Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update CVE reference in where modules report_vuln #8518

Merged
merged 2 commits into from
Jun 8, 2017
Merged

update CVE reference in where modules report_vuln #8518

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1558db3
update CVE reference in where modules report_vuln
jmartin-tech Jun 5, 2017
b932aae
reference typo fix
jmartin-tech Jun 6, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 7 additions & 2 deletions modules/auxiliary/scanner/dns/dns_amp.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,12 @@ def initialize
third party.
},
'Author' => [ 'xistence <xistence[at]0x90.nl>'], # Original scanner module
'License' => MSF_LICENSE
'License' => MSF_LICENSE,
'References' =>
[
['CVE', '2006-0987'],
['CVE', '2006-0988'],
]
)

register_options( [
Expand Down Expand Up @@ -124,7 +129,7 @@ def scanner_process(data, shost, sport)
:port => datastore['RPORT'],
:proto => 'udp', :name => "DNS",
:info => "DNS amplification - #{data.length} bytes [#{amp.round(2)}x Amplification]",
:refs => [ "CVE-2006-0987", "CVE-2006-0988" ])
:refs => self.references)
end

# If these flags are set, we get a valid response but recursion is not available
Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/http/host_header_injection.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ def initialize(info = {})
'License' => MSF_LICENSE,
'References' =>
[
['CVE', '2016-10073'], # validate, an instance of a described attack approach from the original reference
['URL', 'http://www.skeletonscribe.net/2013/05/practical-http-host-header-attacks.html']
]
))
Expand Down
2 changes: 2 additions & 0 deletions modules/auxiliary/scanner/http/jenkins_command.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,8 @@ def initialize(info = {})
],
'References' =>
[
['CVE', '2015-8103'], # see link and validate, https://highon.coffee/blog/jenkins-api-unauthenticated-rce-exploit/ states this is another issue
['URL', 'https://jenkins.io/security/advisory/2015-11-11/'],
['URL', 'https://www.pentestgeek.com/penetration-testing/hacking-jenkins-servers-with-no-password/'],
['URL', 'https://wiki.jenkins-ci.org/display/JENKINS/Jenkins+Script+Console'],
],
Expand Down
7 changes: 6 additions & 1 deletion modules/auxiliary/scanner/http/trace.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,12 @@ def initialize
'Jay Turla <@shipcod3>' , #Cross-Site Tracing (XST) Checker
'CG' #HTTP TRACE Detection
],
'License' => MSF_LICENSE
'License' => MSF_LICENSE,
'References' =>
[
['CVE', '2005-3398'], # early case where this vector applied to a specific application.
['URL', 'https://www.owasp.org/index.php/Cross_Site_Tracing']
]
)
end

Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/ipmi/ipmi_cipher_zero.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ def initialize
'License' => MSF_LICENSE,
'References' =>
[
['CVE', '2013-4782'],
['URL', 'http://fish2.com/ipmi/cipherzero.html'],
['OSVDB', '93038'],
['OSVDB', '93039'],
Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/misc/sercomm_backdoor_scanner.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ def initialize(info={})
'License' => MSF_LICENSE,
'References' =>
[
[ 'CVE', '2014-0659' ],
[ 'OSVDB', '101653' ],
[ 'URL', 'https://github.com/elvanderb/TCP-32764' ]
],
Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/ntp/ntp_peer_list_dos.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ def initialize
'Author' => 'Jon Hart <jon_hart[at]rapid7.com>',
'References' =>
[
['CVE', '2013-5211'], # see also scanner/ntp/ntp_monlist.rb
['URL', 'https://github.com/rapid7/metasploit-framework/pull/3696'],
['URL', 'http://r-7.co/R7-2014-12']
],
Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/ntp/ntp_peer_list_sum_dos.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ def initialize
'Author' => 'Jon Hart <jon_hart[at]rapid7.com>',
'References' =>
[
['CVE', '2013-5211'], # see also scanner/ntp/ntp_monlist.rb
['URL', 'https://github.com/rapid7/metasploit-framework/pull/3696'],
['URL', 'http://r-7.co/R7-2014-12']
],
Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/ntp/ntp_readvar.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ def initialize(info = {})
'License' => MSF_LICENSE,
'References' =>
[
['CVE', '2013-5211'], # see also scanner/ntp/ntp_monlist.rb
[ 'URL', 'http://www.rapid7.com/vulndb/lookup/ntp-clock-variables-disclosure' ]
]
)
Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/ntp/ntp_req_nonce_dos.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ def initialize
'Author' => 'Jon Hart <jon_hart[at]rapid7.com>',
'References' =>
[
['CVE', '2013-5211'], # see also scanner/ntp/ntp_monlist.rb
['URL', 'https://github.com/rapid7/metasploit-framework/pull/3696'],
['URL', 'http://r-7.co/R7-2014-12']
],
Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/ntp/ntp_reslist_dos.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ def initialize
'Author' => 'Jon Hart <jon_hart[at]rapid7.com>',
'References' =>
[
['CVE', '2013-5211'], # see also scanner/ntp/ntp_monlist.rb
['URL', 'https://github.com/rapid7/metasploit-framework/pull/3696'],
['URL', 'http://r-7.co/R7-2014-12']
],
Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/ntp/ntp_unsettrap_dos.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ def initialize
'Author' => 'Jon Hart <jon_hart[at]rapid7.com>',
'References' =>
[
['CVE', '2013-5211'], # see also scanner/ntp/ntp_monlist.rb
['URL', 'https://github.com/rapid7/metasploit-framework/pull/3696'],
['URL', 'http://r-7.co/R7-2014-12']
],
Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/oracle/tnspoison_checker.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ def initialize(info = {})
'Author' => ['ir0njaw (Nikita Kelesis) <nikita.elkey[at]gmail.com>'], # of Digital Security [http://dsec.ru]
'References' =>
[
[ 'CVE', '2012-1675'],
[ 'URL', 'http://seclists.org/fulldisclosure/2012/Apr/204' ],
],
'DisclosureDate' => 'Apr 18 2012',
Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/portmap/portmap_amp.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ def initialize
'License' => MSF_LICENSE,
'References' =>
[
['CVE', '2013-5211'], # see also scanner/ntp/ntp_monlist.rb
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The vulnerability and abuse/exploitation is definitely similar, but this is not the same protocol, so IMO referencing this CVE here will cause more problems than it solves. What am I missing here?

['URL', 'https://www.us-cert.gov/ncas/alerts/TA14-017A'],
['URL', 'http://blog.level3.com/security/a-new-ddos-reflection-attack-portmapper-an-early-warning-to-the-industry/']
],
Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/scada/moxa_discover.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ def initialize(info = {})
'License' => MSF_LICENSE,
'References' =>
[
[ 'CVE', '2016-9361'],
[ 'URL', 'https://www.digitalbond.com/blog/2016/10/25/serial-killers/'],
[ 'URL', 'http://www.moxa.com/support/faq/faq_detail.aspx?id=646' ],
]
Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/udp/udp_amplification.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ def initialize
'License' => MSF_LICENSE,
'References' =>
[
['CVE', '2013-5211'], # see also scanner/ntp/ntp_monlist.rb
['URL', 'https://www.us-cert.gov/ncas/alerts/TA14-017A']
]
)
Expand Down
7 changes: 6 additions & 1 deletion modules/auxiliary/scanner/udp_scanner_template.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,12 @@ def initialize(info = {})
),
'Author' => 'Joe Contributor <joe_contributor[at]example.com>',
'DisclosureDate' => 'Mar 15 2014',
'License' => MSF_LICENSE
'License' => MSF_LICENSE,
'References' =>
[
['CVE', '0000-0000'], # remove or update if CVE exists
['URL', 'https://SomeURLinCyberspace.local']
]
)
)

Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/upnp/ssdp_amp.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ def initialize
'License' => MSF_LICENSE,
'References' =>
[
['CVE', '2013-5211'], # see also scanner/ntp/ntp_monlist.rb
['URL', 'https://www.us-cert.gov/ncas/alerts/TA14-017A']
],
)
Expand Down
9 changes: 8 additions & 1 deletion modules/auxiliary/scanner/upnp/ssdp_msearch.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,14 @@ def initialize
'Name' => 'UPnP SSDP M-SEARCH Information Discovery',
'Description' => 'Discover information from UPnP-enabled systems',
'Author' => [ 'todb', 'hdm'], # Original scanner module and vuln info reporter, respectively
'License' => MSF_LICENSE
'License' => MSF_LICENSE,
'References' =>
[
['CVE', '2012-5958'],
['CVE', '2012-5959'],
['CVE', '2013-0230'],
['CVE', '2013-0229']
]
)

register_options( [
Expand Down
1 change: 1 addition & 0 deletions modules/auxiliary/scanner/vnc/vnc_none_auth.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ def initialize
'Description' => 'Detect VNC servers that support the "None" authentication method.',
'References' =>
[
['CVE', '2006-2369'], # a related instance where "None" could be offered and used when not configured as allowed.
['URL', 'http://en.wikipedia.org/wiki/RFB'],
['URL', 'http://en.wikipedia.org/wiki/Vnc'],
],
Expand Down
1 change: 1 addition & 0 deletions modules/exploits/unix/webapp/actualanalyzer_ant_cookie_exec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ def initialize(info = {})
],
'References' =>
[
['CVE', '2014-5470'],
['EDB', '34450'],
['OSVDB', '110601']
],
Expand Down