exploits an arbitrary code injection vulnerability in the chat module
- that is part of Active Collab by abusing a preg_replace() using the /e modifier and
- its replacement string using double quotes. The vulnerable function can be found in
+ This module exploits an arbitrary code injection vulnerability in the
+ chat module that is part of Active Collab versions 2.3.8 and earlier by
+ abusing a preg_replace() using the /e modifier and its replacement
+ string using double quotes. The vulnerable function can be found in
activecollab/application/modules/chat/functions/html_to_text.php.
},
'License' => MSF_LICENSE,
@@ -12,12 +12,13 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection',
+ 'Name' => 'phpLDAPadmin query_engine Remote PHP Code Injection',
'Description' => %q{
- This module exploits a vulnerability in the lib/functions.php that allows
- attackers input parsed directly to the create_function() php function. A patch was
- issued that uses a whitelist regex expression to check the user supplied input
- before being parsed to the create_function() call.
+ This module exploits a vulnerability in the lib/functions.php for
+ phpLDAPadmin versions 1.2.1.1 and earlier that allows attackers input
+ parsed directly to the create_function() php function. A patch was
+ issued that uses a whitelist regex expression to check the user supplied
+ input before being parsed to the create_function() call.
},
'Author' =>
[
@@ -12,7 +12,7 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info={})
super(update_info(info,
- 'Name' => 'PmWiki <= 2.2.34 pagelist.php Remote PHP Code Injection Exploit',
+ 'Name' => 'PmWiki pagelist.php Remote PHP Code Injection Exploit',
'Description' => %q{
This module exploits an arbitrary command execution vulnerability
in PmWiki from 2.0.0 to 2.2.34. The vulnerable function is
@@ -12,7 +12,7 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'Support Incident Tracker <= 3.65 Remote Command Execution',
+ 'Name' => 'Support Incident Tracker Remote Command Execution',
'Description' => %q{
This module combines two separate issues within Support Incident Tracker (<= 3.65)
application to upload arbitrary data and thus execute a shell. The two issues exist
@@ -14,11 +14,12 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'Spreecommerce < 0.50.0 Arbitrary Command Execution',
+ 'Name' => 'Spreecommerce Arbitrary Command Execution',
'Description' => %q{
- This module exploits an arbitrary command execution vulnerability in the
- Spreecommerce API searchlogic. Unvalidated input is called via the
- Ruby send method allowing command execution.
+ This module exploits an arbitrary command execution vulnerability in
+ the Spreecommerce API searchlogic for versions 0.50.0 and earlier.
+ Unvalidated input is called via the Ruby send method allowing command
+ execution.
},
'Author' => [ 'joernchen <joernchen[at]phenoelit.de>' ], #Phenoelit
'License' => MSF_LICENSE,
@@ -13,7 +13,7 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'Apache Struts < 2.2.0 Remote Command Execution',
+ 'Name' => 'Apache Struts Remote Command Execution',
'Description' => %q{
This module exploits a remote command execution vulnerability in
Apache Struts versions < 2.2.0. This issue is caused by a failure to properly
@@ -13,7 +13,7 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'Apache Struts <= 2.2.1.1 Remote Command Execution',
+ 'Name' => 'Apache Struts Remote Command Execution',
'Description' => %q{
This module exploits a remote command execution vulnerability in
Apache Struts versions < 2.2.1.1. This issue is caused because the
@@ -12,13 +12,14 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'vBSEO <= 3.6.0 proc_deutf() Remote PHP Code Injection',
+ 'Name' => 'vBSEO proc_deutf() Remote PHP Code Injection',
'Description' => %q{
- This module exploits a vulnerability in the 'proc_deutf()' function
- defined in /includes/functions_vbseocp_abstract.php. User input passed through
- 'char_repl' POST parameter isn't properly sanitized before being used in a call
- to preg_replace() function which uses the 'e' modifier. This can be exploited to
- inject and execute arbitrary code leveraging the PHP's complex curly syntax.
+ This module exploits a vulnerability in the 'proc_deutf()' function
+ defined in /includes/functions_vbseocp_abstract.php for vBSEO versions
+ 3.6.0 and earlier. User input passed through 'char_repl' POST parameter
+ isn't properly sanitized before being used in a call to preg_replace()
+ function which uses the 'e' modifier. This can be exploited to inject
+ and execute arbitrary code leveraging the PHP's complex curly syntax.
},
'Author' => 'EgiX <n0b0d13s[at]gmail.com>', # originally reported by the vendor
'License' => MSF_LICENSE,
@@ -12,7 +12,7 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'Exim4 <= 4.69 string_format Function Heap Buffer Overflow',
+ 'Name' => 'Exim4 string_format Function Heap Buffer Overflow',
'Description' => %q{
This module exploits a heap buffer overflow within versions of Exim prior to
version 4.69. By sending a specially crafted message, an attacker can corrupt the
@@ -14,7 +14,7 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'AWStats Totals <= v1.14 multisort Remote Command Execution',
+ 'Name' => 'AWStats Totals multisort Remote Command Execution',
'Description' => %q{
This module exploits an arbitrary command execution vulnerability in the
AWStats Totals PHP script. AWStats Totals version v1.0 - v1.14 are vulnerable.
@@ -12,12 +12,13 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
- 'Name' => 'CakePHP <= 1.3.5 / 1.2.8 Cache Corruption Code Execution',
+ 'Name' => 'CakePHP Cache Corruption Code Execution',
'Description' => %q{
- CakePHP is a popular PHP framework for building web applications.
- The Security component of CakePHP is vulnerable to an unserialize attack which
- could be abused to allow unauthenticated attackers to execute arbitrary
- code with the permissions of the webserver.
+ CakePHP is a popular PHP framework for building web applications. The
+ Security component of CakePHP versions 1.3.5 and earlier and 1.2.8 and
+ earlier is vulnerable to an unserialize attack which could be abused to
+ allow unauthenticated attackers to execute arbitrary code with the
+ permissions of the webserver.
},
'Author' =>
[
Oops, something went wrong.

0 comments on commit 170608e

Please sign in to comment.