adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

automatic module_metadata_base.json update

Browse Source
This commit is contained in:
Metasploit
2019-12-15 06:18:12 -06:00
parent 1ff925eac9
commit 2a4e04f3cd
1 changed files with 16 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
db/modules_metadata_base.json
+16 -5
View File
@@ -60470,16 +60470,21 @@
"type": "exploit",
"author": [
"h00die <mike@stcyrsecurity.com>",
"vnik"
"vnik",
"Jesse Hertz",
"Tim Newsham"
],
"description": "This module attempts to exploit a netfilter bug on Linux Kernels before 4.6.3, and currently\n only works against Ubuntu 16.04 (not 16.04.1) with kernel\n 4.4.0-21-generic.\n Several conditions have to be met for successful exploitation:\n Ubuntu:\n 1. ip_tables.ko (ubuntu), iptable_raw (fedora) has to be loaded (root running iptables -L will do such)\n 2. libc6-dev-i386 (ubuntu), glibc-devel.i686 & libgcc.i686 (fedora) needs to be installed to compile\n Kernel 4.4.0-31-generic and newer are not vulnerable.\n\n We write the ascii files and compile on target instead of locally since metasm bombs for not\n having cdefs.h (even if locally installed)",
"description": "This module attempts to exploit a netfilter bug on Linux Kernels before 4.6.3, and currently\n only works against Ubuntu 16.04 (not 16.04.1) with kernel 4.4.0-21-generic.\n\n Several conditions have to be met for successful exploitation:\n Ubuntu:\n 1. ip_tables.ko (ubuntu), iptable_raw (fedora) has to be loaded (root running iptables -L will do such)\n 2. libc6-dev-i386 (ubuntu), glibc-devel.i686 & libgcc.i686 (fedora) needs to be installed to compile\n Kernel 4.4.0-31-generic and newer are not vulnerable. This exploit does not bypass SMEP/SMAP.\n\n We write the ascii files and compile on target instead of locally since metasm bombs for not\n having cdefs.h (even if locally installed)",
"references": [
"EDB-40049",
"CVE-2016-4997",
"URL-http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c"
"CVE-2016-4998",
"URL-https://www.openwall.com/lists/oss-security/2016/06/24/5",
"URL-http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c",
"URL-https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91"
],
"platform": "Linux",
"arch": "x86",
"arch": "x86, x64",
"rport": null,
"autofilter_ports": [
@@ -60490,7 +60495,7 @@
"targets": [
"Ubuntu"
],
"mod_time": "2018-10-10 14:12:29 +0000",
"mod_time": "2019-12-15 07:17:42 +0000",
"path": "/modules/exploits/linux/local/netfilter_priv_esc_ipv4.rb",
"is_install_path": true,
"ref_name": "linux/local/netfilter_priv_esc_ipv4",
@@ -60498,6 +60503,12 @@
"post_auth": false,
"default_credential": false,
"notes": {
"Reliability": [
"unreliable-session"
],
"Stability": [
"crash-os-down"
]
},
"needs_cleanup": true
},