diff --git a/data/exploits/php/rfi-locations.dat b/data/exploits/php/rfi-locations.dat index 751c97d123..f61c0b99f0 100755 --- a/data/exploits/php/rfi-locations.dat +++ b/data/exploits/php/rfi-locations.dat @@ -1,4 +1,4 @@ -# Compiled by RSnake 02/01/2010 Mostly from milw0rm and elsewhere. +# Compiled by RSnake 02/01/2010 Mostly from milw0rm osvdb.org and elsewhere. # Change XXpathXX to the path of your backdoor. Note that you may need to # try it against every directory on the target and because of how this was # culled you may need to add a question mark to your own XXpathXX URL: diff --git a/lib/msf/core/db_manager/import/nikto.rb b/lib/msf/core/db_manager/import/nikto.rb index 28763f798e..da77140445 100644 --- a/lib/msf/core/db_manager/import/nikto.rb +++ b/lib/msf/core/db_manager/import/nikto.rb @@ -40,6 +40,16 @@ module Msf::DBManager::Import::Nikto } # Always report it as a note. report_note(desc_data) + # Sometimes report it as a vuln, too. + # XXX: There's a Vuln.info field but nothing reads from it? See Bug #5837 + if item.attributes['osvdbid'].to_i != 0 + desc_data[:refs] = ["OSVDB-#{item.attributes['osvdbid']}"] + desc_data[:name] = "NIKTO-#{item.attributes['id']}" + desc_data.delete(:data) + desc_data.delete(:type) + desc_data.delete(:update) + report_vuln(desc_data) + end end end end diff --git a/lib/msf/core/db_manager/import/nmap.rb b/lib/msf/core/db_manager/import/nmap.rb index 2ad5a997f4..9def5e100b 100644 --- a/lib/msf/core/db_manager/import/nmap.rb +++ b/lib/msf/core/db_manager/import/nmap.rb @@ -182,6 +182,7 @@ module Msf::DBManager::Import::Nmap :info => 'Microsoft Windows Server Service Crafted RPC Request Handling Unspecified Remote Code Execution', :refs =>['CVE-2008-4250', 'BID-31874', + 'OSVDB-49243', 'CWE-94', 'MSFT-MS08-067', 'MSF-Microsoft Server Service Relative Path Stack Corruption', @@ -203,6 +204,8 @@ module Msf::DBManager::Import::Nmap 'BID-18325', 'BID-18358', 'BID-18424', + 'OSVDB-26436', + 'OSVDB-26437', 'MSFT-MS06-025', 'MSF-Microsoft RRAS Service RASMAN Registry Overflow', 'NSS-21689'] @@ -221,6 +224,7 @@ module Msf::DBManager::Import::Nmap :info => 'Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution', # Add more refs based on nessus/nexpose .. results :refs =>['CVE-2007-1748', + 'OSVDB-34100', 'MSF-Microsoft DNS RPC Service extractQuotedChar()', 'NSS-25168'] } diff --git a/lib/msf/core/db_manager/module_cache.rb b/lib/msf/core/db_manager/module_cache.rb index 28d8580223..6e62dd9a78 100644 --- a/lib/msf/core/db_manager/module_cache.rb +++ b/lib/msf/core/db_manager/module_cache.rb @@ -158,6 +158,7 @@ module Msf::DBManager::ModuleCache # +edb+:: Matches modules with the given Exploit-DB ID. # +name+:: Matches modules with the given full name or name. # +os+, +platform+:: Matches modules with the given platform or target name. + # +osvdb+:: Matches modules with the given OSVDB ID. # +ref+:: Matches modules with the given reference ID. # +type+:: Matches modules with the given type. # @@ -276,7 +277,7 @@ module Msf::DBManager::ModuleCache query = query.includes(:refs).references(:refs) union_conditions << Mdm::Module::Ref.arel_table[:name].matches_any(formatted_values) - when 'cve', 'bid', 'edb' + when 'cve', 'bid', 'osvdb', 'edb' formatted_values = value_set.collect { |value| prefix = keyword.upcase diff --git a/lib/msf/core/module/reference.rb b/lib/msf/core/module/reference.rb index 69100552d6..a124881f76 100644 --- a/lib/msf/core/module/reference.rb +++ b/lib/msf/core/module/reference.rb @@ -77,7 +77,7 @@ class Msf::Module::SiteReference < Msf::Module::Reference # # Initializes a site reference from an array. ary[0] is the site and - # ary[1] is the site context identifier, such as CVE. + # ary[1] is the site context identifier, such as OSVDB. # def self.from_a(ary) return nil if (ary.length < 2) @@ -95,7 +95,9 @@ class Msf::Module::SiteReference < Msf::Module::Reference self.ctx_id = in_ctx_id self.ctx_val = in_ctx_val - if (in_ctx_id == 'CVE') + if (in_ctx_id == 'OSVDB') + self.site = "http://www.osvdb.org/#{in_ctx_val}" + elsif (in_ctx_id == 'CVE') self.site = "http://cvedetails.com/cve/#{in_ctx_val}/" elsif (in_ctx_id == 'CWE') self.site = "https://cwe.mitre.org/data/definitions/#{in_ctx_val}.html" @@ -148,7 +150,7 @@ class Msf::Module::SiteReference < Msf::Module::Reference # attr_reader :site # - # The context identifier of the site, such as CVE. + # The context identifier of the site, such as OSVDB. # attr_reader :ctx_id # diff --git a/lib/msf/core/module/search.rb b/lib/msf/core/module/search.rb index 1c836895d4..7c2e965b3d 100644 --- a/lib/msf/core/module/search.rb +++ b/lib/msf/core/module/search.rb @@ -86,6 +86,8 @@ module Msf::Module::Search match = [t,w] if refs.any? { |ref| ref =~ /^cve\-/i and ref =~ r } when 'bid' match = [t,w] if refs.any? { |ref| ref =~ /^bid\-/i and ref =~ r } + when 'osvdb' + match = [t,w] if refs.any? { |ref| ref =~ /^osvdb\-/i and ref =~ r } when 'edb' match = [t,w] if refs.any? { |ref| ref =~ /^edb\-/i and ref =~ r } end diff --git a/lib/msf/ui/console/command_dispatcher/core.rb b/lib/msf/ui/console/command_dispatcher/core.rb index 8552ede2ff..1311828705 100644 --- a/lib/msf/ui/console/command_dispatcher/core.rb +++ b/lib/msf/ui/console/command_dispatcher/core.rb @@ -1615,6 +1615,7 @@ class Core 'cve' => 'Modules with a matching CVE ID', 'edb' => 'Modules with a matching Exploit-DB ID', 'name' => 'Modules with a matching descriptive name', + 'osvdb' => 'Modules with a matching OSVDB ID', 'platform' => 'Modules affecting this platform', 'ref' => 'Modules with a matching ref', 'type' => 'Modules of a specific type (exploit, auxiliary, or post)', diff --git a/modules/auxiliary/admin/2wire/xslt_password_reset.rb b/modules/auxiliary/admin/2wire/xslt_password_reset.rb index d9b02973a3..22b3306bdf 100644 --- a/modules/auxiliary/admin/2wire/xslt_password_reset.rb +++ b/modules/auxiliary/admin/2wire/xslt_password_reset.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2007-4387' ], + [ 'OSVDB', '37667' ], [ 'BID', '36075' ], [ 'URL', 'http://seclists.org/bugtraq/2007/Aug/225' ], ], diff --git a/modules/auxiliary/admin/android/google_play_store_uxss_xframe_rce.rb b/modules/auxiliary/admin/android/google_play_store_uxss_xframe_rce.rb index 911b2476f9..a240380762 100644 --- a/modules/auxiliary/admin/android/google_play_store_uxss_xframe_rce.rb +++ b/modules/auxiliary/admin/android/google_play_store_uxss_xframe_rce.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2014/09/15/major-android-bug-is-a-privacy-disaster-cve-2014-6041'], [ 'URL', 'http://1337day.com/exploit/description/22581' ], + [ 'OSVDB', '110664' ], [ 'CVE', '2014-6041' ] ], 'DefaultAction' => 'WebServer' diff --git a/modules/auxiliary/admin/backupexec/dump.rb b/modules/auxiliary/admin/backupexec/dump.rb index 2fcc4deb40..2348397fe4 100644 --- a/modules/auxiliary/admin/backupexec/dump.rb +++ b/modules/auxiliary/admin/backupexec/dump.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2005-2611'], + ['OSVDB', '18695'], ['BID', '14551'], ['URL', 'http://www.fpns.net/willy/msbksrc.lzh'], ], diff --git a/modules/auxiliary/admin/backupexec/registry.rb b/modules/auxiliary/admin/backupexec/registry.rb index 44e9f1dbf2..6cef2bf11d 100644 --- a/modules/auxiliary/admin/backupexec/registry.rb +++ b/modules/auxiliary/admin/backupexec/registry.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '17627' ], [ 'CVE', '2005-0771' ], [ 'URL', 'http://www.idefense.com/application/poi/display?id=269&type=vulnerabilities'], ], diff --git a/modules/auxiliary/admin/cisco/vpn_3000_ftp_bypass.rb b/modules/auxiliary/admin/cisco/vpn_3000_ftp_bypass.rb index 71ced138bc..43b4479c0b 100644 --- a/modules/auxiliary/admin/cisco/vpn_3000_ftp_bypass.rb +++ b/modules/auxiliary/admin/cisco/vpn_3000_ftp_bypass.rb @@ -28,6 +28,8 @@ class MetasploitModule < Msf::Auxiliary [ [ 'BID', '19680' ], [ 'CVE', '2006-4313' ], + [ 'OSVDB', '28139' ], + [ 'OSVDB', '28138' ] ], 'DisclosureDate' => 'Aug 23 2006')) diff --git a/modules/auxiliary/admin/db2/db2rcmd.rb b/modules/auxiliary/admin/db2/db2rcmd.rb index 75ddf939a9..c712a12ebf 100644 --- a/modules/auxiliary/admin/db2/db2rcmd.rb +++ b/modules/auxiliary/admin/db2/db2rcmd.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2004-0795' ], + [ 'OSVDB', '4180' ], [ 'BID', '9821' ], ], 'DisclosureDate' => 'Mar 4 2004')) diff --git a/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie.rb b/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie.rb index 5453ff2be2..f6dc37ff67 100644 --- a/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie.rb +++ b/modules/auxiliary/admin/edirectory/edirectory_dhost_cookie.rb @@ -20,6 +20,10 @@ class MetasploitModule < Msf::Auxiliary this module, wait until the real administrator logs in, then specify the predicted cookie value to hijack their session. }, + 'References' => + [ + ['OSVDB', '60035'], + ], 'Author' => 'hdm', 'License' => MSF_LICENSE )) diff --git a/modules/auxiliary/admin/edirectory/edirectory_edirutil.rb b/modules/auxiliary/admin/edirectory/edirectory_edirutil.rb index f588a9f994..462536d3ff 100644 --- a/modules/auxiliary/admin/edirectory/edirectory_edirutil.rb +++ b/modules/auxiliary/admin/edirectory/edirectory_edirutil.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'CVE', '2008-0926' ], [ 'BID', '28441' ], + [ 'OSVDB', '43690' ] ], 'Author' => [ diff --git a/modules/auxiliary/admin/emc/alphastor_devicemanager_exec.rb b/modules/auxiliary/admin/emc/alphastor_devicemanager_exec.rb index e10db1a614..df41d4d671 100644 --- a/modules/auxiliary/admin/emc/alphastor_devicemanager_exec.rb +++ b/modules/auxiliary/admin/emc/alphastor_devicemanager_exec.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=703' ], + [ 'OSVDB', '45715' ], [ 'CVE', '2008-2157' ], [ 'BID', '29398' ], ], diff --git a/modules/auxiliary/admin/emc/alphastor_librarymanager_exec.rb b/modules/auxiliary/admin/emc/alphastor_librarymanager_exec.rb index 7003f98cea..881f0d5e75 100644 --- a/modules/auxiliary/admin/emc/alphastor_librarymanager_exec.rb +++ b/modules/auxiliary/admin/emc/alphastor_librarymanager_exec.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=703' ], [ 'CVE', '2008-2157' ], + [ 'OSVDB', '45715' ], [ 'BID', '29398' ], ], 'DisclosureDate' => 'May 27 2008')) diff --git a/modules/auxiliary/admin/hp/hp_data_protector_cmd.rb b/modules/auxiliary/admin/hp/hp_data_protector_cmd.rb index 3c6ef8bb2e..0b1ef1ba24 100644 --- a/modules/auxiliary/admin/hp/hp_data_protector_cmd.rb +++ b/modules/auxiliary/admin/hp/hp_data_protector_cmd.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2011-0923' ], + [ 'OSVDB', '72526' ], [ 'ZDI', '11-055' ], [ 'URL', 'http://hackarandas.com/blog/2011/08/04/hp-data-protector-remote-shell-for-hpux' ] ], diff --git a/modules/auxiliary/admin/hp/hp_imc_som_create_account.rb b/modules/auxiliary/admin/hp/hp_imc_som_create_account.rb index aeb9033b2f..272e9f4d82 100644 --- a/modules/auxiliary/admin/hp/hp_imc_som_create_account.rb +++ b/modules/auxiliary/admin/hp/hp_imc_som_create_account.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2013-4824' ], + [ 'OSVDB', '98249' ], [ 'BID', '62902' ], [ 'ZDI', '13-240' ], [ 'URL', 'https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03943547' ] diff --git a/modules/auxiliary/admin/http/axigen_file_access.rb b/modules/auxiliary/admin/http/axigen_file_access.rb index b5ddc598cd..7a08a1366d 100644 --- a/modules/auxiliary/admin/http/axigen_file_access.rb +++ b/modules/auxiliary/admin/http/axigen_file_access.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'US-CERT-VU', '586556' ], [ 'CVE', '2012-4940' ], + [ 'OSVDB', '86802' ] ], 'Actions' => [ diff --git a/modules/auxiliary/admin/http/contentkeeper_fileaccess.rb b/modules/auxiliary/admin/http/contentkeeper_fileaccess.rb index 98b7dcb0c1..a61bc6e376 100644 --- a/modules/auxiliary/admin/http/contentkeeper_fileaccess.rb +++ b/modules/auxiliary/admin/http/contentkeeper_fileaccess.rb @@ -20,6 +20,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + [ 'OSVDB', '54551' ], [ 'URL', 'http://www.aushack.com/200904-contentkeeper.txt' ], ], 'Author' => [ 'patrick' ], diff --git a/modules/auxiliary/admin/http/dlink_dir_300_600_exec_noauth.rb b/modules/auxiliary/admin/http/dlink_dir_300_600_exec_noauth.rb index 5cef6fc9b0..c69c44eb88 100644 --- a/modules/auxiliary/admin/http/dlink_dir_300_600_exec_noauth.rb +++ b/modules/auxiliary/admin/http/dlink_dir_300_600_exec_noauth.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '89861' ], [ 'EDB', '24453' ], [ 'URL', 'http://www.dlink.com/uk/en/home-solutions/connect/routers/dir-600-wireless-n-150-home-router' ], [ 'URL', 'http://www.s3cur1ty.de/home-network-horror-days' ], diff --git a/modules/auxiliary/admin/http/dlink_dir_645_password_extractor.rb b/modules/auxiliary/admin/http/dlink_dir_645_password_extractor.rb index ca7058c1c5..d47959957a 100644 --- a/modules/auxiliary/admin/http/dlink_dir_645_password_extractor.rb +++ b/modules/auxiliary/admin/http/dlink_dir_645_password_extractor.rb @@ -20,6 +20,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + [ 'OSVDB', '90733' ], [ 'BID', '58231' ], [ 'PACKETSTORM', '120591' ] ], diff --git a/modules/auxiliary/admin/http/dlink_dsl320b_password_extractor.rb b/modules/auxiliary/admin/http/dlink_dsl320b_password_extractor.rb index 2ffd87877e..b1870cd699 100644 --- a/modules/auxiliary/admin/http/dlink_dsl320b_password_extractor.rb +++ b/modules/auxiliary/admin/http/dlink_dsl320b_password_extractor.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'EDB', '25252' ], + [ 'OSVDB', '93013' ], [ 'URL', 'http://www.s3cur1ty.de/m1adv2013-018' ] ], 'Author' => [ diff --git a/modules/auxiliary/admin/http/foreman_openstack_satellite_priv_esc.rb b/modules/auxiliary/admin/http/foreman_openstack_satellite_priv_esc.rb index a552bbf1d6..b4f8b16898 100644 --- a/modules/auxiliary/admin/http/foreman_openstack_satellite_priv_esc.rb +++ b/modules/auxiliary/admin/http/foreman_openstack_satellite_priv_esc.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary ['BID', '60835'], ['CVE', '2013-2113'], ['CWE', '915'], + ['OSVDB', '94655'], ['URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=966804'], ['URL', 'http://projects.theforeman.org/issues/2630'] ], diff --git a/modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb b/modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb index 38bb35bf5e..0889e7a690 100644 --- a/modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb +++ b/modules/auxiliary/admin/http/hp_web_jetadmin_exec.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '5798' ], [ 'BID', '10224' ], #[ 'CVE', '' ],# No CVE! [ 'EDB', '294' ] diff --git a/modules/auxiliary/admin/http/iis_auth_bypass.rb b/modules/auxiliary/admin/http/iis_auth_bypass.rb index fe2cabec87..2cf37c785d 100644 --- a/modules/auxiliary/admin/http/iis_auth_bypass.rb +++ b/modules/auxiliary/admin/http/iis_auth_bypass.rb @@ -20,6 +20,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-2731' ], + [ 'OSVDB', '66160' ], [ 'MSB', 'MS10-065' ], [ 'URL', 'http://soroush.secproject.com/blog/2010/07/iis5-1-directory-authentication-bypass-by-using-i30index_allocation/' ] ], diff --git a/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb b/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb index 1fb4f6bb37..1553569111 100644 --- a/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb +++ b/modules/auxiliary/admin/http/iomega_storcenterpro_sessionid.rb @@ -20,6 +20,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + [ 'OSVDB', '55586' ], [ 'CVE', '2009-2367' ], ], 'Author' => [ 'patrick' ], diff --git a/modules/auxiliary/admin/http/jboss_bshdeployer.rb b/modules/auxiliary/admin/http/jboss_bshdeployer.rb index 18fd83bdd5..0dfad0849f 100644 --- a/modules/auxiliary/admin/http/jboss_bshdeployer.rb +++ b/modules/auxiliary/admin/http/jboss_bshdeployer.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-0738' ], # using a VERB other than GET/POST + [ 'OSVDB', '64171' ], [ 'URL', 'http://www.redteam-pentesting.de/publications/jboss' ], [ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=574105' ] ], diff --git a/modules/auxiliary/admin/http/jboss_deploymentfilerepository.rb b/modules/auxiliary/admin/http/jboss_deploymentfilerepository.rb index 41b9d697dd..03f6ee6c75 100644 --- a/modules/auxiliary/admin/http/jboss_deploymentfilerepository.rb +++ b/modules/auxiliary/admin/http/jboss_deploymentfilerepository.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-0738' ], # using a VERB other than GET/POST + [ 'OSVDB', '64171' ], [ 'URL', 'http://www.redteam-pentesting.de/publications/jboss' ], [ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=574105' ] ], diff --git a/modules/auxiliary/admin/http/jboss_seam_exec.rb b/modules/auxiliary/admin/http/jboss_seam_exec.rb index 03e9917fc8..dc8ab507f2 100644 --- a/modules/auxiliary/admin/http/jboss_seam_exec.rb +++ b/modules/auxiliary/admin/http/jboss_seam_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-1871' ], + [ 'OSVDB', '66881'] ], 'DefaultTarget' => 0, 'DisclosureDate' => 'Jul 19 2010')) diff --git a/modules/auxiliary/admin/http/linksys_e1500_e2500_exec.rb b/modules/auxiliary/admin/http/linksys_e1500_e2500_exec.rb index 43487f8e17..e462ad3985 100644 --- a/modules/auxiliary/admin/http/linksys_e1500_e2500_exec.rb +++ b/modules/auxiliary/admin/http/linksys_e1500_e2500_exec.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '89912' ], [ 'BID', '57760' ], [ 'EDB', '24475' ], [ 'URL', 'http://www.s3cur1ty.de/m1adv2013-004' ] diff --git a/modules/auxiliary/admin/http/linksys_tmunblock_admin_reset_bof.rb b/modules/auxiliary/admin/http/linksys_tmunblock_admin_reset_bof.rb index b3af1ab236..9aaf2112f8 100644 --- a/modules/auxiliary/admin/http/linksys_tmunblock_admin_reset_bof.rb +++ b/modules/auxiliary/admin/http/linksys_tmunblock_admin_reset_bof.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'EDB', '31758' ], + [ 'OSVDB', '103521' ], [ 'URL', 'http://www.devttys0.com/2014/02/wrt120n-fprintf-stack-overflow/' ] # a huge amount of details about this vulnerability and the original exploit ], 'DisclosureDate' => 'Feb 19 2014')) diff --git a/modules/auxiliary/admin/http/linksys_wrt54gl_exec.rb b/modules/auxiliary/admin/http/linksys_wrt54gl_exec.rb index 406773d200..1ab5cca3ca 100644 --- a/modules/auxiliary/admin/http/linksys_wrt54gl_exec.rb +++ b/modules/auxiliary/admin/http/linksys_wrt54gl_exec.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Auxiliary [ 'URL', 'http://www.s3cur1ty.de/attacking-linksys-wrt54gl' ], [ 'EDB', '24202' ], [ 'BID', '57459' ], + [ 'OSVDB', '89421' ] ], 'DefaultTarget' => 0, 'DisclosureDate' => 'Jan 18 2013')) diff --git a/modules/auxiliary/admin/http/manage_engine_dc_create_admin.rb b/modules/auxiliary/admin/http/manage_engine_dc_create_admin.rb index 30a10d6e45..520a9b8c79 100644 --- a/modules/auxiliary/admin/http/manage_engine_dc_create_admin.rb +++ b/modules/auxiliary/admin/http/manage_engine_dc_create_admin.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2014-7862'], + ['OSVDB', '116554'], ['URL', 'http://seclists.org/fulldisclosure/2015/Jan/2'], ['URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_dc9_admin.txt'], ], diff --git a/modules/auxiliary/admin/http/manageengine_dir_listing.rb b/modules/auxiliary/admin/http/manageengine_dir_listing.rb index 71a10546ef..6c3f67dcd8 100644 --- a/modules/auxiliary/admin/http/manageengine_dir_listing.rb +++ b/modules/auxiliary/admin/http/manageengine_dir_listing.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2014-7863'], + ['OSVDB', '117696'], ['URL', 'http://seclists.org/fulldisclosure/2015/Jan/114'], ['URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_failservlet.txt'] ], diff --git a/modules/auxiliary/admin/http/manageengine_file_download.rb b/modules/auxiliary/admin/http/manageengine_file_download.rb index aa1e809b08..a7c393952d 100644 --- a/modules/auxiliary/admin/http/manageengine_file_download.rb +++ b/modules/auxiliary/admin/http/manageengine_file_download.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2014-7863'], + ['OSVDB', '117695'], ['URL', 'http://seclists.org/fulldisclosure/2015/Jan/114'], ['URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_failservlet.txt'] ], diff --git a/modules/auxiliary/admin/http/manageengine_pmp_privesc.rb b/modules/auxiliary/admin/http/manageengine_pmp_privesc.rb index 8928b5784f..032c4d5db7 100644 --- a/modules/auxiliary/admin/http/manageengine_pmp_privesc.rb +++ b/modules/auxiliary/admin/http/manageengine_pmp_privesc.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2014-8499' ], + [ 'OSVDB', '114485' ], [ 'URL', 'http://seclists.org/fulldisclosure/2014/Nov/18' ], [ 'URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_pmp_privesc.txt' ], ], diff --git a/modules/auxiliary/admin/http/netflow_file_download.rb b/modules/auxiliary/admin/http/netflow_file_download.rb index 8faa224c17..43936f647b 100644 --- a/modules/auxiliary/admin/http/netflow_file_download.rb +++ b/modules/auxiliary/admin/http/netflow_file_download.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2014-5445' ], + [ 'OSVDB', '115340' ], [ 'URL', 'http://seclists.org/fulldisclosure/2014/Dec/9' ], [ 'URL', 'https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/me_netflow_it360_file_dl.txt' ] ], diff --git a/modules/auxiliary/admin/http/netgear_soap_password_extractor.rb b/modules/auxiliary/admin/http/netgear_soap_password_extractor.rb index 7484ad83c9..bcea4814be 100644 --- a/modules/auxiliary/admin/http/netgear_soap_password_extractor.rb +++ b/modules/auxiliary/admin/http/netgear_soap_password_extractor.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'BID', '72640' ], + [ 'OSVDB', '118316' ], [ 'URL', 'https://github.com/darkarnium/secpub/tree/master/NetGear/SOAPWNDR' ] ], 'Author' => diff --git a/modules/auxiliary/admin/http/novell_file_reporter_filedelete.rb b/modules/auxiliary/admin/http/novell_file_reporter_filedelete.rb index 7146de9a95..166c1ddaad 100644 --- a/modules/auxiliary/admin/http/novell_file_reporter_filedelete.rb +++ b/modules/auxiliary/admin/http/novell_file_reporter_filedelete.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2011-2750' ], + [ 'OSVDB', '73729' ], [ 'URL', 'http://aluigi.org/adv/nfr_2-adv.txt'], ] )) diff --git a/modules/auxiliary/admin/http/openbravo_xxe.rb b/modules/auxiliary/admin/http/openbravo_xxe.rb index 94cc031a44..b07c68631f 100644 --- a/modules/auxiliary/admin/http/openbravo_xxe.rb +++ b/modules/auxiliary/admin/http/openbravo_xxe.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2013-3617'], + ['OSVDB', '99141'], ['BID', '63431'], ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats'] ], diff --git a/modules/auxiliary/admin/http/rails_devise_pass_reset.rb b/modules/auxiliary/admin/http/rails_devise_pass_reset.rb index b0171e0e64..52911870ca 100644 --- a/modules/auxiliary/admin/http/rails_devise_pass_reset.rb +++ b/modules/auxiliary/admin/http/rails_devise_pass_reset.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2013-0233'], + [ 'OSVDB', '89642' ], [ 'BID', '57577' ], [ 'URL', 'http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/'], [ 'URL', 'http://www.phenoelit.org/blog/archives/2013/02/05/mysql_madness_and_rails/index.html'], diff --git a/modules/auxiliary/admin/http/scrutinizer_add_user.rb b/modules/auxiliary/admin/http/scrutinizer_add_user.rb index 087f70a059..01194f368d 100644 --- a/modules/auxiliary/admin/http/scrutinizer_add_user.rb +++ b/modules/auxiliary/admin/http/scrutinizer_add_user.rb @@ -20,6 +20,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2012-2626' ], + [ 'OSVDB', '84318' ], [ 'URL', 'https://www.trustwave.com/spiderlabs/advisories/TWSL2012-014.txt' ] ], 'Author' => diff --git a/modules/auxiliary/admin/http/sophos_wpa_traversal.rb b/modules/auxiliary/admin/http/sophos_wpa_traversal.rb index 002c27f8b3..8162fb9b44 100644 --- a/modules/auxiliary/admin/http/sophos_wpa_traversal.rb +++ b/modules/auxiliary/admin/http/sophos_wpa_traversal.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2013-2641' ], + [ 'OSVDB', '91953' ], [ 'BID', '58833' ], [ 'EDB', '24932' ], [ 'URL', 'http://www.sophos.com/en-us/support/knowledgebase/118969.aspx' ], diff --git a/modules/auxiliary/admin/http/tomcat_utf8_traversal.rb b/modules/auxiliary/admin/http/tomcat_utf8_traversal.rb index 65354b1c35..bbe5f28383 100644 --- a/modules/auxiliary/admin/http/tomcat_utf8_traversal.rb +++ b/modules/auxiliary/admin/http/tomcat_utf8_traversal.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'URL', 'http://tomcat.apache.org/' ], + [ 'OSVDB', '47464' ], [ 'CVE', '2008-2938' ], [ 'URL', 'http://www.securityfocus.com/archive/1/499926' ], ], diff --git a/modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb b/modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb index 3034732e1a..043fb814b9 100644 --- a/modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb +++ b/modules/auxiliary/admin/http/trendmicro_dlp_traversal.rb @@ -25,6 +25,8 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'URL', 'http://tomcat.apache.org/' ], + [ 'OSVDB', '47464' ], + [ 'OSVDB', '73447' ], [ 'CVE', '2008-2938' ], [ 'URL', 'http://www.securityfocus.com/archive/1/499926' ], [ 'EDB', '17388' ], diff --git a/modules/auxiliary/admin/http/typo3_sa_2009_001.rb b/modules/auxiliary/admin/http/typo3_sa_2009_001.rb index 9da595f2ce..89ab23faa7 100644 --- a/modules/auxiliary/admin/http/typo3_sa_2009_001.rb +++ b/modules/auxiliary/admin/http/typo3_sa_2009_001.rb @@ -20,6 +20,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + ['OSVDB', '51536'], ['URL', 'http://blog.c22.cc/advisories/typo3-sa-2009-001'], ['URL', 'http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/'], ], diff --git a/modules/auxiliary/admin/http/typo3_sa_2009_002.rb b/modules/auxiliary/admin/http/typo3_sa_2009_002.rb index c27e12be9a..90f8a5105c 100644 --- a/modules/auxiliary/admin/http/typo3_sa_2009_002.rb +++ b/modules/auxiliary/admin/http/typo3_sa_2009_002.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '52048'], ['CVE', '2009-0815'], ['URL', 'http://secunia.com/advisories/33829/'], ['EDB', '8038'], diff --git a/modules/auxiliary/admin/http/vbulletin_upgrade_admin.rb b/modules/auxiliary/admin/http/vbulletin_upgrade_admin.rb index b3e4bd1672..93b7c1351b 100644 --- a/modules/auxiliary/admin/http/vbulletin_upgrade_admin.rb +++ b/modules/auxiliary/admin/http/vbulletin_upgrade_admin.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'URL', 'http://blog.imperva.com/2013/10/threat-advisory-a-vbulletin-exploit-administrator-injection.html'], + [ 'OSVDB', '98370' ], [ 'URL', 'http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/3991423-potential-vbulletin-exploit-vbulletin-4-1-vbulletin-5'] ], 'DisclosureDate' => 'Oct 09 2013')) diff --git a/modules/auxiliary/admin/kerberos/ms14_068_kerberos_checksum.rb b/modules/auxiliary/admin/kerberos/ms14_068_kerberos_checksum.rb index 16beb6a2ff..a9ed6fac2d 100644 --- a/modules/auxiliary/admin/kerberos/ms14_068_kerberos_checksum.rb +++ b/modules/auxiliary/admin/kerberos/ms14_068_kerberos_checksum.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Auxiliary [ ['CVE', '2014-6324'], ['MSB', 'MS14-068'], + ['OSVDB', '114751'], ['URL', 'http://blogs.technet.com/b/srd/archive/2014/11/18/additional-information-about-cve-2014-6324.aspx'], ['URL', 'https://labs.mwrinfosecurity.com/blog/2014/12/16/digging-into-ms14-068-exploitation-and-defence/'], ['URL', 'https://github.com/bidord/pykek'], diff --git a/modules/auxiliary/admin/maxdb/maxdb_cons_exec.rb b/modules/auxiliary/admin/maxdb/maxdb_cons_exec.rb index 70bb7976c0..fb9f275d2f 100644 --- a/modules/auxiliary/admin/maxdb/maxdb_cons_exec.rb +++ b/modules/auxiliary/admin/maxdb/maxdb_cons_exec.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '40210' ], ['BID', '27206'], ['CVE', '2008-0244'], ], diff --git a/modules/auxiliary/admin/misc/sercomm_dump_config.rb b/modules/auxiliary/admin/misc/sercomm_dump_config.rb index adefd558a3..e52ab58061 100644 --- a/modules/auxiliary/admin/misc/sercomm_dump_config.rb +++ b/modules/auxiliary/admin/misc/sercomm_dump_config.rb @@ -52,6 +52,7 @@ class MetasploitModule < Msf::Auxiliary ], 'References' => [ + [ 'OSVDB', '101653' ], [ 'URL', 'https://github.com/elvanderb/TCP-32764' ] ], 'DisclosureDate' => "Dec 31 2013" )) diff --git a/modules/auxiliary/admin/motorola/wr850g_cred.rb b/modules/auxiliary/admin/motorola/wr850g_cred.rb index d843c2d0cb..2b0f191a33 100644 --- a/modules/auxiliary/admin/motorola/wr850g_cred.rb +++ b/modules/auxiliary/admin/motorola/wr850g_cred.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ [ 'CVE', '2004-1550' ], + [ 'OSVDB', '10232' ], [ 'URL', 'http://seclists.org/bugtraq/2004/Sep/0339.html'], ], 'DisclosureDate' => 'Sep 24 2004')) diff --git a/modules/auxiliary/admin/ms/ms08_059_his2006.rb b/modules/auxiliary/admin/ms/ms08_059_his2006.rb index 9a01fcf113..326a510db4 100644 --- a/modules/auxiliary/admin/ms/ms08_059_his2006.rb +++ b/modules/auxiliary/admin/ms/ms08_059_his2006.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'MSB', 'MS08-059' ], [ 'CVE', '2008-3466' ], + [ 'OSVDB', '49068' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=745' ], ], 'DisclosureDate' => 'Oct 14 2008')) diff --git a/modules/auxiliary/admin/officescan/tmlisten_traversal.rb b/modules/auxiliary/admin/officescan/tmlisten_traversal.rb index f57f75635e..07f3cc5b19 100644 --- a/modules/auxiliary/admin/officescan/tmlisten_traversal.rb +++ b/modules/auxiliary/admin/officescan/tmlisten_traversal.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + [ 'OSVDB', '48730' ], [ 'CVE', '2008-2439' ], [ 'BID', '31531' ], [ 'URL', 'http://www.trendmicro.com/ftp/documentation/readme/OSCE_7.3_Win_EN_CriticalPatch_B1372_Readme.txt' ], diff --git a/modules/auxiliary/admin/oracle/osb_execqr.rb b/modules/auxiliary/admin/oracle/osb_execqr.rb index 65d8ce3926..2aa1311ec6 100644 --- a/modules/auxiliary/admin/oracle/osb_execqr.rb +++ b/modules/auxiliary/admin/oracle/osb_execqr.rb @@ -20,6 +20,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-5448' ], + [ 'OSVDB', '51342' ], [ 'URL', 'http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2009.html' ], [ 'ZDI', '09-003' ], ], diff --git a/modules/auxiliary/admin/oracle/osb_execqr2.rb b/modules/auxiliary/admin/oracle/osb_execqr2.rb index 2a7f30b35a..db6cfd7896 100644 --- a/modules/auxiliary/admin/oracle/osb_execqr2.rb +++ b/modules/auxiliary/admin/oracle/osb_execqr2.rb @@ -23,7 +23,9 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2009-1977' ], + [ 'OSVDB', '55903' ], [ 'CVE', '2009-1978' ], + [ 'OSVDB', '55904' ], [ 'ZDI', '09-058' ], [ 'ZDI', '09-059' ], ], diff --git a/modules/auxiliary/admin/oracle/osb_execqr3.rb b/modules/auxiliary/admin/oracle/osb_execqr3.rb index 534adae753..fae25f3308 100644 --- a/modules/auxiliary/admin/oracle/osb_execqr3.rb +++ b/modules/auxiliary/admin/oracle/osb_execqr3.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-0904' ], + [ 'OSVDB', '66338'], [ 'ZDI', '10-118' ], ], 'DisclosureDate' => 'Jul 13 2010')) diff --git a/modules/auxiliary/admin/pop2/uw_fileretrieval.rb b/modules/auxiliary/admin/pop2/uw_fileretrieval.rb index 0f9fd25e1e..ba24fc2314 100644 --- a/modules/auxiliary/admin/pop2/uw_fileretrieval.rb +++ b/modules/auxiliary/admin/pop2/uw_fileretrieval.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '368' ], [ 'BID', '1484' ], ], 'DisclosureDate' => 'Jul 14 2000')) diff --git a/modules/auxiliary/admin/sap/sap_configservlet_exec_noauth.rb b/modules/auxiliary/admin/sap/sap_configservlet_exec_noauth.rb index 6a2984d812..39dd75f68e 100644 --- a/modules/auxiliary/admin/sap/sap_configservlet_exec_noauth.rb +++ b/modules/auxiliary/admin/sap/sap_configservlet_exec_noauth.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '92704' ], [ 'EDB', '24963' ], [ 'URL', 'http://erpscan.com/wp-content/uploads/2012/11/Breaking-SAP-Portal-HackerHalted-2012.pdf'] ], diff --git a/modules/auxiliary/admin/scada/advantech_webaccess_dbvisitor_sqli.rb b/modules/auxiliary/admin/scada/advantech_webaccess_dbvisitor_sqli.rb index 432ea2b318..b3a912e0b1 100644 --- a/modules/auxiliary/admin/scada/advantech_webaccess_dbvisitor_sqli.rb +++ b/modules/auxiliary/admin/scada/advantech_webaccess_dbvisitor_sqli.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'CVE', '2014-0763' ], [ 'ZDI', '14-077' ], + [ 'OSVDB', '105572' ], [ 'BID', '66740' ], [ 'URL', 'https://ics-cert.us-cert.gov/advisories/ICSA-14-079-03' ] ], diff --git a/modules/auxiliary/admin/scada/ge_proficy_substitute_traversal.rb b/modules/auxiliary/admin/scada/ge_proficy_substitute_traversal.rb index 407a57e491..0325a8274b 100644 --- a/modules/auxiliary/admin/scada/ge_proficy_substitute_traversal.rb +++ b/modules/auxiliary/admin/scada/ge_proficy_substitute_traversal.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2013-0653' ], + [ 'OSVDB', '89490' ], [ 'BID', '57505' ], [ 'URL', 'http://ics-cert.us-cert.gov/advisories/ICSA-13-022-02' ] ], diff --git a/modules/auxiliary/admin/serverprotect/file.rb b/modules/auxiliary/admin/serverprotect/file.rb index 04b7bd5b21..61bf21da5b 100644 --- a/modules/auxiliary/admin/serverprotect/file.rb +++ b/modules/auxiliary/admin/serverprotect/file.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2007-6507' ], + [ 'OSVDB', '44318' ], [ 'ZDI', '07-077'], ], 'Actions' => diff --git a/modules/auxiliary/admin/smb/psexec_command.rb b/modules/auxiliary/admin/smb/psexec_command.rb index 0e55582285..5747494726 100644 --- a/modules/auxiliary/admin/smb/psexec_command.rb +++ b/modules/auxiliary/admin/smb/psexec_command.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ [ 'CVE', '1999-0504'], # Administrator with no password (since this is the default) + [ 'OSVDB', '3106'], [ 'URL', 'http://www.accuvant.com/blog/2012/11/13/owning-computers-without-shell-access' ], [ 'URL', 'http://sourceforge.net/projects/smbexec/' ], [ 'URL', 'http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx' ] diff --git a/modules/auxiliary/admin/smb/samba_symlink_traversal.rb b/modules/auxiliary/admin/smb/samba_symlink_traversal.rb index d04fa9f929..5d809e37a6 100644 --- a/modules/auxiliary/admin/smb/samba_symlink_traversal.rb +++ b/modules/auxiliary/admin/smb/samba_symlink_traversal.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Auxiliary ], 'References' => [ + ['OSVDB', '62145'], ['URL', 'http://www.samba.org/samba/news/symlink_attack.html'] ], 'License' => MSF_LICENSE diff --git a/modules/auxiliary/admin/sunrpc/solaris_kcms_readfile.rb b/modules/auxiliary/admin/sunrpc/solaris_kcms_readfile.rb index 3bd6ae0146..6a03ca85e6 100644 --- a/modules/auxiliary/admin/sunrpc/solaris_kcms_readfile.rb +++ b/modules/auxiliary/admin/sunrpc/solaris_kcms_readfile.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2003-0027'], + ['OSVDB', '8201'], ['BID', '6665'], ['URL', 'http://marc.info/?l=bugtraq&m=104326556329850&w=2'] ], diff --git a/modules/auxiliary/admin/tikiwiki/tikidblib.rb b/modules/auxiliary/admin/tikiwiki/tikidblib.rb index dd46b80c27..5ed08b4865 100644 --- a/modules/auxiliary/admin/tikiwiki/tikidblib.rb +++ b/modules/auxiliary/admin/tikiwiki/tikidblib.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '30172'], ['BID', '20858'], ['CVE', '2006-5702'], ['URL', 'http://secunia.com/advisories/22678/'], diff --git a/modules/auxiliary/admin/vnc/realvnc_41_bypass.rb b/modules/auxiliary/admin/vnc/realvnc_41_bypass.rb index 008a680072..08de7df684 100644 --- a/modules/auxiliary/admin/vnc/realvnc_41_bypass.rb +++ b/modules/auxiliary/admin/vnc/realvnc_41_bypass.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['BID', '17978'], + ['OSVDB', '25479'], ['URL', 'http://secunia.com/advisories/20107/'], ['CVE', '2006-2369'], ], diff --git a/modules/auxiliary/admin/vxworks/apple_airport_extreme_password.rb b/modules/auxiliary/admin/vxworks/apple_airport_extreme_password.rb index f437acd2d7..d95582eace 100644 --- a/modules/auxiliary/admin/vxworks/apple_airport_extreme_password.rb +++ b/modules/auxiliary/admin/vxworks/apple_airport_extreme_password.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '66842'], ['URL', 'http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html'], ['US-CERT-VU', '362332'] ] diff --git a/modules/auxiliary/admin/vxworks/dlink_i2eye_autoanswer.rb b/modules/auxiliary/admin/vxworks/dlink_i2eye_autoanswer.rb index 385b9e6c55..5c737a13e8 100644 --- a/modules/auxiliary/admin/vxworks/dlink_i2eye_autoanswer.rb +++ b/modules/auxiliary/admin/vxworks/dlink_i2eye_autoanswer.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '66842'], ['URL', 'http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html'], ['US-CERT-VU', '362332'] ] diff --git a/modules/auxiliary/admin/vxworks/wdbrpc_memory_dump.rb b/modules/auxiliary/admin/vxworks/wdbrpc_memory_dump.rb index 6919033cbf..db348c3865 100644 --- a/modules/auxiliary/admin/vxworks/wdbrpc_memory_dump.rb +++ b/modules/auxiliary/admin/vxworks/wdbrpc_memory_dump.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '66842'], ['URL', 'http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html'], ['US-CERT-VU', '362332'] ], diff --git a/modules/auxiliary/admin/vxworks/wdbrpc_reboot.rb b/modules/auxiliary/admin/vxworks/wdbrpc_reboot.rb index d88d976089..15157e9313 100644 --- a/modules/auxiliary/admin/vxworks/wdbrpc_reboot.rb +++ b/modules/auxiliary/admin/vxworks/wdbrpc_reboot.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '66842'], ['URL', 'http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html'], ['US-CERT-VU', '362332'] ], diff --git a/modules/auxiliary/admin/webmin/edit_html_fileaccess.rb b/modules/auxiliary/admin/webmin/edit_html_fileaccess.rb index fbc126b5d9..352625b1b8 100644 --- a/modules/auxiliary/admin/webmin/edit_html_fileaccess.rb +++ b/modules/auxiliary/admin/webmin/edit_html_fileaccess.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '85247'], ['BID', '55446'], ['CVE', '2012-2983'], ['URL', 'http://www.americaninfosec.com/research/dossiers/AISG-12-002.pdf'], diff --git a/modules/auxiliary/admin/webmin/file_disclosure.rb b/modules/auxiliary/admin/webmin/file_disclosure.rb index 21d46404bc..e43c5849bf 100644 --- a/modules/auxiliary/admin/webmin/file_disclosure.rb +++ b/modules/auxiliary/admin/webmin/file_disclosure.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '26772'], ['BID', '18744'], ['CVE', '2006-3392'], ['US-CERT-VU', '999601'], diff --git a/modules/auxiliary/admin/zend/java_bridge.rb b/modules/auxiliary/admin/zend/java_bridge.rb index 60c4792f53..dd858742f5 100644 --- a/modules/auxiliary/admin/zend/java_bridge.rb +++ b/modules/auxiliary/admin/zend/java_bridge.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '71420'], [ 'ZDI', '11-113' ], [ 'EDB', '17078' ], ], diff --git a/modules/auxiliary/dos/cisco/ios_http_percentpercent.rb b/modules/auxiliary/dos/cisco/ios_http_percentpercent.rb index 54f35edad5..bfab3a37ac 100644 --- a/modules/auxiliary/dos/cisco/ios_http_percentpercent.rb +++ b/modules/auxiliary/dos/cisco/ios_http_percentpercent.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'BID', '1154'], [ 'CVE', '2000-0380'], + [ 'OSVDB', '1302' ], ], 'DisclosureDate' => 'Apr 26 2000')) diff --git a/modules/auxiliary/dos/dhcp/isc_dhcpd_clientid.rb b/modules/auxiliary/dos/dhcp/isc_dhcpd_clientid.rb index f5d72354dd..786f2c16eb 100644 --- a/modules/auxiliary/dos/dhcp/isc_dhcpd_clientid.rb +++ b/modules/auxiliary/dos/dhcp/isc_dhcpd_clientid.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-2156' ], + [ 'OSVDB', '65246'], [ 'EDB', '14185'] ] ) diff --git a/modules/auxiliary/dos/freebsd/nfsd/nfsd_mount.rb b/modules/auxiliary/dos/freebsd/nfsd/nfsd_mount.rb index a80174d5d6..93b149e2fc 100644 --- a/modules/auxiliary/dos/freebsd/nfsd/nfsd_mount.rb +++ b/modules/auxiliary/dos/freebsd/nfsd/nfsd_mount.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'BID', '16838' ], + [ 'OSVDB', '23511' ], [ 'CVE', '2006-0900' ], ])) diff --git a/modules/auxiliary/dos/hp/data_protector_rds.rb b/modules/auxiliary/dos/hp/data_protector_rds.rb index 8eab77d39e..a92ee46946 100644 --- a/modules/auxiliary/dos/hp/data_protector_rds.rb +++ b/modules/auxiliary/dos/hp/data_protector_rds.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2011-0514' ], + [ 'OSVDB', '70617' ], [ 'EDB', '15940' ], ], 'DisclosureDate' => 'Jan 8 2011' )) diff --git a/modules/auxiliary/dos/http/3com_superstack_switch.rb b/modules/auxiliary/dos/http/3com_superstack_switch.rb index f4423de5ec..4978f58c29 100644 --- a/modules/auxiliary/dos/http/3com_superstack_switch.rb +++ b/modules/auxiliary/dos/http/3com_superstack_switch.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ # patrickw - I am not sure if these are correct, but the closest match! + [ 'OSVDB', '7246' ], [ 'CVE', '2004-2691' ], [ 'URL', 'http://support.3com.com/infodeli/tools/switches/dna1695-0aaa17.pdf' ], ], diff --git a/modules/auxiliary/dos/http/apache_mod_isapi.rb b/modules/auxiliary/dos/http/apache_mod_isapi.rb index f56c4fac9e..0309563629 100644 --- a/modules/auxiliary/dos/http/apache_mod_isapi.rb +++ b/modules/auxiliary/dos/http/apache_mod_isapi.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-0425' ], + [ 'OSVDB', '62674'], [ 'BID', '38494' ], [ 'URL', 'https://issues.apache.org/bugzilla/show_bug.cgi?id=48509' ], [ 'URL', 'http://www.gossamer-threads.com/lists/apache/cvs/381537' ], diff --git a/modules/auxiliary/dos/http/apache_range_dos.rb b/modules/auxiliary/dos/http/apache_range_dos.rb index 29479c43e8..92914f2613 100644 --- a/modules/auxiliary/dos/http/apache_range_dos.rb +++ b/modules/auxiliary/dos/http/apache_range_dos.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Auxiliary [ 'BID', '49303'], [ 'CVE', '2011-3192'], [ 'EDB', '17696'], + [ 'OSVDB', '74721' ], ], 'DisclosureDate' => 'Aug 19 2011' )) diff --git a/modules/auxiliary/dos/http/apache_tomcat_transfer_encoding.rb b/modules/auxiliary/dos/http/apache_tomcat_transfer_encoding.rb index 4173556160..ad3d15abb9 100644 --- a/modules/auxiliary/dos/http/apache_tomcat_transfer_encoding.rb +++ b/modules/auxiliary/dos/http/apache_tomcat_transfer_encoding.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-2227' ], + [ 'OSVDB', '66319' ], [ 'BID', '41544' ] ], 'DisclosureDate' => 'Jul 09 2010')) diff --git a/modules/auxiliary/dos/http/dell_openmanage_post.rb b/modules/auxiliary/dos/http/dell_openmanage_post.rb index 6d0202ae62..fb2e4c8ca7 100644 --- a/modules/auxiliary/dos/http/dell_openmanage_post.rb +++ b/modules/auxiliary/dos/http/dell_openmanage_post.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'URL', 'http://archives.neohapsis.com/archives/bugtraq/2004-02/0650.html' ], [ 'BID', '9750' ], + [ 'OSVDB', '4077' ], [ 'CVE', '2004-0331' ], ], 'DisclosureDate' => 'Feb 26 2004')) diff --git a/modules/auxiliary/dos/http/monkey_headers.rb b/modules/auxiliary/dos/http/monkey_headers.rb index 767fb2e472..7915eec2f4 100644 --- a/modules/auxiliary/dos/http/monkey_headers.rb +++ b/modules/auxiliary/dos/http/monkey_headers.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2013-3843'], + ['OSVDB', '93853'], ['BID', '60333'] ], 'DisclosureDate' => 'May 30 2013')) diff --git a/modules/auxiliary/dos/http/nodejs_pipelining.rb b/modules/auxiliary/dos/http/nodejs_pipelining.rb index 84c84124c1..b07ff1741c 100644 --- a/modules/auxiliary/dos/http/nodejs_pipelining.rb +++ b/modules/auxiliary/dos/http/nodejs_pipelining.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2013-4450' ], + [ 'OSVDB', '98724' ], [ 'BID' , '63229' ], [ 'URL', 'http://blog.nodejs.org/2013/10/22/cve-2013-4450-http-server-pipeline-flood-dos' ] ], diff --git a/modules/auxiliary/dos/http/rails_action_view.rb b/modules/auxiliary/dos/http/rails_action_view.rb index a3c759a379..92cccd67d7 100644 --- a/modules/auxiliary/dos/http/rails_action_view.rb +++ b/modules/auxiliary/dos/http/rails_action_view.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2013-6414' ], + [ 'OSVDB', '100525' ], [ 'BID', '64074' ], [ 'URL', 'http://seclists.org/oss-sec/2013/q4/400' ], [ 'URL', 'https://github.com/rails/rails/commit/bee3b7f9371d1e2ddcfe6eaff5dcb26c0a248068' ] diff --git a/modules/auxiliary/dos/http/rails_json_float_dos.rb b/modules/auxiliary/dos/http/rails_json_float_dos.rb index 90333a96db..2dc123ecea 100644 --- a/modules/auxiliary/dos/http/rails_json_float_dos.rb +++ b/modules/auxiliary/dos/http/rails_json_float_dos.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2013-4164' ], + [ 'OSVDB', '100113' ], [ 'URL', 'https://www.ruby-lang.org/en/news/2013/11/22/ruby-1-9-3-p484-is-released/' ] ], 'DisclosureDate' => 'Nov 22 2013')) diff --git a/modules/auxiliary/dos/http/sonicwall_ssl_format.rb b/modules/auxiliary/dos/http/sonicwall_ssl_format.rb index 09da78509c..0db48a5fcb 100644 --- a/modules/auxiliary/dos/http/sonicwall_ssl_format.rb +++ b/modules/auxiliary/dos/http/sonicwall_ssl_format.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'BID', '35145' ], #[ 'CVE', '' ], # no CVE? + [ 'OSVDB', '54881' ], [ 'URL', 'http://www.aushack.com/200905-sonicwall.txt' ], ], 'DisclosureDate' => 'May 29 2009')) diff --git a/modules/auxiliary/dos/http/webrick_regex.rb b/modules/auxiliary/dos/http/webrick_regex.rb index dda28dac1b..38dc4e8948 100644 --- a/modules/auxiliary/dos/http/webrick_regex.rb +++ b/modules/auxiliary/dos/http/webrick_regex.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'BID', '30644'], [ 'CVE', '2008-3656'], + [ 'OSVDB', '47471' ], [ 'URL', 'http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/'] ], 'DisclosureDate' => 'Aug 08 2008')) diff --git a/modules/auxiliary/dos/http/wordpress_long_password_dos.rb b/modules/auxiliary/dos/http/wordpress_long_password_dos.rb index 4bb98889cc..70e9ec24cc 100644 --- a/modules/auxiliary/dos/http/wordpress_long_password_dos.rb +++ b/modules/auxiliary/dos/http/wordpress_long_password_dos.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['URL', 'http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9034'], + ['OSVDB', '114857'], ['WPVDB', '7681'] ], 'DisclosureDate' => 'Nov 20 2014' diff --git a/modules/auxiliary/dos/mdns/avahi_portzero.rb b/modules/auxiliary/dos/mdns/avahi_portzero.rb index 441ad87188..2de44aae5d 100644 --- a/modules/auxiliary/dos/mdns/avahi_portzero.rb +++ b/modules/auxiliary/dos/mdns/avahi_portzero.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ [ 'CVE', '2008-5081' ], + [ 'OSVDB', '50929' ], ], 'DisclosureDate' => 'Nov 14 2008') diff --git a/modules/auxiliary/dos/misc/dopewars.rb b/modules/auxiliary/dos/misc/dopewars.rb index f1e2c6cc55..2c83a27686 100644 --- a/modules/auxiliary/dos/misc/dopewars.rb +++ b/modules/auxiliary/dos/misc/dopewars.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2009-3591' ], + [ 'OSVDB', '58884' ], [ 'BID', '36606' ] ], 'DisclosureDate' => "Oct 05 2009" )) diff --git a/modules/auxiliary/dos/misc/ibm_sametime_webplayer_dos.rb b/modules/auxiliary/dos/misc/ibm_sametime_webplayer_dos.rb index b0786ff7cc..faf1cceed4 100644 --- a/modules/auxiliary/dos/misc/ibm_sametime_webplayer_dos.rb +++ b/modules/auxiliary/dos/misc/ibm_sametime_webplayer_dos.rb @@ -45,6 +45,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2013-3986' ], + [ 'OSVDB', '99552' ], [ 'BID', '63611'], [ 'URL', 'http://www-01.ibm.com/support/docview.wss?uid=swg21654041' ], [ 'URL', 'http://xforce.iss.net/xforce/xfdb/84969' ] diff --git a/modules/auxiliary/dos/misc/ibm_tsm_dos.rb b/modules/auxiliary/dos/misc/ibm_tsm_dos.rb index 08319b6427..72784a7589 100644 --- a/modules/auxiliary/dos/misc/ibm_tsm_dos.rb +++ b/modules/auxiliary/dos/misc/ibm_tsm_dos.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['EDB', '38979'], + ['OSVDB', '132307'] ], 'DisclosureDate' => "Dec 15 2015", )) diff --git a/modules/auxiliary/dos/misc/memcached.rb b/modules/auxiliary/dos/misc/memcached.rb index 367d16b367..30a34e6db2 100644 --- a/modules/auxiliary/dos/misc/memcached.rb +++ b/modules/auxiliary/dos/misc/memcached.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'URL', 'https://code.google.com/p/memcached/issues/detail?id=192' ], [ 'CVE', '2011-4971' ], + [ 'OSVDB', '92867' ] ], 'Author' => [ 'Gregory Man ' ], 'License' => MSF_LICENSE diff --git a/modules/auxiliary/dos/ntp/ntpd_reserved_dos.rb b/modules/auxiliary/dos/ntp/ntpd_reserved_dos.rb index 1d29261212..cabca95f30 100644 --- a/modules/auxiliary/dos/ntp/ntpd_reserved_dos.rb +++ b/modules/auxiliary/dos/ntp/ntpd_reserved_dos.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'BID', '37255' ], [ 'CVE', '2009-3563' ], + [ 'OSVDB', '60847' ], [ 'URL', 'https://support.ntp.org/bugs/show_bug.cgi?id=1331' ] ], 'DisclosureDate' => 'Oct 04 2009')) diff --git a/modules/auxiliary/dos/pptp/ms02_063_pptp_dos.rb b/modules/auxiliary/dos/pptp/ms02_063_pptp_dos.rb index b92adb37f9..9d96f4b83c 100644 --- a/modules/auxiliary/dos/pptp/ms02_063_pptp_dos.rb +++ b/modules/auxiliary/dos/pptp/ms02_063_pptp_dos.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'BID', '5807' ], [ 'CVE', '2002-1214' ], + [ 'OSVDB', '13422' ], [ 'MSB', 'MS02-063' ], ], 'DisclosureDate' => 'Sep 26 2002')) diff --git a/modules/auxiliary/dos/samba/lsa_addprivs_heap.rb b/modules/auxiliary/dos/samba/lsa_addprivs_heap.rb index 8a13e883d3..82987c5a44 100644 --- a/modules/auxiliary/dos/samba/lsa_addprivs_heap.rb +++ b/modules/auxiliary/dos/samba/lsa_addprivs_heap.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2007-2446'], + ['OSVDB', '34699'], ] )) diff --git a/modules/auxiliary/dos/samba/lsa_transnames_heap.rb b/modules/auxiliary/dos/samba/lsa_transnames_heap.rb index b6a272908f..f7154392e6 100644 --- a/modules/auxiliary/dos/samba/lsa_transnames_heap.rb +++ b/modules/auxiliary/dos/samba/lsa_transnames_heap.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2007-2446'], + ['OSVDB', '34699'], ] )) diff --git a/modules/auxiliary/dos/samba/read_nttrans_ea_list.rb b/modules/auxiliary/dos/samba/read_nttrans_ea_list.rb index 0bf199f9c4..29c49031b9 100644 --- a/modules/auxiliary/dos/samba/read_nttrans_ea_list.rb +++ b/modules/auxiliary/dos/samba/read_nttrans_ea_list.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '95969'], ['BID', '61597'], ['EDB', '27778'], ['CVE', '2013-4124'] diff --git a/modules/auxiliary/dos/sap/sap_soap_rfc_eps_delete_file.rb b/modules/auxiliary/dos/sap/sap_soap_rfc_eps_delete_file.rb index 0282883439..9eeeadf3ed 100644 --- a/modules/auxiliary/dos/sap/sap_soap_rfc_eps_delete_file.rb +++ b/modules/auxiliary/dos/sap/sap_soap_rfc_eps_delete_file.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Auxiliary also be used to capture SMB hashes by using a fake SMB share as DIRNAME. }, 'References' => [ + [ 'OSVDB', '74780' ], [ 'URL', 'http://dsecrg.com/pages/vul/show.php?id=331' ], [ 'URL', 'https://service.sap.com/sap/support/notes/1554030' ] ], diff --git a/modules/auxiliary/dos/scada/beckhoff_twincat.rb b/modules/auxiliary/dos/scada/beckhoff_twincat.rb index 894263d929..dab3f2bda3 100644 --- a/modules/auxiliary/dos/scada/beckhoff_twincat.rb +++ b/modules/auxiliary/dos/scada/beckhoff_twincat.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2011-3486' ], + [ 'OSVDB', '75495' ], [ 'URL', 'http://aluigi.altervista.org/adv/twincat_1-adv.txt' ] ], 'DisclosureDate' => 'Sep 13 2011' diff --git a/modules/auxiliary/dos/scada/igss9_dataserver.rb b/modules/auxiliary/dos/scada/igss9_dataserver.rb index cac255f08b..debb192254 100644 --- a/modules/auxiliary/dos/scada/igss9_dataserver.rb +++ b/modules/auxiliary/dos/scada/igss9_dataserver.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2011-4050' ], + [ 'OSVDB', '77976' ], [ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-11-335-01.pdf' ] ], 'DisclosureDate' => 'Dec 20 2011' diff --git a/modules/auxiliary/dos/smtp/sendmail_prescan.rb b/modules/auxiliary/dos/smtp/sendmail_prescan.rb index ce7b3d8021..e6b422ee8c 100644 --- a/modules/auxiliary/dos/smtp/sendmail_prescan.rb +++ b/modules/auxiliary/dos/smtp/sendmail_prescan.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'Author' => [ 'patrick' ], 'References' => [ + [ 'OSVDB', '2577' ], [ 'CVE', '2003-0694' ], [ 'BID', '8641' ], [ 'EDB', '24' ] diff --git a/modules/auxiliary/dos/solaris/lpd/cascade_delete.rb b/modules/auxiliary/dos/solaris/lpd/cascade_delete.rb index fc4ce49a08..ec9d7a1492 100644 --- a/modules/auxiliary/dos/solaris/lpd/cascade_delete.rb +++ b/modules/auxiliary/dos/solaris/lpd/cascade_delete.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'CVE', '2005-4797' ], [ 'BID', '14510' ], + [ 'OSVDB', '18650' ] ] )) diff --git a/modules/auxiliary/dos/ssl/dtls_changecipherspec.rb b/modules/auxiliary/dos/ssl/dtls_changecipherspec.rb index 4fdb431b54..e045bd5348 100644 --- a/modules/auxiliary/dos/ssl/dtls_changecipherspec.rb +++ b/modules/auxiliary/dos/ssl/dtls_changecipherspec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2009-1386' ], + [ 'OSVDB', '55073'], ], 'DisclosureDate' => 'Apr 26 2000')) diff --git a/modules/auxiliary/dos/tcp/junos_tcp_opt.rb b/modules/auxiliary/dos/tcp/junos_tcp_opt.rb index 70034e88bb..d2b27eecd1 100644 --- a/modules/auxiliary/dos/tcp/junos_tcp_opt.rb +++ b/modules/auxiliary/dos/tcp/junos_tcp_opt.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['BID', '37670'], + ['OSVDB', '61538'], ['URL','http://praetorianprefect.com/archives/2010/01/junos-juniper-flaw-exposes-core-routers-to-kernal-crash/'] ] ) diff --git a/modules/auxiliary/dos/upnp/miniupnpd_dos.rb b/modules/auxiliary/dos/upnp/miniupnpd_dos.rb index fec55b3d1e..fa074f33a7 100644 --- a/modules/auxiliary/dos/upnp/miniupnpd_dos.rb +++ b/modules/auxiliary/dos/upnp/miniupnpd_dos.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2013-0229' ], + [ 'OSVDB', '89625' ], [ 'BID', '57607' ], [ 'URL', 'https://community.rapid7.com/servlet/JiveServlet/download/2150-1-16596/SecurityFlawsUPnP.pdf' ] ], diff --git a/modules/auxiliary/dos/windows/appian/appian_bpm.rb b/modules/auxiliary/dos/windows/appian/appian_bpm.rb index bc0ffbd256..f239bce52f 100644 --- a/modules/auxiliary/dos/windows/appian/appian_bpm.rb +++ b/modules/auxiliary/dos/windows/appian/appian_bpm.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2007-6509'], + ['OSVDB', '39500'], ['URL', 'http://archives.neohapsis.com/archives/fulldisclosure/2007-12/0440.html'] ], 'DisclosureDate' => 'Dec 17 2007' diff --git a/modules/auxiliary/dos/windows/browser/ms09_065_eot_integer.rb b/modules/auxiliary/dos/windows/browser/ms09_065_eot_integer.rb index 8762898e07..5ad8dc5493 100644 --- a/modules/auxiliary/dos/windows/browser/ms09_065_eot_integer.rb +++ b/modules/auxiliary/dos/windows/browser/ms09_065_eot_integer.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'CVE', '2009-2514' ], [ 'MSB', 'MS09-065' ], + [ 'OSVDB', '59869'] ], 'Actions' => [[ 'WebServer' ]], 'PassiveActions' => [ 'WebServer' ], diff --git a/modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb b/modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb index 47d782a139..570ef3994d 100644 --- a/modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb +++ b/modules/auxiliary/dos/windows/ftp/filezilla_admin_user.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary [ 'BID', '15346' ], [ 'CVE', '2005-3589' ], [ 'EDB', '1336' ], + [ 'OSVDB', '20817' ] ], 'DisclosureDate' => 'Nov 07 2005')) end diff --git a/modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb b/modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb index 12717a00f4..78e2cbfc31 100644 --- a/modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb +++ b/modules/auxiliary/dos/windows/ftp/filezilla_server_port.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Auxiliary [ 'BID', '21549' ], [ 'CVE', '2006-6565' ], [ 'EDB', '2914' ], + [ 'OSVDB', '34435' ] ], 'DisclosureDate' => 'Dec 11 2006')) end diff --git a/modules/auxiliary/dos/windows/ftp/guildftp_cwdlist.rb b/modules/auxiliary/dos/windows/ftp/guildftp_cwdlist.rb index 1f7ff5f067..7b62702876 100644 --- a/modules/auxiliary/dos/windows/ftp/guildftp_cwdlist.rb +++ b/modules/auxiliary/dos/windows/ftp/guildftp_cwdlist.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-4572' ], + [ 'OSVDB', '49045' ], [ 'EDB', '6738'] ], 'DisclosureDate' => 'Oct 12 2008')) diff --git a/modules/auxiliary/dos/windows/ftp/iis75_ftpd_iac_bof.rb b/modules/auxiliary/dos/windows/ftp/iis75_ftpd_iac_bof.rb index 7169b81469..8cccf0ebb4 100644 --- a/modules/auxiliary/dos/windows/ftp/iis75_ftpd_iac_bof.rb +++ b/modules/auxiliary/dos/windows/ftp/iis75_ftpd_iac_bof.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-3972' ], + [ 'OSVDB', '70167' ], [ 'BID', '45542' ], [ 'MSB', 'MS11-004' ], [ 'EDB', '15803' ], diff --git a/modules/auxiliary/dos/windows/ftp/iis_list_exhaustion.rb b/modules/auxiliary/dos/windows/ftp/iis_list_exhaustion.rb index 85a1f8f411..415e837c28 100644 --- a/modules/auxiliary/dos/windows/ftp/iis_list_exhaustion.rb +++ b/modules/auxiliary/dos/windows/ftp/iis_list_exhaustion.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'CVE', '2009-2521'], [ 'BID', '36273'], + [ 'OSVDB', '57753'], [ 'MSB', 'MS09-053'], [ 'URL', 'https://www.microsoft.com/technet/security/Bulletin/MS09-053.mspx'], [ 'URL', 'http://archives.neohapsis.com/archives/fulldisclosure/2009-09/0040.html'] diff --git a/modules/auxiliary/dos/windows/ftp/titan626_site.rb b/modules/auxiliary/dos/windows/ftp/titan626_site.rb index 1d951d9db3..960caad59d 100644 --- a/modules/auxiliary/dos/windows/ftp/titan626_site.rb +++ b/modules/auxiliary/dos/windows/ftp/titan626_site.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-6082'], + [ 'OSVDB', '49177'], [ 'EDB', '6753'] ], 'DisclosureDate' => 'Oct 14 2008')) diff --git a/modules/auxiliary/dos/windows/ftp/vicftps50_list.rb b/modules/auxiliary/dos/windows/ftp/vicftps50_list.rb index fe9fb94ee6..f83dbc13dc 100644 --- a/modules/auxiliary/dos/windows/ftp/vicftps50_list.rb +++ b/modules/auxiliary/dos/windows/ftp/vicftps50_list.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'CVE', '2008-2031' ], [ 'CVE', '2008-6829' ], + [ 'OSVDB', '44608' ], [ 'EDB', '6834' ] ], 'DisclosureDate' => 'Oct 24 2008')) diff --git a/modules/auxiliary/dos/windows/ftp/winftp230_nlst.rb b/modules/auxiliary/dos/windows/ftp/winftp230_nlst.rb index 3f7e8db4ae..fc65243095 100644 --- a/modules/auxiliary/dos/windows/ftp/winftp230_nlst.rb +++ b/modules/auxiliary/dos/windows/ftp/winftp230_nlst.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-5666' ], + [ 'OSVDB', '49043' ], [ 'EDB', '6581' ] ], 'DisclosureDate' => 'Sep 26 2008')) diff --git a/modules/auxiliary/dos/windows/ftp/xmeasy560_nlst.rb b/modules/auxiliary/dos/windows/ftp/xmeasy560_nlst.rb index 1c12ce4e97..3e6f11f24c 100644 --- a/modules/auxiliary/dos/windows/ftp/xmeasy560_nlst.rb +++ b/modules/auxiliary/dos/windows/ftp/xmeasy560_nlst.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-5626'], + [ 'OSVDB', '50837'], [ 'EDB', '6741' ] ], 'DisclosureDate' => 'Oct 13 2008')) diff --git a/modules/auxiliary/dos/windows/ftp/xmeasy570_nlst.rb b/modules/auxiliary/dos/windows/ftp/xmeasy570_nlst.rb index bfaa84a805..e93a079cfc 100644 --- a/modules/auxiliary/dos/windows/ftp/xmeasy570_nlst.rb +++ b/modules/auxiliary/dos/windows/ftp/xmeasy570_nlst.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ [ 'CVE', '2008-5626'], + [ 'OSVDB', '50837'], [ 'EDB', '8294' ] ], 'DisclosureDate' => 'Mar 27 2009') diff --git a/modules/auxiliary/dos/windows/http/ms10_065_ii6_asp_dos.rb b/modules/auxiliary/dos/windows/http/ms10_065_ii6_asp_dos.rb index 938f27aa28..517ce4a0c8 100644 --- a/modules/auxiliary/dos/windows/http/ms10_065_ii6_asp_dos.rb +++ b/modules/auxiliary/dos/windows/http/ms10_065_ii6_asp_dos.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-1899' ], + [ 'OSVDB', '67978'], [ 'MSB', 'MS10-065'], [ 'EDB', '15167' ] ], diff --git a/modules/auxiliary/dos/windows/http/pi3web_isapi.rb b/modules/auxiliary/dos/windows/http/pi3web_isapi.rb index 79416856e7..2dfb95de64 100644 --- a/modules/auxiliary/dos/windows/http/pi3web_isapi.rb +++ b/modules/auxiliary/dos/windows/http/pi3web_isapi.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ [ 'CVE', '2008-6938'], + [ 'OSVDB', '49998'], [ 'EDB', '7109' ] ], 'DisclosureDate' => 'Nov 13 2008')) diff --git a/modules/auxiliary/dos/windows/llmnr/ms11_030_dnsapi.rb b/modules/auxiliary/dos/windows/llmnr/ms11_030_dnsapi.rb index 53bcd0caf7..f8be0ff9d5 100644 --- a/modules/auxiliary/dos/windows/llmnr/ms11_030_dnsapi.rb +++ b/modules/auxiliary/dos/windows/llmnr/ms11_030_dnsapi.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2011-0657' ], + [ 'OSVDB', '71780' ], [ 'MSB', 'MS11-030' ] ], 'DisclosureDate' => 'Apr 12 2011') diff --git a/modules/auxiliary/dos/windows/nat/nat_helper.rb b/modules/auxiliary/dos/windows/nat/nat_helper.rb index c38914f883..d251700318 100644 --- a/modules/auxiliary/dos/windows/nat/nat_helper.rb +++ b/modules/auxiliary/dos/windows/nat/nat_helper.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '30096'], [ 'BID', '20804' ], [ 'CVE', '2006-5614' ], ], diff --git a/modules/auxiliary/dos/windows/smb/ms05_047_pnp.rb b/modules/auxiliary/dos/windows/smb/ms05_047_pnp.rb index 9ea0435f7c..e1e0065efc 100644 --- a/modules/auxiliary/dos/windows/smb/ms05_047_pnp.rb +++ b/modules/auxiliary/dos/windows/smb/ms05_047_pnp.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Auxiliary [ 'CVE', '2005-2120' ], [ 'MSB', 'MS05-047' ], [ 'BID', '15065' ], + [ 'OSVDB', '18830' ] ] )) diff --git a/modules/auxiliary/dos/windows/smb/ms06_035_mailslot.rb b/modules/auxiliary/dos/windows/smb/ms06_035_mailslot.rb index 443b5159ae..29ec0f804c 100644 --- a/modules/auxiliary/dos/windows/smb/ms06_035_mailslot.rb +++ b/modules/auxiliary/dos/windows/smb/ms06_035_mailslot.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['BID', '19215'], + ['OSVDB', '27644'], ['CVE', '2006-3942'], ['URL', 'http://www.coresecurity.com/common/showdoc.php?idx=562&idxseccion=10'], ['MSB', 'MS06-035'], diff --git a/modules/auxiliary/dos/windows/smb/ms06_063_trans.rb b/modules/auxiliary/dos/windows/smb/ms06_063_trans.rb index e431e67aec..d5a480e758 100644 --- a/modules/auxiliary/dos/windows/smb/ms06_063_trans.rb +++ b/modules/auxiliary/dos/windows/smb/ms06_063_trans.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '27644' ], ['MSB', 'MS06-063' ], ['CVE', '2006-3942'], ['BID', '19215'], diff --git a/modules/auxiliary/dos/windows/smb/ms09_001_write.rb b/modules/auxiliary/dos/windows/smb/ms09_001_write.rb index 313b3d6e64..7b51b4ae98 100644 --- a/modules/auxiliary/dos/windows/smb/ms09_001_write.rb +++ b/modules/auxiliary/dos/windows/smb/ms09_001_write.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['MSB', 'MS09-001'], + ['OSVDB', '48153'], ['CVE', '2008-4114'], ['BID', '31179'], ] diff --git a/modules/auxiliary/dos/windows/smb/ms09_050_smb2_negotiate_pidhigh.rb b/modules/auxiliary/dos/windows/smb/ms09_050_smb2_negotiate_pidhigh.rb index 8927ce6251..6763919a40 100644 --- a/modules/auxiliary/dos/windows/smb/ms09_050_smb2_negotiate_pidhigh.rb +++ b/modules/auxiliary/dos/windows/smb/ms09_050_smb2_negotiate_pidhigh.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary [ ['CVE', '2009-3103'], ['BID', '36299'], + ['OSVDB', '57799'], ['MSB', 'MS09-050'], ['URL', 'http://seclists.org/fulldisclosure/2009/Sep/0039.html'], ['URL', 'http://www.microsoft.com/technet/security/advisory/975497.mspx'] diff --git a/modules/auxiliary/dos/windows/smb/ms09_050_smb2_session_logoff.rb b/modules/auxiliary/dos/windows/smb/ms09_050_smb2_session_logoff.rb index f0637a54c5..41a1ad0808 100644 --- a/modules/auxiliary/dos/windows/smb/ms09_050_smb2_session_logoff.rb +++ b/modules/auxiliary/dos/windows/smb/ms09_050_smb2_session_logoff.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2009-3103'], + [ 'OSVDB', '57799' ], [ 'MSB', 'MS09-050' ], ] )) diff --git a/modules/auxiliary/dos/windows/smb/ms10_006_negotiate_response_loop.rb b/modules/auxiliary/dos/windows/smb/ms10_006_negotiate_response_loop.rb index 1fadac3244..08c0cb47db 100644 --- a/modules/auxiliary/dos/windows/smb/ms10_006_negotiate_response_loop.rb +++ b/modules/auxiliary/dos/windows/smb/ms10_006_negotiate_response_loop.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2010-0017'], + ['OSVDB', '62244'], ['MSB', 'MS10-006'], ['URL', 'http://g-laurent.blogspot.com/2009/11/windows-7-server-2008r2-remote-kernel.html'] ], diff --git a/modules/auxiliary/dos/windows/smb/ms10_054_queryfs_pool_overflow.rb b/modules/auxiliary/dos/windows/smb/ms10_054_queryfs_pool_overflow.rb index 0a23da0b85..5cff79cdfd 100644 --- a/modules/auxiliary/dos/windows/smb/ms10_054_queryfs_pool_overflow.rb +++ b/modules/auxiliary/dos/windows/smb/ms10_054_queryfs_pool_overflow.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2010-2550'], + ['OSVDB', '66974'], ['MSB', 'MS10-054'], ['URL', 'http://seclists.org/fulldisclosure/2010/Aug/122'] ], diff --git a/modules/auxiliary/dos/windows/smb/ms11_019_electbowser.rb b/modules/auxiliary/dos/windows/smb/ms11_019_electbowser.rb index 2b778ecc19..46aaf309f2 100644 --- a/modules/auxiliary/dos/windows/smb/ms11_019_electbowser.rb +++ b/modules/auxiliary/dos/windows/smb/ms11_019_electbowser.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'CVE', '2011-0654' ], [ 'BID', '46360' ], + [ 'OSVDB', '70881' ], [ 'MSB', 'MS11-019' ], [ 'EDB', '16166' ], [ 'URL', 'http://seclists.org/fulldisclosure/2011/Feb/285' ] diff --git a/modules/auxiliary/dos/windows/smb/rras_vls_null_deref.rb b/modules/auxiliary/dos/windows/smb/rras_vls_null_deref.rb index 4c0f709b7e..1b6a17314a 100644 --- a/modules/auxiliary/dos/windows/smb/rras_vls_null_deref.rb +++ b/modules/auxiliary/dos/windows/smb/rras_vls_null_deref.rb @@ -26,6 +26,11 @@ class MetasploitModule < Msf::Auxiliary 'Author' => [ 'hdm' ], 'License' => MSF_LICENSE, + 'References' => + [ + [ 'OSVDB', '64340'], + + ], 'Actions' => [ ['Attack'], diff --git a/modules/auxiliary/dos/windows/smb/vista_negotiate_stop.rb b/modules/auxiliary/dos/windows/smb/vista_negotiate_stop.rb index 71e3b2df6d..70abc3470a 100644 --- a/modules/auxiliary/dos/windows/smb/vista_negotiate_stop.rb +++ b/modules/auxiliary/dos/windows/smb/vista_negotiate_stop.rb @@ -18,7 +18,11 @@ class MetasploitModule < Msf::Auxiliary }, 'Author' => [ 'hdm' ], - 'License' => MSF_LICENSE + 'License' => MSF_LICENSE, + 'References' => + [ + [ 'OSVDB', '64341'], + ] )) register_options([Opt::RPORT(445)], self.class) diff --git a/modules/auxiliary/dos/windows/ssh/sysax_sshd_kexchange.rb b/modules/auxiliary/dos/windows/ssh/sysax_sshd_kexchange.rb index 6b65b76797..1729724e16 100644 --- a/modules/auxiliary/dos/windows/ssh/sysax_sshd_kexchange.rb +++ b/modules/auxiliary/dos/windows/ssh/sysax_sshd_kexchange.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '92081'], [ 'URL', 'http://www.mattandreko.com/2013/04/sysax-multi-server-610-ssh-dos.html'] ], 'DisclosureDate' => 'Mar 17 2013')) diff --git a/modules/auxiliary/dos/windows/tftp/pt360_write.rb b/modules/auxiliary/dos/windows/tftp/pt360_write.rb index c09b6090f2..6f15b331b3 100644 --- a/modules/auxiliary/dos/windows/tftp/pt360_write.rb +++ b/modules/auxiliary/dos/windows/tftp/pt360_write.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-1311'], + [ 'OSVDB', '42932'], [ 'EDB', '6863'] ], 'DisclosureDate' => 'Oct 29 2008')) diff --git a/modules/auxiliary/dos/windows/tftp/solarwinds.rb b/modules/auxiliary/dos/windows/tftp/solarwinds.rb index a97972a6ce..9c11bf9139 100644 --- a/modules/auxiliary/dos/windows/tftp/solarwinds.rb +++ b/modules/auxiliary/dos/windows/tftp/solarwinds.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-2115' ], + [ 'OSVDB', '64845' ], [ 'EDB', '12683' ] ], 'DisclosureDate' => 'May 21 2010')) diff --git a/modules/auxiliary/dos/wireshark/capwap.rb b/modules/auxiliary/dos/wireshark/capwap.rb index 591519e078..a04ee8e064 100644 --- a/modules/auxiliary/dos/wireshark/capwap.rb +++ b/modules/auxiliary/dos/wireshark/capwap.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2013-4074'], + ['OSVDB', '94091'], ['BID', '60500'] ], 'DisclosureDate' => 'Apr 28 2014')) diff --git a/modules/auxiliary/dos/wireshark/chunked.rb b/modules/auxiliary/dos/wireshark/chunked.rb index 954d3826ec..3cb3a0a4a3 100644 --- a/modules/auxiliary/dos/wireshark/chunked.rb +++ b/modules/auxiliary/dos/wireshark/chunked.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2007-3389'], + [ 'OSVDB', '37643'], [ 'URL', 'https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1394'], ], 'DisclosureDate' => 'Feb 22 2007')) diff --git a/modules/auxiliary/dos/wireshark/cldap.rb b/modules/auxiliary/dos/wireshark/cldap.rb index 0c7c5d88d8..edbef44b07 100644 --- a/modules/auxiliary/dos/wireshark/cldap.rb +++ b/modules/auxiliary/dos/wireshark/cldap.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2011-1140'], + [ 'OSVDB', '71552'], [ 'URL', 'http://www.wireshark.org/security/wnpa-sec-2011-04.html' ], [ 'URL', 'https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717' ], ], diff --git a/modules/auxiliary/dos/wireshark/ldap.rb b/modules/auxiliary/dos/wireshark/ldap.rb index 9fb5d20615..f56c69f873 100644 --- a/modules/auxiliary/dos/wireshark/ldap.rb +++ b/modules/auxiliary/dos/wireshark/ldap.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-1562' ], + [ 'OSVDB', '43840' ], ], 'DisclosureDate' => 'Mar 28 2008') diff --git a/modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb b/modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb index 83c0636d72..3fc5e20342 100644 --- a/modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb +++ b/modules/auxiliary/gather/alienvault_newpolicyform_sqli.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary ], 'References' => [ + ['OSVDB', '106815'], ['EDB', '33317'], ['URL', 'http://forums.alienvault.com/discussion/2690/security-advisories-v4-6-1-and-lower'] ], diff --git a/modules/auxiliary/gather/android_stock_browser_uxss.rb b/modules/auxiliary/gather/android_stock_browser_uxss.rb index 819f040fdf..4296dbb238 100644 --- a/modules/auxiliary/gather/android_stock_browser_uxss.rb +++ b/modules/auxiliary/gather/android_stock_browser_uxss.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Auxiliary ], 'References' => [ [ 'URL', 'http://1337day.com/exploit/description/22581' ], + [ 'OSVDB', '110664' ], [ 'CVE', '2014-6041' ] ], 'DefaultAction' => 'WebServer' diff --git a/modules/auxiliary/gather/apache_rave_creds.rb b/modules/auxiliary/gather/apache_rave_creds.rb index 857a7863f2..320bc12a25 100644 --- a/modules/auxiliary/gather/apache_rave_creds.rb +++ b/modules/auxiliary/gather/apache_rave_creds.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2013-1814' ], + [ 'OSVDB', '91235' ], [ 'BID', '58455' ], [ 'EDB', '24744'] ] diff --git a/modules/auxiliary/gather/citrix_published_bruteforce.rb b/modules/auxiliary/gather/citrix_published_bruteforce.rb index e72a1217f8..b04997750e 100644 --- a/modules/auxiliary/gather/citrix_published_bruteforce.rb +++ b/modules/auxiliary/gather/citrix_published_bruteforce.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Auxiliary 'Author' => [ 'patrick' ], 'References' => [ + [ 'OSVDB', '50617' ], [ 'BID', '5817' ] ] )) diff --git a/modules/auxiliary/gather/coldfusion_pwd_props.rb b/modules/auxiliary/gather/coldfusion_pwd_props.rb index 1de781ad11..ba70df4668 100644 --- a/modules/auxiliary/gather/coldfusion_pwd_props.rb +++ b/modules/auxiliary/gather/coldfusion_pwd_props.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + [ 'OSVDB', '93114' ], [ 'EDB', '25305' ] ], 'Author' => diff --git a/modules/auxiliary/gather/drupal_openid_xxe.rb b/modules/auxiliary/gather/drupal_openid_xxe.rb index 64146d2551..ce5a7e2a87 100644 --- a/modules/auxiliary/gather/drupal_openid_xxe.rb +++ b/modules/auxiliary/gather/drupal_openid_xxe.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2012-4554' ], + [ 'OSVDB', '86429' ], [ 'BID', '56103' ], [ 'URL', 'https://drupal.org/node/1815912' ], [ 'URL', 'http://drupalcode.org/project/drupal.git/commit/b912710' ], diff --git a/modules/auxiliary/gather/eaton_nsm_creds.rb b/modules/auxiliary/gather/eaton_nsm_creds.rb index 7b8e490644..0cd76869b6 100644 --- a/modules/auxiliary/gather/eaton_nsm_creds.rb +++ b/modules/auxiliary/gather/eaton_nsm_creds.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + ['OSVDB', '83199'], ['URL', 'http://secunia.com/advisories/49103/'] ], 'Author' => diff --git a/modules/auxiliary/gather/enum_dns.rb b/modules/auxiliary/gather/enum_dns.rb index 8ee3747970..40f6cd2ea4 100644 --- a/modules/auxiliary/gather/enum_dns.rb +++ b/modules/auxiliary/gather/enum_dns.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ ['CVE', '1999-0532'], + ['OSVDB', '492'] ])) register_options( diff --git a/modules/auxiliary/gather/eventlog_cred_disclosure.rb b/modules/auxiliary/gather/eventlog_cred_disclosure.rb index 3ea46e387b..3e62e3adac 100644 --- a/modules/auxiliary/gather/eventlog_cred_disclosure.rb +++ b/modules/auxiliary/gather/eventlog_cred_disclosure.rb @@ -32,6 +32,8 @@ class MetasploitModule < Msf::Auxiliary [ [ 'CVE', '2014-6038' ], [ 'CVE', '2014-6039' ], + [ 'OSVDB', '114342' ], + [ 'OSVDB', '114344' ], [ 'URL', 'http://seclists.org/fulldisclosure/2014/Nov/12' ] ], 'DisclosureDate' => 'Nov 5 2014')) diff --git a/modules/auxiliary/gather/ie_uxss_injection.rb b/modules/auxiliary/gather/ie_uxss_injection.rb index 269fa38bb2..2cb0acf9c3 100644 --- a/modules/auxiliary/gather/ie_uxss_injection.rb +++ b/modules/auxiliary/gather/ie_uxss_injection.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2015-0072' ], + [ 'OSVDB', '117876' ], [ 'MSB', 'MS15-018' ], [ 'URL', 'http://innerht.ml/blog/ie-uxss.html' ], [ 'URL', 'http://seclists.org/fulldisclosure/2015/Feb/10' ] diff --git a/modules/auxiliary/gather/trackit_sql_domain_creds.rb b/modules/auxiliary/gather/trackit_sql_domain_creds.rb index f8677c49ff..79c7d70947 100644 --- a/modules/auxiliary/gather/trackit_sql_domain_creds.rb +++ b/modules/auxiliary/gather/trackit_sql_domain_creds.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2014-4872' ], + [ 'OSVDB', '112741' ], [ 'US-CERT-VU', '121036' ], [ 'URL', 'http://seclists.org/fulldisclosure/2014/Oct/34' ] ], diff --git a/modules/auxiliary/gather/vbulletin_vote_sqli.rb b/modules/auxiliary/gather/vbulletin_vote_sqli.rb index 12134108d9..35aab65f56 100644 --- a/modules/auxiliary/gather/vbulletin_vote_sqli.rb +++ b/modules/auxiliary/gather/vbulletin_vote_sqli.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2013-3522' ], + [ 'OSVDB', '92031' ], [ 'EDB', '24882' ], [ 'BID', '58754' ], [ 'URL', 'http://www.zempirians.com/archive/legion/vbulletin_5.pl.txt' ] diff --git a/modules/auxiliary/gather/wp_w3_total_cache_hash_extract.rb b/modules/auxiliary/gather/wp_w3_total_cache_hash_extract.rb index 4848709e1a..b5de7b700e 100644 --- a/modules/auxiliary/gather/wp_w3_total_cache_hash_extract.rb +++ b/modules/auxiliary/gather/wp_w3_total_cache_hash_extract.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '88744'], ['URL', 'http://seclists.org/fulldisclosure/2012/Dec/242'], ['WPVDB', '6621'] ], diff --git a/modules/auxiliary/pdf/foxit/authbypass.rb b/modules/auxiliary/pdf/foxit/authbypass.rb index e8b4a7041e..bcf0040fa6 100644 --- a/modules/auxiliary/pdf/foxit/authbypass.rb +++ b/modules/auxiliary/pdf/foxit/authbypass.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2009-0836' ], + [ 'OSVDB', '55615'], [ 'BID', '34035' ], ], 'DisclosureDate' => 'Mar 9 2009', diff --git a/modules/auxiliary/scanner/backdoor/energizer_duo_detect.rb b/modules/auxiliary/scanner/backdoor/energizer_duo_detect.rb index a852462602..c2925cb87d 100644 --- a/modules/auxiliary/scanner/backdoor/energizer_duo_detect.rb +++ b/modules/auxiliary/scanner/backdoor/energizer_duo_detect.rb @@ -19,6 +19,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2010-0103'], + ['OSVDB', '62782'], ['US-CERT-VU', '154421'] ], 'License' => MSF_LICENSE diff --git a/modules/auxiliary/scanner/ftp/titanftp_xcrc_traversal.rb b/modules/auxiliary/scanner/ftp/titanftp_xcrc_traversal.rb index 893c1d2682..fd22f8a66b 100644 --- a/modules/auxiliary/scanner/ftp/titanftp_xcrc_traversal.rb +++ b/modules/auxiliary/scanner/ftp/titanftp_xcrc_traversal.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '65533'], [ 'URL', 'http://seclists.org/bugtraq/2010/Jun/160' ] ], 'DisclosureDate' => 'Jun 15 2010' diff --git a/modules/auxiliary/scanner/http/a10networks_ax_directory_traversal.rb b/modules/auxiliary/scanner/http/a10networks_ax_directory_traversal.rb index cc4be503ae..1a83f8a512 100644 --- a/modules/auxiliary/scanner/http/a10networks_ax_directory_traversal.rb +++ b/modules/auxiliary/scanner/http/a10networks_ax_directory_traversal.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + ['OSVDB', '102657'], ['BID', '65206'], ['EDB', '31261'] ], diff --git a/modules/auxiliary/scanner/http/adobe_xml_inject.rb b/modules/auxiliary/scanner/http/adobe_xml_inject.rb index 291a46791e..0b4fd6e2ea 100644 --- a/modules/auxiliary/scanner/http/adobe_xml_inject.rb +++ b/modules/auxiliary/scanner/http/adobe_xml_inject.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2009-3960' ], + [ 'OSVDB', '62292' ], [ 'BID', '38197' ], [ 'URL', 'http://www.security-assessment.com/files/advisories/2010-02-22_Multiple_Adobe_Products-XML_External_Entity_and_XML_Injection.pdf' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb10-05.html'], diff --git a/modules/auxiliary/scanner/http/apache_activemq_source_disclosure.rb b/modules/auxiliary/scanner/http/apache_activemq_source_disclosure.rb index 06401955e6..4bb3bece15 100644 --- a/modules/auxiliary/scanner/http/apache_activemq_source_disclosure.rb +++ b/modules/auxiliary/scanner/http/apache_activemq_source_disclosure.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-1587' ], + [ 'OSVDB', '64020' ], [ 'BID', '39636' ], [ 'URL', 'https://issues.apache.org/jira/browse/AMQ-2700' ] ] diff --git a/modules/auxiliary/scanner/http/apache_activemq_traversal.rb b/modules/auxiliary/scanner/http/apache_activemq_traversal.rb index a310497c0e..a5b43f7e2c 100644 --- a/modules/auxiliary/scanner/http/apache_activemq_traversal.rb +++ b/modules/auxiliary/scanner/http/apache_activemq_traversal.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Auxiliary ], 'References' => [ + [ 'OSVDB', '86401' ], [ 'URL', 'http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=895' ], [ 'URL', 'https://issues.apache.org/jira/browse/amq-2788' ] ] diff --git a/modules/auxiliary/scanner/http/apache_mod_cgi_bash_env.rb b/modules/auxiliary/scanner/http/apache_mod_cgi_bash_env.rb index 9bd950c3bb..6324d1152b 100644 --- a/modules/auxiliary/scanner/http/apache_mod_cgi_bash_env.rb +++ b/modules/auxiliary/scanner/http/apache_mod_cgi_bash_env.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2014-6271'], ['CVE', '2014-6278'], + ['OSVDB', '112004'], ['EDB', '34765'], ['URL', 'https://access.redhat.com/articles/1200223'], ['URL', 'http://seclists.org/oss-sec/2014/q3/649'] diff --git a/modules/auxiliary/scanner/http/apache_userdir_enum.rb b/modules/auxiliary/scanner/http/apache_userdir_enum.rb index e0cebb6697..2b4711af17 100644 --- a/modules/auxiliary/scanner/http/apache_userdir_enum.rb +++ b/modules/auxiliary/scanner/http/apache_userdir_enum.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary [ ['BID', '3335'], ['CVE', '2001-1013'], + ['OSVDB', '637'], ], 'License' => MSF_LICENSE ) diff --git a/modules/auxiliary/scanner/http/atlassian_crowd_fileaccess.rb b/modules/auxiliary/scanner/http/atlassian_crowd_fileaccess.rb index 09b7fbca4b..00f2f307f0 100644 --- a/modules/auxiliary/scanner/http/atlassian_crowd_fileaccess.rb +++ b/modules/auxiliary/scanner/http/atlassian_crowd_fileaccess.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2012-2926' ], + [ 'OSVDB', '82274' ], [ 'BID', '53595' ], [ 'URL', 'https://www.neg9.org' ], # General [ 'URL', 'https://confluence.atlassian.com/display/CROWD/Crowd+Security+Advisory+2012-05-17'] diff --git a/modules/auxiliary/scanner/http/axis_local_file_include.rb b/modules/auxiliary/scanner/http/axis_local_file_include.rb index c9502c4c6c..a788774b35 100644 --- a/modules/auxiliary/scanner/http/axis_local_file_include.rb +++ b/modules/auxiliary/scanner/http/axis_local_file_include.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['EDB', '12721'], + ['OSVDB', '59001'], ], 'Author' => [ diff --git a/modules/auxiliary/scanner/http/axis_login.rb b/modules/auxiliary/scanner/http/axis_login.rb index 22abc5a879..cd70c330f3 100644 --- a/modules/auxiliary/scanner/http/axis_login.rb +++ b/modules/auxiliary/scanner/http/axis_login.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-0219' ], + [ 'OSVDB', '68662'], ], 'License' => MSF_LICENSE ) diff --git a/modules/auxiliary/scanner/http/barracuda_directory_traversal.rb b/modules/auxiliary/scanner/http/barracuda_directory_traversal.rb index ee5a1ef8f3..15bee576e6 100644 --- a/modules/auxiliary/scanner/http/barracuda_directory_traversal.rb +++ b/modules/auxiliary/scanner/http/barracuda_directory_traversal.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + ['OSVDB', '68301'], ['URL', 'http://secunia.com/advisories/41609/'], ['EDB', '15130'] ], diff --git a/modules/auxiliary/scanner/http/bitweaver_overlay_type_traversal.rb b/modules/auxiliary/scanner/http/bitweaver_overlay_type_traversal.rb index ca403b0010..baa635fe7e 100644 --- a/modules/auxiliary/scanner/http/bitweaver_overlay_type_traversal.rb +++ b/modules/auxiliary/scanner/http/bitweaver_overlay_type_traversal.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2012-5192'], + ['OSVDB', '86599'], ['EDB', '22216'], ['URL', 'https://www.trustwave.com/spiderlabs/advisories/TWSL2012-016.txt'] ], diff --git a/modules/auxiliary/scanner/http/canon_wireless.rb b/modules/auxiliary/scanner/http/canon_wireless.rb index b1c0f69a80..971536a302 100644 --- a/modules/auxiliary/scanner/http/canon_wireless.rb +++ b/modules/auxiliary/scanner/http/canon_wireless.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Auxiliary ], 'References' => [ [ 'CVE', '2013-4614' ], + [ 'OSVDB', '94417' ], [ 'URL', 'http://www.mattandreko.com/2013/06/canon-y-u-no-security.html'] ], 'DisclosureDate' => 'Jun 18 2013')) diff --git a/modules/auxiliary/scanner/http/cisco_device_manager.rb b/modules/auxiliary/scanner/http/cisco_device_manager.rb index f8e37f4a08..fe3ca21873 100644 --- a/modules/auxiliary/scanner/http/cisco_device_manager.rb +++ b/modules/auxiliary/scanner/http/cisco_device_manager.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'BID', '1846'], [ 'CVE', '2000-0945'], + [ 'OSVDB', '444'], ], 'DisclosureDate' => 'Oct 26 2000')) end diff --git a/modules/auxiliary/scanner/http/cisco_ios_auth_bypass.rb b/modules/auxiliary/scanner/http/cisco_ios_auth_bypass.rb index 8be0a8026c..f1442e9410 100644 --- a/modules/auxiliary/scanner/http/cisco_ios_auth_bypass.rb +++ b/modules/auxiliary/scanner/http/cisco_ios_auth_bypass.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'BID', '2936'], [ 'CVE', '2001-0537'], + [ 'OSVDB', '578' ], ], 'DisclosureDate' => 'Jun 27 2001')) end diff --git a/modules/auxiliary/scanner/http/cisco_nac_manager_traversal.rb b/modules/auxiliary/scanner/http/cisco_nac_manager_traversal.rb index 0ae5e32c67..42e31918dc 100644 --- a/modules/auxiliary/scanner/http/cisco_nac_manager_traversal.rb +++ b/modules/auxiliary/scanner/http/cisco_nac_manager_traversal.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2011-3305' ], + [ 'OSVDB', '76080'] ], 'Author' => [ 'Nenad Stojanovski ' ], 'License' => MSF_LICENSE diff --git a/modules/auxiliary/scanner/http/clansphere_traversal.rb b/modules/auxiliary/scanner/http/clansphere_traversal.rb index 0cca634434..4f48e3a7a8 100644 --- a/modules/auxiliary/scanner/http/clansphere_traversal.rb +++ b/modules/auxiliary/scanner/http/clansphere_traversal.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + ['OSVDB', '86720'], ['EDB', '22181'] ], 'Author' => diff --git a/modules/auxiliary/scanner/http/coldfusion_locale_traversal.rb b/modules/auxiliary/scanner/http/coldfusion_locale_traversal.rb index 5242e2c098..5fd71d7fbc 100644 --- a/modules/auxiliary/scanner/http/coldfusion_locale_traversal.rb +++ b/modules/auxiliary/scanner/http/coldfusion_locale_traversal.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'CVE', '2010-2861' ], [ 'BID', '42342' ], + [ 'OSVDB', '67047' ], [ 'URL', 'http://www.gnucitizen.org/blog/coldfusion-directory-traversal-faq-cve-2010-2861' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb10-18.html' ], ] diff --git a/modules/auxiliary/scanner/http/dir_webdav_unicode_bypass.rb b/modules/auxiliary/scanner/http/dir_webdav_unicode_bypass.rb index 04724da6d2..e5ef0dc135 100644 --- a/modules/auxiliary/scanner/http/dir_webdav_unicode_bypass.rb +++ b/modules/auxiliary/scanner/http/dir_webdav_unicode_bypass.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Auxiliary [ 'MSB', 'MS09-020' ], [ 'CVE', '2009-1535' ], [ 'CVE', '2009-1122' ], + [ 'OSVDB', '54555' ], [ 'BID', '34993' ], ])) diff --git a/modules/auxiliary/scanner/http/glassfish_login.rb b/modules/auxiliary/scanner/http/glassfish_login.rb index dc6cd1d629..44f0e8cd5d 100644 --- a/modules/auxiliary/scanner/http/glassfish_login.rb +++ b/modules/auxiliary/scanner/http/glassfish_login.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2011-0807'], + ['OSVDB', '71948'] ], 'License' => MSF_LICENSE ) diff --git a/modules/auxiliary/scanner/http/groupwise_agents_http_traversal.rb b/modules/auxiliary/scanner/http/groupwise_agents_http_traversal.rb index 9152a66e9e..a8db31c196 100644 --- a/modules/auxiliary/scanner/http/groupwise_agents_http_traversal.rb +++ b/modules/auxiliary/scanner/http/groupwise_agents_http_traversal.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2012-0419' ], + [ 'OSVDB', '85801' ], [ 'BID', '55648' ], [ 'URL', 'http://www.novell.com/support/kb/doc.php?id=7010772' ] ] diff --git a/modules/auxiliary/scanner/http/hp_imc_bims_downloadservlet_traversal.rb b/modules/auxiliary/scanner/http/hp_imc_bims_downloadservlet_traversal.rb index 292137f759..0d450d626b 100644 --- a/modules/auxiliary/scanner/http/hp_imc_bims_downloadservlet_traversal.rb +++ b/modules/auxiliary/scanner/http/hp_imc_bims_downloadservlet_traversal.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2013-4823' ], + [ 'OSVDB', '98248' ], [ 'BID', '62897' ], [ 'ZDI', '13-239' ] ] diff --git a/modules/auxiliary/scanner/http/hp_imc_faultdownloadservlet_traversal.rb b/modules/auxiliary/scanner/http/hp_imc_faultdownloadservlet_traversal.rb index 463d79ac10..7521cecfb1 100644 --- a/modules/auxiliary/scanner/http/hp_imc_faultdownloadservlet_traversal.rb +++ b/modules/auxiliary/scanner/http/hp_imc_faultdownloadservlet_traversal.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2012-5202' ], + [ 'OSVDB', '91027' ], [ 'BID', '58675' ], [ 'ZDI', '13-051' ] ] diff --git a/modules/auxiliary/scanner/http/hp_imc_ictdownloadservlet_traversal.rb b/modules/auxiliary/scanner/http/hp_imc_ictdownloadservlet_traversal.rb index dd44de5113..e1051a09d8 100644 --- a/modules/auxiliary/scanner/http/hp_imc_ictdownloadservlet_traversal.rb +++ b/modules/auxiliary/scanner/http/hp_imc_ictdownloadservlet_traversal.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2012-5204' ], + [ 'OSVDB', '91029' ], [ 'BID', '58676' ], [ 'ZDI', '13-053' ] ] diff --git a/modules/auxiliary/scanner/http/hp_imc_reportimgservlt_traversal.rb b/modules/auxiliary/scanner/http/hp_imc_reportimgservlt_traversal.rb index 3a64b32369..2b3c981d67 100644 --- a/modules/auxiliary/scanner/http/hp_imc_reportimgservlt_traversal.rb +++ b/modules/auxiliary/scanner/http/hp_imc_reportimgservlt_traversal.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2012-5203' ], + [ 'OSVDB', '91028' ], [ 'BID', '58672' ], [ 'ZDI', '13-052' ] ] diff --git a/modules/auxiliary/scanner/http/hp_imc_som_file_download.rb b/modules/auxiliary/scanner/http/hp_imc_som_file_download.rb index 2d6250c1b6..25d6ca9f37 100644 --- a/modules/auxiliary/scanner/http/hp_imc_som_file_download.rb +++ b/modules/auxiliary/scanner/http/hp_imc_som_file_download.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2013-4826' ], + [ 'OSVDB', '98251' ], [ 'BID', '62898' ], [ 'ZDI', '13-242' ] ] diff --git a/modules/auxiliary/scanner/http/hp_sitescope_getfileinternal_fileaccess.rb b/modules/auxiliary/scanner/http/hp_sitescope_getfileinternal_fileaccess.rb index 02b9db913c..231654fd8d 100644 --- a/modules/auxiliary/scanner/http/hp_sitescope_getfileinternal_fileaccess.rb +++ b/modules/auxiliary/scanner/http/hp_sitescope_getfileinternal_fileaccess.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + [ 'OSVDB', '85119' ], [ 'BID', '55269' ], [ 'ZDI', '12-176' ] ], diff --git a/modules/auxiliary/scanner/http/hp_sitescope_getsitescopeconfiguration.rb b/modules/auxiliary/scanner/http/hp_sitescope_getsitescopeconfiguration.rb index 5b6ebcaeb3..10ec7754ba 100644 --- a/modules/auxiliary/scanner/http/hp_sitescope_getsitescopeconfiguration.rb +++ b/modules/auxiliary/scanner/http/hp_sitescope_getsitescopeconfiguration.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + [ 'OSVDB', '85120' ], [ 'BID', '55269' ], [ 'ZDI', '12-173' ] ], diff --git a/modules/auxiliary/scanner/http/hp_sitescope_loadfilecontent_fileaccess.rb b/modules/auxiliary/scanner/http/hp_sitescope_loadfilecontent_fileaccess.rb index 1808f8b3ff..17b63d8bad 100644 --- a/modules/auxiliary/scanner/http/hp_sitescope_loadfilecontent_fileaccess.rb +++ b/modules/auxiliary/scanner/http/hp_sitescope_loadfilecontent_fileaccess.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + [ 'OSVDB', '85118' ], [ 'BID', '55269' ], [ 'ZDI', '12-177' ] ], diff --git a/modules/auxiliary/scanner/http/http_put.rb b/modules/auxiliary/scanner/http/http_put.rb index 99722a2d36..5bcc5160d5 100644 --- a/modules/auxiliary/scanner/http/http_put.rb +++ b/modules/auxiliary/scanner/http/http_put.rb @@ -29,6 +29,10 @@ class MetasploitModule < Msf::Auxiliary 'sinn3r', ], 'License' => MSF_LICENSE, + 'References' => + [ + [ 'OSVDB', '397'], + ], 'Actions' => [ ['PUT'], diff --git a/modules/auxiliary/scanner/http/linksys_e1500_traversal.rb b/modules/auxiliary/scanner/http/linksys_e1500_traversal.rb index a08b048767..1cab8ba1ef 100644 --- a/modules/auxiliary/scanner/http/linksys_e1500_traversal.rb +++ b/modules/auxiliary/scanner/http/linksys_e1500_traversal.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary [ 'URL', 'http://www.s3cur1ty.de/m1adv2013-004' ], [ 'URL', 'http://homekb.cisco.com/Cisco2/ukp.aspx?pid=80&app=vw&vw=1&login=1&json=1&docid=d7d0a87be9864e20bc347a73f194411f_KB_EN_v1.xml' ], [ 'BID', '57760' ], + [ 'OSVDB', '89911' ], [ 'EDB', '24475' ] ], 'Author' => [ 'Michael Messner ' ], diff --git a/modules/auxiliary/scanner/http/litespeed_source_disclosure.rb b/modules/auxiliary/scanner/http/litespeed_source_disclosure.rb index 121dbe8fbe..fb0bbcdccd 100644 --- a/modules/auxiliary/scanner/http/litespeed_source_disclosure.rb +++ b/modules/auxiliary/scanner/http/litespeed_source_disclosure.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-2333' ], + [ 'OSVDB', '65476' ], [ 'BID', '40815' ], [ 'EDB', '13850' ] ], diff --git a/modules/auxiliary/scanner/http/majordomo2_directory_traversal.rb b/modules/auxiliary/scanner/http/majordomo2_directory_traversal.rb index 4e78361cdb..56f51d3877 100644 --- a/modules/auxiliary/scanner/http/majordomo2_directory_traversal.rb +++ b/modules/auxiliary/scanner/http/majordomo2_directory_traversal.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'Author' => ['Nikolas Sotiriu'], 'References' => [ + ['OSVDB', '70762'], ['CVE', '2011-0049'], ['CVE', '2011-0063'], ['URL', 'http://sotiriu.de/adv/NSOADV-2011-003.txt'], diff --git a/modules/auxiliary/scanner/http/manageengine_deviceexpert_traversal.rb b/modules/auxiliary/scanner/http/manageengine_deviceexpert_traversal.rb index 3269abe964..3596a665a0 100644 --- a/modules/auxiliary/scanner/http/manageengine_deviceexpert_traversal.rb +++ b/modules/auxiliary/scanner/http/manageengine_deviceexpert_traversal.rb @@ -21,6 +21,10 @@ class MetasploitModule < Msf::Auxiliary vulnerable machine. Please note that the SSL option is required in order to send HTTP requests. }, + 'References' => + [ + [ 'OSVDB', '80262'] + ], 'Author' => [ 'rgod', #Discovery diff --git a/modules/auxiliary/scanner/http/manageengine_deviceexpert_user_creds.rb b/modules/auxiliary/scanner/http/manageengine_deviceexpert_user_creds.rb index 058a875f30..2dd58d4e3f 100644 --- a/modules/auxiliary/scanner/http/manageengine_deviceexpert_user_creds.rb +++ b/modules/auxiliary/scanner/http/manageengine_deviceexpert_user_creds.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['EDB', '34449'], + ['OSVDB', '110522'], ['CVE', '2014-5377'] ], 'DisclosureDate' => 'Aug 28 2014')) diff --git a/modules/auxiliary/scanner/http/manageengine_securitymanager_traversal.rb b/modules/auxiliary/scanner/http/manageengine_securitymanager_traversal.rb index 947549a527..5f44f9f3c9 100644 --- a/modules/auxiliary/scanner/http/manageengine_securitymanager_traversal.rb +++ b/modules/auxiliary/scanner/http/manageengine_securitymanager_traversal.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + ['OSVDB', '86563'], ['EDB', '22092'] ], 'Author' => diff --git a/modules/auxiliary/scanner/http/mediawiki_svg_fileaccess.rb b/modules/auxiliary/scanner/http/mediawiki_svg_fileaccess.rb index 1adc85a56c..a23e7ede47 100644 --- a/modules/auxiliary/scanner/http/mediawiki_svg_fileaccess.rb +++ b/modules/auxiliary/scanner/http/mediawiki_svg_fileaccess.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + [ 'OSVDB', '92490' ], [ 'URL', 'https://bugzilla.wikimedia.org/show_bug.cgi?id=46859' ], [ 'URL', 'http://www.gossamer-threads.com/lists/wiki/mediawiki-announce/350229'] ], diff --git a/modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass.rb b/modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass.rb index aa3a60a8c8..110daab153 100644 --- a/modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass.rb +++ b/modules/auxiliary/scanner/http/ms09_020_webdav_unicode_bypass.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Auxiliary [ 'MSB', 'MS09-020' ], [ 'CVE', '2009-1535' ], [ 'CVE', '2009-1122' ], + [ 'OSVDB', '54555' ], [ 'BID', '34993' ], ] )) diff --git a/modules/auxiliary/scanner/http/netdecision_traversal.rb b/modules/auxiliary/scanner/http/netdecision_traversal.rb index 7393da90e9..d4fd40dbbc 100644 --- a/modules/auxiliary/scanner/http/netdecision_traversal.rb +++ b/modules/auxiliary/scanner/http/netdecision_traversal.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + [ 'OSVDB', '79863' ], [ 'URL', 'http://aluigi.altervista.org/adv/netdecision_1-adv.txt' ], ], 'Author' => diff --git a/modules/auxiliary/scanner/http/nginx_source_disclosure.rb b/modules/auxiliary/scanner/http/nginx_source_disclosure.rb index e53562621a..3ad8698df6 100644 --- a/modules/auxiliary/scanner/http/nginx_source_disclosure.rb +++ b/modules/auxiliary/scanner/http/nginx_source_disclosure.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-2263' ], + [ 'OSVDB', '65531' ], [ 'BID', '40760' ], [ 'EDB', '13818' ], [ 'EDB', '13822' ] diff --git a/modules/auxiliary/scanner/http/novell_mdm_creds.rb b/modules/auxiliary/scanner/http/novell_mdm_creds.rb index 724b54022d..7008ed04f3 100644 --- a/modules/auxiliary/scanner/http/novell_mdm_creds.rb +++ b/modules/auxiliary/scanner/http/novell_mdm_creds.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2013-1081'], + ['OSVDB', '91119'], ['URL', 'http://www.novell.com/support/kb/doc.php?id=7011895'] ], 'License' => MSF_LICENSE diff --git a/modules/auxiliary/scanner/http/options.rb b/modules/auxiliary/scanner/http/options.rb index 3b041f8644..466c9b75c3 100644 --- a/modules/auxiliary/scanner/http/options.rb +++ b/modules/auxiliary/scanner/http/options.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'CVE', '2005-3398'], [ 'CVE', '2005-3498'], + [ 'OSVDB', '877'], [ 'BID', '11604'], [ 'BID', '9506'], [ 'BID', '9561'] diff --git a/modules/auxiliary/scanner/http/s40_traversal.rb b/modules/auxiliary/scanner/http/s40_traversal.rb index ac9a061854..a4c42efdba 100644 --- a/modules/auxiliary/scanner/http/s40_traversal.rb +++ b/modules/auxiliary/scanner/http/s40_traversal.rb @@ -20,6 +20,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + [ 'OSVDB', '82469'], [ 'EDB', '17129' ] ], 'Author' => diff --git a/modules/auxiliary/scanner/http/simple_webserver_traversal.rb b/modules/auxiliary/scanner/http/simple_webserver_traversal.rb index 7ccf2488de..6e556b22b2 100644 --- a/modules/auxiliary/scanner/http/simple_webserver_traversal.rb +++ b/modules/auxiliary/scanner/http/simple_webserver_traversal.rb @@ -20,6 +20,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + [ 'OSVDB', '88877' ], [ 'EDB', '23886' ], [ 'URL', 'http://seclists.org/bugtraq/2013/Jan/12' ] ], diff --git a/modules/auxiliary/scanner/http/ssl_version.rb b/modules/auxiliary/scanner/http/ssl_version.rb index c652c04b4d..40b22af0f8 100644 --- a/modules/auxiliary/scanner/http/ssl_version.rb +++ b/modules/auxiliary/scanner/http/ssl_version.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'URL', 'http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html'], + [ 'OSVDB', '113251'], [ 'CVE', '2014-3566'] ], 'DisclosureDate' => 'Oct 14 2014' diff --git a/modules/auxiliary/scanner/http/support_center_plus_directory_traversal.rb b/modules/auxiliary/scanner/http/support_center_plus_directory_traversal.rb index 91ef432a8a..cccf57bee8 100644 --- a/modules/auxiliary/scanner/http/support_center_plus_directory_traversal.rb +++ b/modules/auxiliary/scanner/http/support_center_plus_directory_traversal.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['EDB', '31262'], + ['OSVDB', '102656'], ['BID', '65199'], ['PACKETSTORM', '124975'] ], diff --git a/modules/auxiliary/scanner/http/sybase_easerver_traversal.rb b/modules/auxiliary/scanner/http/sybase_easerver_traversal.rb index 86344e6347..d8e49a4e95 100644 --- a/modules/auxiliary/scanner/http/sybase_easerver_traversal.rb +++ b/modules/auxiliary/scanner/http/sybase_easerver_traversal.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2011-2474' ], + [ 'OSVDB', '72498' ], [ 'URL', 'http://www.sybase.com/detail?id=1093216' ], [ 'URL', 'https://labs.idefense.com/verisign/intelligence/2009/vulnerabilities/display.php?id=912' ], ], diff --git a/modules/auxiliary/scanner/http/symantec_brightmail_logfile.rb b/modules/auxiliary/scanner/http/symantec_brightmail_logfile.rb index cc0b7ada1f..b48d8560ae 100644 --- a/modules/auxiliary/scanner/http/symantec_brightmail_logfile.rb +++ b/modules/auxiliary/scanner/http/symantec_brightmail_logfile.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary [ ['CVE', '2012-4347'], ['EDB', '23110'], + ['OSVDB', '88165'], ['BID', '56789'], ['URL', 'http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00'] ], diff --git a/modules/auxiliary/scanner/http/tomcat_enum.rb b/modules/auxiliary/scanner/http/tomcat_enum.rb index a11059869e..314f77b7f2 100644 --- a/modules/auxiliary/scanner/http/tomcat_enum.rb +++ b/modules/auxiliary/scanner/http/tomcat_enum.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Auxiliary [ ['BID', '35196'], ['CVE', '2009-0580'], + ['OSVDB', '55055'], ], 'License' => MSF_LICENSE ) diff --git a/modules/auxiliary/scanner/http/tomcat_mgr_login.rb b/modules/auxiliary/scanner/http/tomcat_mgr_login.rb index b83f90d381..58e644bda0 100644 --- a/modules/auxiliary/scanner/http/tomcat_mgr_login.rb +++ b/modules/auxiliary/scanner/http/tomcat_mgr_login.rb @@ -23,8 +23,10 @@ class MetasploitModule < Msf::Auxiliary [ # HP Default Operations Manager user/pass [ 'CVE', '2009-3843' ], + [ 'OSVDB', '60317' ], [ 'BID', '37086' ], [ 'CVE', '2009-4189' ], + [ 'OSVDB', '60670' ], [ 'URL', 'http://www.harmonysecurity.com/blog/2009/11/hp-operations-manager-backdoor-account.html' ], [ 'ZDI', '09-085' ], @@ -42,6 +44,7 @@ class MetasploitModule < Msf::Auxiliary # 'admin' password is blank in default Windows installer [ 'CVE', '2009-3548' ], + [ 'OSVDB', '60176' ], [ 'BID', '36954' ], # General diff --git a/modules/auxiliary/scanner/http/tplink_traversal_noauth.rb b/modules/auxiliary/scanner/http/tplink_traversal_noauth.rb index 7a51c503c3..1bcadbbde9 100644 --- a/modules/auxiliary/scanner/http/tplink_traversal_noauth.rb +++ b/modules/auxiliary/scanner/http/tplink_traversal_noauth.rb @@ -20,6 +20,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2012-5687' ], + [ 'OSVDB', '86881' ], [ 'BID', '57969' ], [ 'EDB', '24504' ], [ 'URL', 'http://www.s3cur1ty.de/m1adv2013-011' ] diff --git a/modules/auxiliary/scanner/http/webpagetest_traversal.rb b/modules/auxiliary/scanner/http/webpagetest_traversal.rb index 7dd815fdbc..4641786e14 100644 --- a/modules/auxiliary/scanner/http/webpagetest_traversal.rb +++ b/modules/auxiliary/scanner/http/webpagetest_traversal.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['EDB', '19790'], + ['OSVDB', '83817'] ], 'Author' => [ diff --git a/modules/auxiliary/scanner/http/wordpress_login_enum.rb b/modules/auxiliary/scanner/http/wordpress_login_enum.rb index 904a291012..72acdebe94 100644 --- a/modules/auxiliary/scanner/http/wordpress_login_enum.rb +++ b/modules/auxiliary/scanner/http/wordpress_login_enum.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary [ ['BID', '35581'], ['CVE', '2009-2335'], + ['OSVDB', '55713'] ], 'License' => MSF_LICENSE ) diff --git a/modules/auxiliary/scanner/http/wp_dukapress_file_read.rb b/modules/auxiliary/scanner/http/wp_dukapress_file_read.rb index e6e3bffc62..1f8bf30ff2 100644 --- a/modules/auxiliary/scanner/http/wp_dukapress_file_read.rb +++ b/modules/auxiliary/scanner/http/wp_dukapress_file_read.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary ['EDB', '35346'], ['CVE', '2014-8799'], ['WPVDB', '7731'], + ['OSVDB', '115130'] ], 'Author' => [ diff --git a/modules/auxiliary/scanner/http/yaws_traversal.rb b/modules/auxiliary/scanner/http/yaws_traversal.rb index a8419ad3b5..7947f768c2 100644 --- a/modules/auxiliary/scanner/http/yaws_traversal.rb +++ b/modules/auxiliary/scanner/http/yaws_traversal.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2011-4350'], + ['OSVDB', '77581'], ['URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=757181'] ], 'DisclosureDate' => "Nov 25 2011" diff --git a/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero.rb b/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero.rb index af45da11dc..a8e64e9258 100644 --- a/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero.rb +++ b/modules/auxiliary/scanner/ipmi/ipmi_cipher_zero.rb @@ -25,6 +25,9 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['URL', 'http://fish2.com/ipmi/cipherzero.html'], + ['OSVDB', '93038'], + ['OSVDB', '93039'], + ['OSVDB', '93040'], ], 'DisclosureDate' => 'Jun 20 2013' diff --git a/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb b/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb index 8937c6c840..6627284b08 100644 --- a/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb +++ b/modules/auxiliary/scanner/ipmi/ipmi_dumphashes.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Auxiliary ['URL', 'http://fish2.com/ipmi/remote-pw-cracking.html'], ['URL', 'http://seclists.org/bugtraq/2014/Apr/16'], # HP's SSRT101367 ['CVE', '2013-4786'], + ['OSVDB', '95057'], ['BID', '61076'], ], 'DisclosureDate' => 'Jun 20 2013' diff --git a/modules/auxiliary/scanner/misc/sercomm_backdoor_scanner.rb b/modules/auxiliary/scanner/misc/sercomm_backdoor_scanner.rb index f039724e0a..8b9ecfc9cb 100644 --- a/modules/auxiliary/scanner/misc/sercomm_backdoor_scanner.rb +++ b/modules/auxiliary/scanner/misc/sercomm_backdoor_scanner.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '101653' ], [ 'URL', 'https://github.com/elvanderb/TCP-32764' ] ], 'DisclosureDate' => "Dec 31 2013" )) diff --git a/modules/auxiliary/scanner/misc/zenworks_preboot_fileaccess.rb b/modules/auxiliary/scanner/misc/zenworks_preboot_fileaccess.rb index a2d3b6f0dc..25bf30368e 100644 --- a/modules/auxiliary/scanner/misc/zenworks_preboot_fileaccess.rb +++ b/modules/auxiliary/scanner/misc/zenworks_preboot_fileaccess.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2012-2215' ], + [ 'OSVDB', '80230' ], [ 'URL', 'http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=975' ] ] )) diff --git a/modules/auxiliary/scanner/mysql/mysql_authbypass_hashdump.rb b/modules/auxiliary/scanner/mysql/mysql_authbypass_hashdump.rb index 6b48e6cb3a..03ae86a4bb 100644 --- a/modules/auxiliary/scanner/mysql/mysql_authbypass_hashdump.rb +++ b/modules/auxiliary/scanner/mysql/mysql_authbypass_hashdump.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary ], 'References' => [ ['CVE', '2012-2122'], + ['OSVDB', '82804'], ['URL', 'https://community.rapid7.com/community/metasploit/blog/2012/06/11/cve-2012-2122-a-tragically-comedic-security-flaw-in-mysql'] ], 'DisclosureDate' => 'Jun 09 2012', diff --git a/modules/auxiliary/scanner/sap/sap_hostctrl_getcomputersystem.rb b/modules/auxiliary/scanner/sap/sap_hostctrl_getcomputersystem.rb index e4353b5e6e..5acb133b6b 100644 --- a/modules/auxiliary/scanner/sap/sap_hostctrl_getcomputersystem.rb +++ b/modules/auxiliary/scanner/sap/sap_hostctrl_getcomputersystem.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary [ # General ['CVE', '2013-3319'], + ['OSVDB', '95616'], ['BID', '61402'], ['URL', 'https://service.sap.com/sap/support/notes/1816536'], ['URL', 'http://labs.integrity.pt/advisories/cve-2013-3319/'] diff --git a/modules/auxiliary/scanner/sap/sap_soap_rfc_pfl_check_os_file_existence.rb b/modules/auxiliary/scanner/sap/sap_soap_rfc_pfl_check_os_file_existence.rb index 2f34d39ee3..2a5dc93882 100644 --- a/modules/auxiliary/scanner/sap/sap_soap_rfc_pfl_check_os_file_existence.rb +++ b/modules/auxiliary/scanner/sap/sap_soap_rfc_pfl_check_os_file_existence.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ + [ 'OSVDB', '78537' ], [ 'BID', '51645' ], [ 'URL','http://erpscan.com/advisories/dsecrg-12-009-sap-netweaver-pfl_check_os_file_existence-missing-authorisation-check-and-smb-relay-vulnerability/' ] ], diff --git a/modules/auxiliary/scanner/sap/sap_soap_rfc_rzl_read_dir.rb b/modules/auxiliary/scanner/sap/sap_soap_rfc_rzl_read_dir.rb index e80305d2e5..4a78406fc9 100644 --- a/modules/auxiliary/scanner/sap/sap_soap_rfc_rzl_read_dir.rb +++ b/modules/auxiliary/scanner/sap/sap_soap_rfc_rzl_read_dir.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Auxiliary capture SMB hashes by using a fake SMB share as DIR. }, 'References' => [ + [ 'OSVDB', '92732'], [ 'URL', 'http://erpscan.com/advisories/dsecrg-12-026-sap-netweaver-rzl_read_dir_local-missing-authorization-check-and-smb-relay-vulnerability/' ] ], 'Author' => diff --git a/modules/auxiliary/scanner/scada/indusoft_ntwebserver_fileaccess.rb b/modules/auxiliary/scanner/scada/indusoft_ntwebserver_fileaccess.rb index d43daa3d17..ab3545a5bf 100644 --- a/modules/auxiliary/scanner/scada/indusoft_ntwebserver_fileaccess.rb +++ b/modules/auxiliary/scanner/scada/indusoft_ntwebserver_fileaccess.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2011-1900' ], + [ 'OSVDB', '73413' ], [ 'BID', '47842' ], [ 'URL', 'http://www.indusoft.com/hotfixes/hotfixes.php' ] ], diff --git a/modules/auxiliary/scanner/scada/sielco_winlog_fileaccess.rb b/modules/auxiliary/scanner/scada/sielco_winlog_fileaccess.rb index a46018322f..d9dfc144ff 100644 --- a/modules/auxiliary/scanner/scada/sielco_winlog_fileaccess.rb +++ b/modules/auxiliary/scanner/scada/sielco_winlog_fileaccess.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Auxiliary ], 'References' => [ + [ 'OSVDB', '83275' ], [ 'BID', '54212' ], [ 'EDB', '19409'], [ 'URL', 'http://aluigi.altervista.org/adv/winlog_2-adv.txt' ] diff --git a/modules/auxiliary/scanner/smb/psexec_loggedin_users.rb b/modules/auxiliary/scanner/smb/psexec_loggedin_users.rb index 64b470087b..c150e7e810 100644 --- a/modules/auxiliary/scanner/smb/psexec_loggedin_users.rb +++ b/modules/auxiliary/scanner/smb/psexec_loggedin_users.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Auxiliary ], 'References' => [ [ 'CVE', '1999-0504'], # Administrator with no password (since this is the default) + [ 'OSVDB', '3106'], [ 'URL', 'http://www.pentestgeek.com/2012/11/05/finding-logged-in-users-metasploit-module/' ], [ 'URL', 'http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx' ] ], diff --git a/modules/auxiliary/scanner/smb/smb_uninit_cred.rb b/modules/auxiliary/scanner/smb/smb_uninit_cred.rb index c97b4df04e..9ffcc26c16 100644 --- a/modules/auxiliary/scanner/smb/smb_uninit_cred.rb +++ b/modules/auxiliary/scanner/smb/smb_uninit_cred.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2015-0240'], + ['OSVDB', '118637'], ['URL', 'https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/'], ['URL', 'https://gist.github.com/worawit/33cc5534cb555a0b710b'], ['URL', 'https://www.nccgroup.com/en/blog/2015/03/samba-_netr_serverpasswordset-expoitability-analysis/'] diff --git a/modules/auxiliary/scanner/smtp/smtp_enum.rb b/modules/auxiliary/scanner/smtp/smtp_enum.rb index 2159faf881..ba2a9d2604 100644 --- a/modules/auxiliary/scanner/smtp/smtp_enum.rb +++ b/modules/auxiliary/scanner/smtp/smtp_enum.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['URL', 'http://www.ietf.org/rfc/rfc2821.txt'], + ['OSVDB', '12551'], ['CVE', '1999-0531'] ], 'Author' => diff --git a/modules/auxiliary/scanner/snmp/sbg6580_enum.rb b/modules/auxiliary/scanner/snmp/sbg6580_enum.rb index 1ab9ea6fb4..1e09a58b45 100644 --- a/modules/auxiliary/scanner/snmp/sbg6580_enum.rb +++ b/modules/auxiliary/scanner/snmp/sbg6580_enum.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'URL', 'http://seclists.org/fulldisclosure/2014/May/79' ], [ 'URL', 'http://www.arrisi.com/modems/datasheet/SBG6580/SBG6580_UserGuide.pdf' ], + [ 'OSVDB', '110555' ] ], 'Author' => 'Matthew Kienow ', 'License' => MSF_LICENSE diff --git a/modules/auxiliary/scanner/ssh/ssh_enumusers.rb b/modules/auxiliary/scanner/ssh/ssh_enumusers.rb index 38e27ed26b..0b817c1c14 100644 --- a/modules/auxiliary/scanner/ssh/ssh_enumusers.rb +++ b/modules/auxiliary/scanner/ssh/ssh_enumusers.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2006-5229'], + ['OSVDB', '32721'], ['BID', '20418'] ], 'License' => MSF_LICENSE diff --git a/modules/auxiliary/scanner/tftp/ipswitch_whatsupgold_tftp.rb b/modules/auxiliary/scanner/tftp/ipswitch_whatsupgold_tftp.rb index 91ce0b5344..21b13ad5ce 100644 --- a/modules/auxiliary/scanner/tftp/ipswitch_whatsupgold_tftp.rb +++ b/modules/auxiliary/scanner/tftp/ipswitch_whatsupgold_tftp.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary ], 'References' => [ + ['OSVDB', '77455'], ['BID', '50890'], ['EDB', '18189'], ['URL', 'http://secpod.org/advisories/SecPod_Ipswitch_TFTP_Server_Dir_Trav.txt'], diff --git a/modules/auxiliary/scanner/tftp/netdecision_tftp.rb b/modules/auxiliary/scanner/tftp/netdecision_tftp.rb index fed0342434..eaef1b8f21 100644 --- a/modules/auxiliary/scanner/tftp/netdecision_tftp.rb +++ b/modules/auxiliary/scanner/tftp/netdecision_tftp.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2009-1730'], + ['OSVDB', '54607'], ['BID', '35002'] ], 'DisclosureDate' => "May 16 2009" diff --git a/modules/auxiliary/scanner/vmware/vmware_server_dir_trav.rb b/modules/auxiliary/scanner/vmware/vmware_server_dir_trav.rb index c6e2af0716..52f6bd5fd2 100644 --- a/modules/auxiliary/scanner/vmware/vmware_server_dir_trav.rb +++ b/modules/auxiliary/scanner/vmware/vmware_server_dir_trav.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'URL', 'http://www.vmware.com/security/advisories/VMSA-2009-0015.html' ], + [ 'OSVDB', '59440' ], [ 'BID', '36842' ], [ 'CVE', '2009-3733' ], [ 'URL', 'http://fyrmassociates.com/tools/gueststealer-v1.1.pl' ] diff --git a/modules/auxiliary/scanner/x11/open_x11.rb b/modules/auxiliary/scanner/x11/open_x11.rb index af378ee1d2..1ca3590286 100644 --- a/modules/auxiliary/scanner/x11/open_x11.rb +++ b/modules/auxiliary/scanner/x11/open_x11.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'Author' => ['tebo '], 'References' => [ + ['OSVDB', '309'], ['CVE', '1999-0526'], ], 'License' => MSF_LICENSE diff --git a/modules/auxiliary/server/dhclient_bash_env.rb b/modules/auxiliary/server/dhclient_bash_env.rb index 4821dab610..edb64ec9e4 100644 --- a/modules/auxiliary/server/dhclient_bash_env.rb +++ b/modules/auxiliary/server/dhclient_bash_env.rb @@ -39,6 +39,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ ['CVE', '2014-6271'], ['CWE', '94'], + ['OSVDB', '112004'], ['EDB', '34765'], ['URL', 'https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/'], ['URL', 'http://seclists.org/oss-sec/2014/q3/649'], diff --git a/modules/auxiliary/spoof/arp/arp_poisoning.rb b/modules/auxiliary/spoof/arp/arp_poisoning.rb index a8511f21a7..aacfb39fd4 100644 --- a/modules/auxiliary/spoof/arp/arp_poisoning.rb +++ b/modules/auxiliary/spoof/arp/arp_poisoning.rb @@ -21,10 +21,11 @@ class MetasploitModule < Msf::Auxiliary 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '11169'], ['CVE', '1999-0667'], ['URL', 'http://en.wikipedia.org/wiki/ARP_spoofing'] ], - 'DisclosureDate' => 'Dec 22 1999' + 'DisclosureDate' => 'Dec 22 1999' #osvdb date ) register_options([ diff --git a/modules/auxiliary/spoof/dns/bailiwicked_domain.rb b/modules/auxiliary/spoof/dns/bailiwicked_domain.rb index dec728ca26..4960895c92 100644 --- a/modules/auxiliary/spoof/dns/bailiwicked_domain.rb +++ b/modules/auxiliary/spoof/dns/bailiwicked_domain.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-1447' ], + [ 'OSVDB', '46776'], [ 'US-CERT-VU', '800113' ], [ 'URL', 'http://www.caughq.org/exploits/CAU-EX-2008-0003.txt' ], ], diff --git a/modules/auxiliary/spoof/dns/bailiwicked_host.rb b/modules/auxiliary/spoof/dns/bailiwicked_host.rb index 10496878dc..b15069e1ae 100644 --- a/modules/auxiliary/spoof/dns/bailiwicked_host.rb +++ b/modules/auxiliary/spoof/dns/bailiwicked_host.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-1447' ], + [ 'OSVDB', '46776'], [ 'US-CERT-VU', '800113' ], [ 'URL', 'http://www.caughq.org/exploits/CAU-EX-2008-0002.txt' ], ], diff --git a/modules/auxiliary/sqli/oracle/dbms_cdc_ipublish.rb b/modules/auxiliary/sqli/oracle/dbms_cdc_ipublish.rb index 78840a7f9d..9c91ad82f0 100644 --- a/modules/auxiliary/sqli/oracle/dbms_cdc_ipublish.rb +++ b/modules/auxiliary/sqli/oracle/dbms_cdc_ipublish.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-3996' ], + [ 'OSVDB', '49321'] ], 'DisclosureDate' => 'Oct 22 2008')) diff --git a/modules/auxiliary/sqli/oracle/dbms_cdc_publish.rb b/modules/auxiliary/sqli/oracle/dbms_cdc_publish.rb index 0c9dee70c2..044e891078 100644 --- a/modules/auxiliary/sqli/oracle/dbms_cdc_publish.rb +++ b/modules/auxiliary/sqli/oracle/dbms_cdc_publish.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-3995' ], + [ 'OSVDB', '49320'] ], 'DisclosureDate' => 'Oct 22 2008')) diff --git a/modules/auxiliary/sqli/oracle/dbms_cdc_publish2.rb b/modules/auxiliary/sqli/oracle/dbms_cdc_publish2.rb index 97c22152f7..550371ede9 100644 --- a/modules/auxiliary/sqli/oracle/dbms_cdc_publish2.rb +++ b/modules/auxiliary/sqli/oracle/dbms_cdc_publish2.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-0870' ], + [ 'OSVDB', '63772'], [ 'URL', 'http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2010.html' ] ], 'DisclosureDate' => 'Apr 26 2010')) diff --git a/modules/auxiliary/sqli/oracle/dbms_cdc_publish3.rb b/modules/auxiliary/sqli/oracle/dbms_cdc_publish3.rb index 496b5895ef..ac55375e17 100644 --- a/modules/auxiliary/sqli/oracle/dbms_cdc_publish3.rb +++ b/modules/auxiliary/sqli/oracle/dbms_cdc_publish3.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-2415' ], + [ 'OSVDB', '70078'], [ 'URL', 'http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html' ], ], 'DisclosureDate' => 'Oct 13 2010')) diff --git a/modules/auxiliary/sqli/oracle/dbms_cdc_subscribe_activate_subscription.rb b/modules/auxiliary/sqli/oracle/dbms_cdc_subscribe_activate_subscription.rb index 438314fc02..1d19d2c094 100644 --- a/modules/auxiliary/sqli/oracle/dbms_cdc_subscribe_activate_subscription.rb +++ b/modules/auxiliary/sqli/oracle/dbms_cdc_subscribe_activate_subscription.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Auxiliary [ [ 'CVE', '2005-4832'], [ 'BID', '13236' ], + [ 'OSVDB', '15553' ], [ 'URL', 'http://www.appsecinc.com/resources/alerts/oracle/2005-02.html'], [ 'URL', 'http://www.argeniss.com/research/OraDBMS_CDC_SUBSCRIBEExploit.txt'] ], diff --git a/modules/auxiliary/sqli/oracle/dbms_export_extension.rb b/modules/auxiliary/sqli/oracle/dbms_export_extension.rb index 4a740bad30..1ce9b91f56 100644 --- a/modules/auxiliary/sqli/oracle/dbms_export_extension.rb +++ b/modules/auxiliary/sqli/oracle/dbms_export_extension.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2006-2081' ], + [ 'OSVDB', '25002' ], [ 'BID', '17699' ], [ 'URL', 'http://www.red-database-security.com/exploits/oracle-sql-injection-oracle-dbms_export_extension.html' ], ], diff --git a/modules/auxiliary/sqli/oracle/droptable_trigger.rb b/modules/auxiliary/sqli/oracle/droptable_trigger.rb index 4fef7aea57..e2e0520df4 100644 --- a/modules/auxiliary/sqli/oracle/droptable_trigger.rb +++ b/modules/auxiliary/sqli/oracle/droptable_trigger.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-3979' ], + [ 'OSVDB', '51354' ], [ 'URL', 'http://www.securityfocus.com/archive/1/500061' ], [ 'URL', 'http://www.ngssoftware.com/' ], ], diff --git a/modules/auxiliary/sqli/oracle/jvm_os_code_10g.rb b/modules/auxiliary/sqli/oracle/jvm_os_code_10g.rb index af1fc3ef83..b6384a70ea 100644 --- a/modules/auxiliary/sqli/oracle/jvm_os_code_10g.rb +++ b/modules/auxiliary/sqli/oracle/jvm_os_code_10g.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-0866'], + [ 'OSVDB', '62184'], [ 'URL', 'http://blackhat.com/html/bh-dc-10/bh-dc-10-archives.html#Litchfield' ], [ 'URL', 'http://www.notsosecure.com/folder2/2010/02/04/hacking-oracle-11g/' ], ], diff --git a/modules/auxiliary/sqli/oracle/jvm_os_code_11g.rb b/modules/auxiliary/sqli/oracle/jvm_os_code_11g.rb index 3cacf1296f..a01efd8bc6 100644 --- a/modules/auxiliary/sqli/oracle/jvm_os_code_11g.rb +++ b/modules/auxiliary/sqli/oracle/jvm_os_code_11g.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2010-0866'], + [ 'OSVDB', '62184'], [ 'URL', 'http://blackhat.com/html/bh-dc-10/bh-dc-10-archives.html#Litchfield' ], [ 'URL', 'http://www.notsosecure.com/folder2/2010/02/04/hacking-oracle-11g/' ], ], diff --git a/modules/auxiliary/sqli/oracle/lt_compressworkspace.rb b/modules/auxiliary/sqli/oracle/lt_compressworkspace.rb index 28bed502ce..aa36759b4c 100644 --- a/modules/auxiliary/sqli/oracle/lt_compressworkspace.rb +++ b/modules/auxiliary/sqli/oracle/lt_compressworkspace.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-3982'], + [ 'OSVDB', '49324'], [ 'URL', 'http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2008.html' ] ], 'DisclosureDate' => 'Oct 13 2008')) diff --git a/modules/auxiliary/sqli/oracle/lt_findricset_cursor.rb b/modules/auxiliary/sqli/oracle/lt_findricset_cursor.rb index fd81c10458..163d335998 100644 --- a/modules/auxiliary/sqli/oracle/lt_findricset_cursor.rb +++ b/modules/auxiliary/sqli/oracle/lt_findricset_cursor.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2007-5511'], + [ 'OSVDB', '40079'], [ 'BID', '26098' ], [ 'URL', 'http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2007.html'], ], diff --git a/modules/auxiliary/sqli/oracle/lt_mergeworkspace.rb b/modules/auxiliary/sqli/oracle/lt_mergeworkspace.rb index 9f764d6b50..701050daf0 100644 --- a/modules/auxiliary/sqli/oracle/lt_mergeworkspace.rb +++ b/modules/auxiliary/sqli/oracle/lt_mergeworkspace.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-3983'], + [ 'OSVDB', '49325'], [ 'URL', 'http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2008.html' ], [ 'URL', 'http://www.dsecrg.com/pages/expl/show.php?id=23' ] diff --git a/modules/auxiliary/sqli/oracle/lt_removeworkspace.rb b/modules/auxiliary/sqli/oracle/lt_removeworkspace.rb index 96e3f27272..18c8f676f8 100644 --- a/modules/auxiliary/sqli/oracle/lt_removeworkspace.rb +++ b/modules/auxiliary/sqli/oracle/lt_removeworkspace.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2008-3984' ], + [ 'OSVDB', '49326'] ], 'DisclosureDate' => 'Oct 13 2008')) diff --git a/modules/auxiliary/sqli/oracle/lt_rollbackworkspace.rb b/modules/auxiliary/sqli/oracle/lt_rollbackworkspace.rb index 9e849fa2c3..50afc10cc0 100644 --- a/modules/auxiliary/sqli/oracle/lt_rollbackworkspace.rb +++ b/modules/auxiliary/sqli/oracle/lt_rollbackworkspace.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Auxiliary 'References' => [ [ 'CVE', '2009-0978' ], + [ 'OSVDB', '53734'], [ 'URL', 'http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html' ], ], 'DisclosureDate' => 'May 4 2009')) diff --git a/modules/exploits/aix/local/ibstat_path.rb b/modules/exploits/aix/local/ibstat_path.rb index 274e634b28..f1b171b225 100644 --- a/modules/exploits/aix/local/ibstat_path.rb +++ b/modules/exploits/aix/local/ibstat_path.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Local ], "References" => [ ["CVE", "2013-4011"], + ["OSVDB", "95420"], ["BID", "61287"], ["URL", "http://www-01.ibm.com/support/docview.wss?uid=isg1IV43827"], ["URL", "http://www-01.ibm.com/support/docview.wss?uid=isg1IV43756"] diff --git a/modules/exploits/aix/rpc_cmsd_opcode21.rb b/modules/exploits/aix/rpc_cmsd_opcode21.rb index e8797bef90..cae0405028 100644 --- a/modules/exploits/aix/rpc_cmsd_opcode21.rb +++ b/modules/exploits/aix/rpc_cmsd_opcode21.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3699' ], + [ 'OSVDB', '58726' ], [ 'BID', '36615' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=825' ], [ 'URL', 'http://aix.software.ibm.com/aix/efixes/security/cmsd_advisory.asc' ] diff --git a/modules/exploits/aix/rpc_ttdbserverd_realpath.rb b/modules/exploits/aix/rpc_ttdbserverd_realpath.rb index 9d7614cf24..758de4da37 100644 --- a/modules/exploits/aix/rpc_ttdbserverd_realpath.rb +++ b/modules/exploits/aix/rpc_ttdbserverd_realpath.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-2727'], + [ 'OSVDB', '55151' ] ], 'Payload' => { diff --git a/modules/exploits/android/browser/samsung_knox_smdm_url.rb b/modules/exploits/android/browser/samsung_knox_smdm_url.rb index 97557d5c4b..6eb7887d6f 100644 --- a/modules/exploits/android/browser/samsung_knox_smdm_url.rb +++ b/modules/exploits/android/browser/samsung_knox_smdm_url.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ ['URL', 'http://blog.quarkslab.com/abusing-samsung-knox-to-remotely-install-a-malicious-application-story-of-a-half-patched-vulnerability.html'], + ['OSVDB', '114590'] ], 'Platform' => 'android', 'Arch' => ARCH_DALVIK, diff --git a/modules/exploits/android/browser/webview_addjavascriptinterface.rb b/modules/exploits/android/browser/webview_addjavascriptinterface.rb index 5dc6e07bf4..8154bd8d76 100644 --- a/modules/exploits/android/browser/webview_addjavascriptinterface.rb +++ b/modules/exploits/android/browser/webview_addjavascriptinterface.rb @@ -65,6 +65,7 @@ class MetasploitModule < Msf::Exploit::Remote ['CVE', '2012-6636'], # original CVE for addJavascriptInterface ['CVE', '2013-4710'], # native browser addJavascriptInterface (searchBoxJavaBridge_) ['EDB', '31519'], + ['OSVDB', '97520'] ], 'Platform' => ['android', 'linux'], 'Arch' => [ARCH_DALVIK, ARCH_X86, ARCH_ARMLE, ARCH_MIPSLE], diff --git a/modules/exploits/android/fileformat/adobe_reader_pdf_js_interface.rb b/modules/exploits/android/fileformat/adobe_reader_pdf_js_interface.rb index e05bbd54f5..3440245813 100644 --- a/modules/exploits/android/fileformat/adobe_reader_pdf_js_interface.rb +++ b/modules/exploits/android/fileformat/adobe_reader_pdf_js_interface.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2014-0514' ], [ 'EDB', '32884' ], + [ 'OSVDB', '105781' ], ], 'Platform' => 'android', 'DefaultOptions' => { diff --git a/modules/exploits/apple_ios/browser/safari_libtiff.rb b/modules/exploits/apple_ios/browser/safari_libtiff.rb index be1b22f768..79316f8a10 100644 --- a/modules/exploits/apple_ios/browser/safari_libtiff.rb +++ b/modules/exploits/apple_ios/browser/safari_libtiff.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-3459'], + ['OSVDB', '27723'], ['BID', '19283'] ], 'Payload' => diff --git a/modules/exploits/apple_ios/email/mobilemail_libtiff.rb b/modules/exploits/apple_ios/email/mobilemail_libtiff.rb index 9cf2f813c4..25d7a2c2e1 100644 --- a/modules/exploits/apple_ios/email/mobilemail_libtiff.rb +++ b/modules/exploits/apple_ios/email/mobilemail_libtiff.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-3459'], + ['OSVDB', '27723'], ['BID', '19283'] ], 'Stance' => Msf::Exploit::Stance::Passive, diff --git a/modules/exploits/apple_ios/ssh/cydia_default_ssh.rb b/modules/exploits/apple_ios/ssh/cydia_default_ssh.rb index 49ab52db8a..8b0143ea98 100644 --- a/modules/exploits/apple_ios/ssh/cydia_default_ssh.rb +++ b/modules/exploits/apple_ios/ssh/cydia_default_ssh.rb @@ -24,6 +24,10 @@ class MetasploitModule < Msf::Exploit::Remote [ 'hdm' ], + 'References' => + [ + ['OSVDB', '61284'] + ], 'DefaultOptions' => { 'EXITFUNC' => 'thread' diff --git a/modules/exploits/bsdi/softcart/mercantec_softcart.rb b/modules/exploits/bsdi/softcart/mercantec_softcart.rb index ff71a564d7..a7c3cca617 100644 --- a/modules/exploits/bsdi/softcart/mercantec_softcart.rb +++ b/modules/exploits/bsdi/softcart/mercantec_softcart.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-2221'], + [ 'OSVDB', '9011'], [ 'BID', '10926'], ], 'Privileged' => false, diff --git a/modules/exploits/dialup/multi/login/manyargs.rb b/modules/exploits/dialup/multi/login/manyargs.rb index 29ad3bd200..7cef87bd46 100644 --- a/modules/exploits/dialup/multi/login/manyargs.rb +++ b/modules/exploits/dialup/multi/login/manyargs.rb @@ -21,6 +21,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2001-0797'], + [ 'OSVDB', '690'], + [ 'OSVDB', '691'], [ 'BID', '3681'], [ 'URL', 'http://archives.neohapsis.com/archives/bugtraq/2002-10/0014.html'], [ 'URL', 'http://archives.neohapsis.com/archives/bugtraq/2004-12/0404.html'], diff --git a/modules/exploits/freebsd/ftp/proftp_telnet_iac.rb b/modules/exploits/freebsd/ftp/proftp_telnet_iac.rb index 54fde2bc06..9e103542ab 100644 --- a/modules/exploits/freebsd/ftp/proftp_telnet_iac.rb +++ b/modules/exploits/freebsd/ftp/proftp_telnet_iac.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2010-4221'], + ['OSVDB', '68985'], ['BID', '44562'] ], 'DefaultOptions' => diff --git a/modules/exploits/freebsd/local/mmap.rb b/modules/exploits/freebsd/local/mmap.rb index 89e20ca36c..8756789024 100644 --- a/modules/exploits/freebsd/local/mmap.rb +++ b/modules/exploits/freebsd/local/mmap.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ [ 'CVE', '2013-2171' ], + [ 'OSVDB', '94414' ], [ 'EDB', '26368' ], [ 'BID', '60615' ], [ 'URL', 'http://www.freebsd.org/security/advisories/FreeBSD-SA-13:06.mmap.asc' ] diff --git a/modules/exploits/freebsd/samba/trans2open.rb b/modules/exploits/freebsd/samba/trans2open.rb index c9da41cc7a..b954027c17 100644 --- a/modules/exploits/freebsd/samba/trans2open.rb +++ b/modules/exploits/freebsd/samba/trans2open.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0201' ], + [ 'OSVDB', '4469' ], [ 'BID', '7294' ], [ 'URL', 'http://seclists.org/bugtraq/2003/Apr/103' ] ], diff --git a/modules/exploits/freebsd/tacacs/xtacacsd_report.rb b/modules/exploits/freebsd/tacacs/xtacacsd_report.rb index 9d731a15ea..d58dd31fc0 100644 --- a/modules/exploits/freebsd/tacacs/xtacacsd_report.rb +++ b/modules/exploits/freebsd/tacacs/xtacacsd_report.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2008-7232'], + ['OSVDB', '58140'], ['URL', 'http://aluigi.altervista.org/adv/xtacacsdz-adv.txt'], ], 'Payload' => diff --git a/modules/exploits/freebsd/telnet/telnet_encrypt_keyid.rb b/modules/exploits/freebsd/telnet/telnet_encrypt_keyid.rb index c4ede02c81..3b5e5ebea2 100644 --- a/modules/exploits/freebsd/telnet/telnet_encrypt_keyid.rb +++ b/modules/exploits/freebsd/telnet/telnet_encrypt_keyid.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-4862'], + ['OSVDB', '78020'], ['BID', '51182'], ['EDB', '18280'] ], diff --git a/modules/exploits/hpux/lpd/cleanup_exec.rb b/modules/exploits/hpux/lpd/cleanup_exec.rb index b44bac932f..c4bbe2df1b 100644 --- a/modules/exploits/hpux/lpd/cleanup_exec.rb +++ b/modules/exploits/hpux/lpd/cleanup_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2002-1473'], + [ 'OSVDB', '9638'], [ 'URL', 'http://archives.neohapsis.com/archives/hp/2002-q3/0064.html'], ], diff --git a/modules/exploits/irix/lpd/tagprinter_exec.rb b/modules/exploits/irix/lpd/tagprinter_exec.rb index 21fa483ed1..e07c08159b 100644 --- a/modules/exploits/irix/lpd/tagprinter_exec.rb +++ b/modules/exploits/irix/lpd/tagprinter_exec.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2001-0800'], + ['OSVDB', '8573'] ], 'Privileged' => false, 'Platform' => %w{ irix unix }, diff --git a/modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb b/modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb index ee08153668..a783d4ed8f 100644 --- a/modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb +++ b/modules/exploits/linux/browser/adobe_flashplayer_aslaunch.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2008-5499'], + ['OSVDB', '50796'], ['BID', '32896'], ['URL', 'http://www.adobe.com/support/security/bulletins/apsb08-24.html'] ], diff --git a/modules/exploits/linux/ftp/proftp_sreplace.rb b/modules/exploits/linux/ftp/proftp_sreplace.rb index 93f3da329c..5f48bd4176 100644 --- a/modules/exploits/linux/ftp/proftp_sreplace.rb +++ b/modules/exploits/linux/ftp/proftp_sreplace.rb @@ -53,6 +53,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-5815' ], + [ 'OSVDB', '68985' ], [ 'BID', '20992' ], [ 'URL', 'http://seclists.org/bugtraq/2006/Nov/94' ], [ 'URL', 'http://seclists.org/bugtraq/2006/Nov/538' ], diff --git a/modules/exploits/linux/ftp/proftp_telnet_iac.rb b/modules/exploits/linux/ftp/proftp_telnet_iac.rb index 368c17b11e..fb7f6cf438 100644 --- a/modules/exploits/linux/ftp/proftp_telnet_iac.rb +++ b/modules/exploits/linux/ftp/proftp_telnet_iac.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2010-4221'], + ['OSVDB', '68985'], ['BID', '44562'] ], 'DefaultOptions' => diff --git a/modules/exploits/linux/games/ut2004_secure.rb b/modules/exploits/linux/games/ut2004_secure.rb index a0d15fc575..caa3c9a700 100644 --- a/modules/exploits/linux/games/ut2004_secure.rb +++ b/modules/exploits/linux/games/ut2004_secure.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-0608'], + [ 'OSVDB', '7217'], [ 'BID', '10570'], ], diff --git a/modules/exploits/linux/http/advantech_switch_bash_env_exec.rb b/modules/exploits/linux/http/advantech_switch_bash_env_exec.rb index c13758b6e1..609ad4d5e2 100644 --- a/modules/exploits/linux/http/advantech_switch_bash_env_exec.rb +++ b/modules/exploits/linux/http/advantech_switch_bash_env_exec.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2014-6271'], ['CWE', '94'], + ['OSVDB', '112004'], ['EDB', '34765'], ['URL', 'https://community.rapid7.com/community/infosec/blog/2015/12/01/r7-2015-25-advantech-eki-multiple-known-vulnerabilities'], ['URL', 'https://access.redhat.com/articles/1200223'], diff --git a/modules/exploits/linux/http/alcatel_omnipcx_mastercgi_exec.rb b/modules/exploits/linux/http/alcatel_omnipcx_mastercgi_exec.rb index 93c6b58197..19557b6ae7 100644 --- a/modules/exploits/linux/http/alcatel_omnipcx_mastercgi_exec.rb +++ b/modules/exploits/linux/http/alcatel_omnipcx_mastercgi_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '40521' ], [ 'BID', '25694' ], [ 'CVE', '2007-3010' ], [ 'URL', 'http://www1.alcatel-lucent.com/psirt/statements/2007002/OXEUMT.htm' ], diff --git a/modules/exploits/linux/http/alienvault_sqli_exec.rb b/modules/exploits/linux/http/alienvault_sqli_exec.rb index 82c7b25619..caafb37989 100644 --- a/modules/exploits/linux/http/alienvault_sqli_exec.rb +++ b/modules/exploits/linux/http/alienvault_sqli_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '106252'], ['EDB', '33006'] ], 'DefaultOptions' => diff --git a/modules/exploits/linux/http/astium_sqli_upload.rb b/modules/exploits/linux/http/astium_sqli_upload.rb index 64718e54a7..5199a63285 100644 --- a/modules/exploits/linux/http/astium_sqli_upload.rb +++ b/modules/exploits/linux/http/astium_sqli_upload.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '88860' ], [ 'EDB', '23831' ] ], 'Platform' => ['php'], diff --git a/modules/exploits/linux/http/belkin_login_bof.rb b/modules/exploits/linux/http/belkin_login_bof.rb index b8bcc7fbeb..d530c09c05 100644 --- a/modules/exploits/linux/http/belkin_login_bof.rb +++ b/modules/exploits/linux/http/belkin_login_bof.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote ['CVE', '2014-1635'], ['EDB', '35184'], ['BID', '70977'], + ['OSVDB', '114345'], ['URL', 'https://labs.integrity.pt/articles/from-0-day-to-exploit-buffer-overflow-in-belkin-n750-cve-2014-1635/'], ['URL', 'http://www.belkin.com/us/support-article?articleNum=4831'] ], diff --git a/modules/exploits/linux/http/ddwrt_cgibin_exec.rb b/modules/exploits/linux/http/ddwrt_cgibin_exec.rb index cd10ab4a96..36fdc4841d 100644 --- a/modules/exploits/linux/http/ddwrt_cgibin_exec.rb +++ b/modules/exploits/linux/http/ddwrt_cgibin_exec.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-2765' ], + [ 'OSVDB', '55990' ], [ 'BID', '35742' ], [ 'EDB', '9209' ] ], diff --git a/modules/exploits/linux/http/dlink_authentication_cgi_bof.rb b/modules/exploits/linux/http/dlink_authentication_cgi_bof.rb index 5e6b6529eb..7b1cbbb6d3 100644 --- a/modules/exploits/linux/http/dlink_authentication_cgi_bof.rb +++ b/modules/exploits/linux/http/dlink_authentication_cgi_bof.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Arch' => ARCH_MIPSLE, 'References' => [ + ['OSVDB', '95951'], ['EDB', '27283'], ['URL', 'http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10008'], #advisory on vendor web site ['URL', 'http://www.dlink.com/us/en/home-solutions/connect/routers/dir-645-wireless-n-home-router-1000'], #vendor web site of router diff --git a/modules/exploits/linux/http/dlink_command_php_exec_noauth.rb b/modules/exploits/linux/http/dlink_command_php_exec_noauth.rb index 5dd0d1db9f..9e52b2400d 100644 --- a/modules/exploits/linux/http/dlink_command_php_exec_noauth.rb +++ b/modules/exploits/linux/http/dlink_command_php_exec_noauth.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '89861' ], [ 'EDB', '24453' ], [ 'BID', '57734' ], [ 'URL', 'http://www.dlink.com/uk/en/home-solutions/connect/routers/dir-600-wireless-n-150-home-router' ], diff --git a/modules/exploits/linux/http/dlink_diagnostic_exec_noauth.rb b/modules/exploits/linux/http/dlink_diagnostic_exec_noauth.rb index 000a11b778..7f4eedea14 100644 --- a/modules/exploits/linux/http/dlink_diagnostic_exec_noauth.rb +++ b/modules/exploits/linux/http/dlink_diagnostic_exec_noauth.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '92144' ], [ 'BID', '58938' ], [ 'EDB', '24926' ], [ 'URL', 'http://www.s3cur1ty.de/m1adv2013-017' ] diff --git a/modules/exploits/linux/http/dlink_dir300_exec_telnet.rb b/modules/exploits/linux/http/dlink_dir300_exec_telnet.rb index 64bd9a079f..603be9dcc2 100644 --- a/modules/exploits/linux/http/dlink_dir300_exec_telnet.rb +++ b/modules/exploits/linux/http/dlink_dir300_exec_telnet.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '92698' ], [ 'EDB', '25024' ], [ 'BID', '59405' ], [ 'URL', 'http://www.s3cur1ty.de/m1adv2013-014' ] diff --git a/modules/exploits/linux/http/dlink_dir605l_captcha_bof.rb b/modules/exploits/linux/http/dlink_dir605l_captcha_bof.rb index 106a85eb51..836f6091b3 100644 --- a/modules/exploits/linux/http/dlink_dir605l_captcha_bof.rb +++ b/modules/exploits/linux/http/dlink_dir605l_captcha_bof.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Arch' => ARCH_MIPSBE, 'References' => [ + [ 'OSVDB', '86824' ], [ 'URL', 'http://www.devttys0.com/2012/10/exploiting-a-mips-stack-overflow/' ] ], 'Targets' => diff --git a/modules/exploits/linux/http/dlink_dir615_up_exec.rb b/modules/exploits/linux/http/dlink_dir615_up_exec.rb index 95dff2c90c..e0edc210c1 100644 --- a/modules/exploits/linux/http/dlink_dir615_up_exec.rb +++ b/modules/exploits/linux/http/dlink_dir615_up_exec.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'BID', '57882' ], [ 'EDB', '24477' ], + [ 'OSVDB', '90174' ], [ 'URL', 'http://www.s3cur1ty.de/m1adv2013-008' ] ], 'DisclosureDate' => 'Feb 07 2013', diff --git a/modules/exploits/linux/http/dlink_dspw215_info_cgi_bof.rb b/modules/exploits/linux/http/dlink_dspw215_info_cgi_bof.rb index 8f61ef3790..9327460abf 100644 --- a/modules/exploits/linux/http/dlink_dspw215_info_cgi_bof.rb +++ b/modules/exploits/linux/http/dlink_dspw215_info_cgi_bof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Arch' => ARCH_MIPSBE, 'References' => [ + ['OSVDB', '108249'], ['URL', 'http://www.devttys0.com/2014/05/hacking-the-dspw215-again/'] # blog post from Craig including PoC ], 'Targets' => diff --git a/modules/exploits/linux/http/dlink_hedwig_cgi_bof.rb b/modules/exploits/linux/http/dlink_hedwig_cgi_bof.rb index f48a047dd4..f58e7ef41c 100644 --- a/modules/exploits/linux/http/dlink_hedwig_cgi_bof.rb +++ b/modules/exploits/linux/http/dlink_hedwig_cgi_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '95950'], ['EDB', '27283'], ['URL', 'http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10008'], #advisory on vendor web site ['URL', 'http://www.dlink.com/us/en/home-solutions/connect/routers/dir-645-wireless-n-home-router-1000'], #vendor web site of router diff --git a/modules/exploits/linux/http/dlink_upnp_exec_noauth.rb b/modules/exploits/linux/http/dlink_upnp_exec_noauth.rb index 7b2bbfc6a8..396e03d2d5 100644 --- a/modules/exploits/linux/http/dlink_upnp_exec_noauth.rb +++ b/modules/exploits/linux/http/dlink_upnp_exec_noauth.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '94924'], ['BID', '61005'], ['EDB', '26664'], ['URL', 'http://www.s3cur1ty.de/m1adv2013-020'] diff --git a/modules/exploits/linux/http/dolibarr_cmd_exec.rb b/modules/exploits/linux/http/dolibarr_cmd_exec.rb index 5fef115d69..599c0ae82c 100644 --- a/modules/exploits/linux/http/dolibarr_cmd_exec.rb +++ b/modules/exploits/linux/http/dolibarr_cmd_exec.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '80980'], ['URL', 'http://seclists.org/fulldisclosure/2012/Apr/78'] ], 'Arch' => ARCH_CMD, diff --git a/modules/exploits/linux/http/dreambox_openpli_shell.rb b/modules/exploits/linux/http/dreambox_openpli_shell.rb index dfae4d1e9d..0f79eb3ee7 100644 --- a/modules/exploits/linux/http/dreambox_openpli_shell.rb +++ b/modules/exploits/linux/http/dreambox_openpli_shell.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '90230' ], [ 'BID', '57943' ], [ 'EDB', '24498' ], [ 'URL', 'http://openpli.org/wiki/Webif' ], diff --git a/modules/exploits/linux/http/esva_exec.rb b/modules/exploits/linux/http/esva_exec.rb index 96a95c4c0c..3e812db793 100644 --- a/modules/exploits/linux/http/esva_exec.rb +++ b/modules/exploits/linux/http/esva_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '85462'], [ 'BID', '55050'], [ 'EDB', '20551' ] ], diff --git a/modules/exploits/linux/http/foreman_openstack_satellite_code_exec.rb b/modules/exploits/linux/http/foreman_openstack_satellite_code_exec.rb index ade171b2bb..554c48b12f 100644 --- a/modules/exploits/linux/http/foreman_openstack_satellite_code_exec.rb +++ b/modules/exploits/linux/http/foreman_openstack_satellite_code_exec.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['CVE', '2013-2121'], ['CWE', '95'], + ['OSVDB', '94671'], ['BID', '60833'], ['URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=968166'], ['URL', 'http://projects.theforeman.org/issues/2631'] diff --git a/modules/exploits/linux/http/fritzbox_echo_exec.rb b/modules/exploits/linux/http/fritzbox_echo_exec.rb index a7691b4a55..8f634e376a 100644 --- a/modules/exploits/linux/http/fritzbox_echo_exec.rb +++ b/modules/exploits/linux/http/fritzbox_echo_exec.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '103289' ], [ 'BID', '65520' ], [ 'URL', 'http://www.kapple.de/?p=75' ], # vulnerability details with PoC [ 'URL', 'https://www.speckmarschall.de/hoere.htm' ], # probably the first published details (now censored) diff --git a/modules/exploits/linux/http/gpsd_format_string.rb b/modules/exploits/linux/http/gpsd_format_string.rb index b90c63e3f9..c29ee861d9 100644 --- a/modules/exploits/linux/http/gpsd_format_string.rb +++ b/modules/exploits/linux/http/gpsd_format_string.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1388' ], + [ 'OSVDB', '13199' ], [ 'BID', '12371' ], [ 'URL', 'http://www.securiteam.com/unixfocus/5LP0M1PEKK.html'], diff --git a/modules/exploits/linux/http/groundwork_monarch_cmd_exec.rb b/modules/exploits/linux/http/groundwork_monarch_cmd_exec.rb index 5bc6e3393e..112999f051 100644 --- a/modules/exploits/linux/http/groundwork_monarch_cmd_exec.rb +++ b/modules/exploits/linux/http/groundwork_monarch_cmd_exec.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-3502' ], + [ 'OSVDB', '91051' ], [ 'US-CERT-VU', '345260' ], [ 'URL', 'https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130308-0_GroundWork_Monitoring_Multiple_critical_vulnerabilities_wo_poc_v10.txt' ] ], diff --git a/modules/exploits/linux/http/hp_system_management.rb b/modules/exploits/linux/http/hp_system_management.rb index e3fb72c929..b478063baa 100644 --- a/modules/exploits/linux/http/hp_system_management.rb +++ b/modules/exploits/linux/http/hp_system_management.rb @@ -35,6 +35,10 @@ class MetasploitModule < Msf::Exploit::Remote }, 'Platform' => ['linux'], 'Arch' => ARCH_X86, + 'References' => + [ + ['OSVDB', '91812'] + ], 'Targets' => [ [ 'HP System Management 7.1.1 - Linux (CentOS)', diff --git a/modules/exploits/linux/http/linksys_apply_cgi.rb b/modules/exploits/linux/http/linksys_apply_cgi.rb index 7fdfe6499a..a51d2dbdd6 100644 --- a/modules/exploits/linux/http/linksys_apply_cgi.rb +++ b/modules/exploits/linux/http/linksys_apply_cgi.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-2799'], + [ 'OSVDB', '19389' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=305'], ], 'Payload' => diff --git a/modules/exploits/linux/http/linksys_e1500_apply_exec.rb b/modules/exploits/linux/http/linksys_e1500_apply_exec.rb index 4f7c2ab3ae..d2f717dc84 100644 --- a/modules/exploits/linux/http/linksys_e1500_apply_exec.rb +++ b/modules/exploits/linux/http/linksys_e1500_apply_exec.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'BID', '57760' ], [ 'EDB', '24475' ], + [ 'OSVDB', '89912' ], [ 'URL', 'http://www.s3cur1ty.de/m1adv2013-004' ] ], 'DisclosureDate' => 'Feb 05 2013', diff --git a/modules/exploits/linux/http/linksys_themoon_exec.rb b/modules/exploits/linux/http/linksys_themoon_exec.rb index e1694f32c6..57b9e6e986 100644 --- a/modules/exploits/linux/http/linksys_themoon_exec.rb +++ b/modules/exploits/linux/http/linksys_themoon_exec.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'EDB', '31683' ], [ 'BID', '65585' ], + [ 'OSVDB', '103321' ], [ 'PACKETSTORM', '125253' ], [ 'PACKETSTORM', '125252' ], [ 'URL', 'https://isc.sans.edu/diary/Linksys+Worm+%22TheMoon%22+Summary%3A+What+we+know+so+far/17633' ], diff --git a/modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rb b/modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rb index c282bb5bdd..11e0b35ccf 100644 --- a/modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rb +++ b/modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'BID', '57887' ], [ 'EDB', '24478' ], + [ 'OSVDB', '90093' ], [ 'URL', 'http://www.s3cur1ty.de/m1adv2013-012' ] ], 'DisclosureDate' => 'Feb 11 2013', diff --git a/modules/exploits/linux/http/linksys_wrt54gl_apply_exec.rb b/modules/exploits/linux/http/linksys_wrt54gl_apply_exec.rb index d93af594c8..fb0d1ca187 100644 --- a/modules/exploits/linux/http/linksys_wrt54gl_apply_exec.rb +++ b/modules/exploits/linux/http/linksys_wrt54gl_apply_exec.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '89912' ], [ 'BID', '57459' ], [ 'EDB', '24202' ], [ 'URL', 'http://www.s3cur1ty.de/m1adv2013-001' ] diff --git a/modules/exploits/linux/http/mutiny_frontend_upload.rb b/modules/exploits/linux/http/mutiny_frontend_upload.rb index c865a2c59d..a80a737cb1 100644 --- a/modules/exploits/linux/http/mutiny_frontend_upload.rb +++ b/modules/exploits/linux/http/mutiny_frontend_upload.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-0136' ], + [ 'OSVDB', '93444' ], [ 'US-CERT-VU', '701572' ], [ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2013/05/15/new-1day-exploits-mutiny-vulnerabilities' ] ], diff --git a/modules/exploits/linux/http/netgear_dgn1000b_setup_exec.rb b/modules/exploits/linux/http/netgear_dgn1000b_setup_exec.rb index 1e39e3d615..0d0c2e5fc9 100644 --- a/modules/exploits/linux/http/netgear_dgn1000b_setup_exec.rb +++ b/modules/exploits/linux/http/netgear_dgn1000b_setup_exec.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'BID', '57836' ], [ 'EDB', '24464' ], + [ 'OSVDB', '89985' ], [ 'URL', 'http://www.s3cur1ty.de/m1adv2013-005' ] ], 'DisclosureDate' => 'Feb 06 2013', diff --git a/modules/exploits/linux/http/netgear_dgn2200b_pppoe_exec.rb b/modules/exploits/linux/http/netgear_dgn2200b_pppoe_exec.rb index beff486da5..41d72de2b9 100644 --- a/modules/exploits/linux/http/netgear_dgn2200b_pppoe_exec.rb +++ b/modules/exploits/linux/http/netgear_dgn2200b_pppoe_exec.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'BID', '57998' ], [ 'EDB', '24513' ], + [ 'OSVDB', '90320' ], [ 'URL', 'http://www.s3cur1ty.de/m1adv2013-015' ] ], 'DisclosureDate' => 'Feb 15 2013', diff --git a/modules/exploits/linux/http/netgear_readynas_exec.rb b/modules/exploits/linux/http/netgear_readynas_exec.rb index b189f47f3f..9a4bc77e7a 100644 --- a/modules/exploits/linux/http/netgear_readynas_exec.rb +++ b/modules/exploits/linux/http/netgear_readynas_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-2751' ], + [ 'OSVDB', '98826' ], [ 'URL', 'http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/' ], [ 'URL', 'http://www.tripwire.com/register/security-advisory-netgear-readynas/' ] ], diff --git a/modules/exploits/linux/http/nginx_chunked_size.rb b/modules/exploits/linux/http/nginx_chunked_size.rb index 6bcf2ac482..2add096256 100644 --- a/modules/exploits/linux/http/nginx_chunked_size.rb +++ b/modules/exploits/linux/http/nginx_chunked_size.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2013-2028'], + ['OSVDB', '93037'], ['URL', 'http://nginx.org/en/security_advisories.html'], ['PACKETSTORM', '121560'] ], diff --git a/modules/exploits/linux/http/openfiler_networkcard_exec.rb b/modules/exploits/linux/http/openfiler_networkcard_exec.rb index 5692ac6e5d..41d9e038ea 100644 --- a/modules/exploits/linux/http/openfiler_networkcard_exec.rb +++ b/modules/exploits/linux/http/openfiler_networkcard_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['BID', '55490'], ['URL', 'http://itsecuritysolutions.org/2012-09-06-Openfiler-v2.x-multiple-vulnerabilities/'], + ['OSVDB', '93881'], ['EDB', '21191'] ], 'DefaultOptions' => diff --git a/modules/exploits/linux/http/peercast_url.rb b/modules/exploits/linux/http/peercast_url.rb index e872ba51f2..c961f9bb31 100644 --- a/modules/exploits/linux/http/peercast_url.rb +++ b/modules/exploits/linux/http/peercast_url.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-1148'], + ['OSVDB', '23777'], ['BID', '17040'] ], 'Privileged' => false, diff --git a/modules/exploits/linux/http/pineapp_ldapsyncnow_exec.rb b/modules/exploits/linux/http/pineapp_ldapsyncnow_exec.rb index 52bb03d07c..36c1176d0e 100644 --- a/modules/exploits/linux/http/pineapp_ldapsyncnow_exec.rb +++ b/modules/exploits/linux/http/pineapp_ldapsyncnow_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'ZDI', '13-185' ], + [ 'OSVDB', '95781' ] ], 'Platform' => ['unix'], 'Arch' => ARCH_CMD, diff --git a/modules/exploits/linux/http/pineapp_livelog_exec.rb b/modules/exploits/linux/http/pineapp_livelog_exec.rb index 4d6f1825b4..935f34a251 100644 --- a/modules/exploits/linux/http/pineapp_livelog_exec.rb +++ b/modules/exploits/linux/http/pineapp_livelog_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'ZDI', '13-184'], + [ 'OSVDB', '95779'] ], 'Platform' => ['unix'], 'Arch' => ARCH_CMD, diff --git a/modules/exploits/linux/http/pineapp_test_li_conn_exec.rb b/modules/exploits/linux/http/pineapp_test_li_conn_exec.rb index 8fe9f95b25..629e89b1ba 100644 --- a/modules/exploits/linux/http/pineapp_test_li_conn_exec.rb +++ b/modules/exploits/linux/http/pineapp_test_li_conn_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'ZDI', '13-188'], + [ 'OSVDB', '95782'] ], 'Platform' => ['unix'], 'Arch' => ARCH_CMD, diff --git a/modules/exploits/linux/http/piranha_passwd_exec.rb b/modules/exploits/linux/http/piranha_passwd_exec.rb index 28e9762902..2422a19bb5 100644 --- a/modules/exploits/linux/http/piranha_passwd_exec.rb +++ b/modules/exploits/linux/http/piranha_passwd_exec.rb @@ -32,9 +32,11 @@ class MetasploitModule < Msf::Exploit::Remote [ # Default password [ 'CVE', '2000-0248' ], + [ 'OSVDB', '289' ], [ 'BID', '1148' ], # Command Execution [ 'CVE', '2000-0322' ], + [ 'OSVDB', '1300' ], [ 'BID', '1149' ] ], 'Platform' => ['unix'], diff --git a/modules/exploits/linux/http/raidsonic_nas_ib5220_exec_noauth.rb b/modules/exploits/linux/http/raidsonic_nas_ib5220_exec_noauth.rb index 8466899c25..281239a922 100644 --- a/modules/exploits/linux/http/raidsonic_nas_ib5220_exec_noauth.rb +++ b/modules/exploits/linux/http/raidsonic_nas_ib5220_exec_noauth.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '90221' ], [ 'EDB', '24499' ], [ 'BID', '57958' ], [ 'URL', 'http://www.s3cur1ty.de/m1adv2013-010' ] diff --git a/modules/exploits/linux/http/sophos_wpa_sblistpack_exec.rb b/modules/exploits/linux/http/sophos_wpa_sblistpack_exec.rb index 852de475e5..01a4a6e9f3 100644 --- a/modules/exploits/linux/http/sophos_wpa_sblistpack_exec.rb +++ b/modules/exploits/linux/http/sophos_wpa_sblistpack_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-4983' ], + [ 'OSVDB', '97029' ], [ 'BID', '62263'], [ 'EDB', '28175'], [ 'URL', 'http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities'] diff --git a/modules/exploits/linux/http/symantec_web_gateway_exec.rb b/modules/exploits/linux/http/symantec_web_gateway_exec.rb index 5e127d49dd..3da6b67212 100644 --- a/modules/exploits/linux/http/symantec_web_gateway_exec.rb +++ b/modules/exploits/linux/http/symantec_web_gateway_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0297' ], + [ 'OSVDB', '82925' ], [ 'BID', '53444' ], [ 'ZDI', '12-090' ], [ 'URL', 'http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00' ] diff --git a/modules/exploits/linux/http/symantec_web_gateway_file_upload.rb b/modules/exploits/linux/http/symantec_web_gateway_file_upload.rb index 1ead76e2d3..6ced3d32a4 100644 --- a/modules/exploits/linux/http/symantec_web_gateway_file_upload.rb +++ b/modules/exploits/linux/http/symantec_web_gateway_file_upload.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0299' ], + [ 'OSVDB', '82025' ], [ 'BID', '53443' ], [ 'ZDI', '12-091' ], [ 'URL', 'http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00' ] diff --git a/modules/exploits/linux/http/symantec_web_gateway_lfi.rb b/modules/exploits/linux/http/symantec_web_gateway_lfi.rb index 45efd628ca..e2080dcb13 100644 --- a/modules/exploits/linux/http/symantec_web_gateway_lfi.rb +++ b/modules/exploits/linux/http/symantec_web_gateway_lfi.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-0297'], + ['OSVDB', '82023'], ['EDB', '18932'], ['URL', 'http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00'] ], diff --git a/modules/exploits/linux/http/symantec_web_gateway_pbcontrol.rb b/modules/exploits/linux/http/symantec_web_gateway_pbcontrol.rb index 192d12500a..06c63e82c8 100644 --- a/modules/exploits/linux/http/symantec_web_gateway_pbcontrol.rb +++ b/modules/exploits/linux/http/symantec_web_gateway_pbcontrol.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-2953' ], + [ 'OSVDB', '84120' ], [ 'BID', '54426' ], [ 'EDB', '20088' ], [ 'URL', 'http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00'] diff --git a/modules/exploits/linux/http/symantec_web_gateway_restore.rb b/modules/exploits/linux/http/symantec_web_gateway_restore.rb index 79ebdb54d1..fcac6a43c6 100644 --- a/modules/exploits/linux/http/symantec_web_gateway_restore.rb +++ b/modules/exploits/linux/http/symantec_web_gateway_restore.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2014-7285' ], + [ 'OSVDB', '116009' ], [ 'BID', '71620' ], [ 'URL', 'http://karmainsecurity.com/KIS-2014-19' ], [ 'URL', 'http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20141216_00'] diff --git a/modules/exploits/linux/http/synology_dsm_sliceupload_exec_noauth.rb b/modules/exploits/linux/http/synology_dsm_sliceupload_exec_noauth.rb index 603fbba0e9..b14df13f6d 100644 --- a/modules/exploits/linux/http/synology_dsm_sliceupload_exec_noauth.rb +++ b/modules/exploits/linux/http/synology_dsm_sliceupload_exec_noauth.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-6955' ], + [ 'OSVDB', '101247' ] ], 'Privileged' => false, 'Platform' => ['unix'], diff --git a/modules/exploits/linux/http/vap2500_tools_command_exec.rb b/modules/exploits/linux/http/vap2500_tools_command_exec.rb index 825939d602..24e3053e41 100644 --- a/modules/exploits/linux/http/vap2500_tools_command_exec.rb +++ b/modules/exploits/linux/http/vap2500_tools_command_exec.rb @@ -28,6 +28,8 @@ class MetasploitModule < Msf::Exploit::Remote [ ['CVE', '2014-8423'], ['CVE', '2014-8424'], + ['OSVDB', '115045'], + ['OSVDB', '115046'], ['BID', '71297'], ['BID', '71299'], ['URL', 'http://goto.fail/blog/2014/11/25/at-and-t-u-verse-vap2500-the-passwords-they-do-nothing/'] diff --git a/modules/exploits/linux/http/vcms_upload.rb b/modules/exploits/linux/http/vcms_upload.rb index 1d2d8e838f..01a99e80ec 100644 --- a/modules/exploits/linux/http/vcms_upload.rb +++ b/modules/exploits/linux/http/vcms_upload.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-4828'], + ['OSVDB', '77183'], ['BID', '50706'], ['URL', 'http://xforce.iss.net/xforce/xfdb/71358'] ], diff --git a/modules/exploits/linux/http/wanem_exec.rb b/modules/exploits/linux/http/wanem_exec.rb index 220e3c2a0a..e75ce9a283 100644 --- a/modules/exploits/linux/http/wanem_exec.rb +++ b/modules/exploits/linux/http/wanem_exec.rb @@ -30,6 +30,11 @@ class MetasploitModule < Msf::Exploit::Remote [ 'Brendan Coles ', # Discovery and exploit ], + 'References' => + [ + ['OSVDB', '85344'], + ['OSVDB', '85345'] + ], 'Payload' => { 'Space' => 1024, diff --git a/modules/exploits/linux/http/webcalendar_settings_exec.rb b/modules/exploits/linux/http/webcalendar_settings_exec.rb index e2aa21bcd4..0ca6edf548 100644 --- a/modules/exploits/linux/http/webcalendar_settings_exec.rb +++ b/modules/exploits/linux/http/webcalendar_settings_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-1495'], + ['OSVDB', '81329'], ['EDB', '18775'] ], 'Arch' => ARCH_CMD, diff --git a/modules/exploits/linux/http/webid_converter.rb b/modules/exploits/linux/http/webid_converter.rb index 5405688939..1d7bbbe1a9 100644 --- a/modules/exploits/linux/http/webid_converter.rb +++ b/modules/exploits/linux/http/webid_converter.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '73609' ], [ 'EDB', '17487' ], [ 'URL', 'http://www.webidsupport.com/forums/showthread.php?3892' ] ], diff --git a/modules/exploits/linux/http/zen_load_balancer_exec.rb b/modules/exploits/linux/http/zen_load_balancer_exec.rb index ec117beda0..d388ce25d8 100644 --- a/modules/exploits/linux/http/zen_load_balancer_exec.rb +++ b/modules/exploits/linux/http/zen_load_balancer_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '85654'], ['URL', 'http://itsecuritysolutions.org/2012-09-21-ZEN-Load-Balancer-v2.0-and-v3.0-rc1-multiple-vulnerabilities/'] ], 'DefaultOptions' => diff --git a/modules/exploits/linux/http/zenoss_showdaemonxmlconfig_exec.rb b/modules/exploits/linux/http/zenoss_showdaemonxmlconfig_exec.rb index 4bbd0964a7..e92284d97c 100644 --- a/modules/exploits/linux/http/zenoss_showdaemonxmlconfig_exec.rb +++ b/modules/exploits/linux/http/zenoss_showdaemonxmlconfig_exec.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['URL', 'http://itsecuritysolutions.org/2012-07-30-zenoss-3.2.1-multiple-security-vulnerabilities/'], + ['OSVDB', '84408'] #['CVE', 'None'], ], 'Author' => diff --git a/modules/exploits/linux/ids/snortbopre.rb b/modules/exploits/linux/ids/snortbopre.rb index 5c9a943f30..219b4303e0 100644 --- a/modules/exploits/linux/ids/snortbopre.rb +++ b/modules/exploits/linux/ids/snortbopre.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-3252'], + ['OSVDB', '20034'], ['BID', '15131'] ], 'Payload' => diff --git a/modules/exploits/linux/imap/imap_uw_lsub.rb b/modules/exploits/linux/imap/imap_uw_lsub.rb index 12f2a149e9..e540d03efe 100644 --- a/modules/exploits/linux/imap/imap_uw_lsub.rb +++ b/modules/exploits/linux/imap/imap_uw_lsub.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2000-0284' ], + [ 'OSVDB', '12037' ], [ 'BID', '1110' ], [ 'EDB', '284' ] ], diff --git a/modules/exploits/linux/local/hp_smhstart.rb b/modules/exploits/linux/local/hp_smhstart.rb index 0a062f1127..2a1659297a 100644 --- a/modules/exploits/linux/local/hp_smhstart.rb +++ b/modules/exploits/linux/local/hp_smhstart.rb @@ -36,6 +36,10 @@ class MetasploitModule < Msf::Exploit::Local 'Space' => 227, 'BadChars' => "\x00\x22" }, + 'References' => + [ + ['OSVDB', '91990'] + ], 'Targets' => [ [ 'HP System Management Homepage 7.1.1', diff --git a/modules/exploits/linux/local/kloxo_lxsuexec.rb b/modules/exploits/linux/local/kloxo_lxsuexec.rb index e9dd413b06..94c13c69c8 100644 --- a/modules/exploits/linux/local/kloxo_lxsuexec.rb +++ b/modules/exploits/linux/local/kloxo_lxsuexec.rb @@ -42,6 +42,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ [ 'EDB', '25406' ], + [ 'OSVDB', '93287' ], [ 'URL', 'http://roothackers.net/showthread.php?tid=92' ] # post referencing the vulnerability and PoC ], 'Targets' => diff --git a/modules/exploits/linux/local/pkexec.rb b/modules/exploits/linux/local/pkexec.rb index 2e8f01ea48..fef8cf0a34 100644 --- a/modules/exploits/linux/local/pkexec.rb +++ b/modules/exploits/linux/local/pkexec.rb @@ -49,6 +49,7 @@ class MetasploitModule < Msf::Exploit::Local [ [ 'CVE', '2011-1485' ], [ 'EDB', '17942' ], + [ 'OSVDB', '72261' ] ], 'DisclosureDate' => "Apr 01 2011" )) diff --git a/modules/exploits/linux/local/sock_sendpage.rb b/modules/exploits/linux/local/sock_sendpage.rb index b67773ab12..b55bc4d413 100644 --- a/modules/exploits/linux/local/sock_sendpage.rb +++ b/modules/exploits/linux/local/sock_sendpage.rb @@ -49,6 +49,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ [ 'CVE', '2009-2692' ], + [ 'OSVDB', '56992' ], [ 'URL', 'http://blog.cr0.org/2009/08/linux-null-pointer-dereference-due-to.html' ] ], 'Targets' => diff --git a/modules/exploits/linux/local/sophos_wpa_clear_keys.rb b/modules/exploits/linux/local/sophos_wpa_clear_keys.rb index 728024d675..c08cb2c8d7 100644 --- a/modules/exploits/linux/local/sophos_wpa_clear_keys.rb +++ b/modules/exploits/linux/local/sophos_wpa_clear_keys.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ [ 'CVE', '2013-4984' ], + [ 'OSVDB', '97028' ], [ 'BID', '62265' ], [ 'URL', 'http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities'] ], diff --git a/modules/exploits/linux/local/udev_netlink.rb b/modules/exploits/linux/local/udev_netlink.rb index b3a8046c4c..7e5a5432ae 100644 --- a/modules/exploits/linux/local/udev_netlink.rb +++ b/modules/exploits/linux/local/udev_netlink.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ [ 'CVE', '2009-1185' ], + [ 'OSVDB', '53810' ], [ 'BID', '34536' ] ], 'Targets' => diff --git a/modules/exploits/linux/local/vmware_mount.rb b/modules/exploits/linux/local/vmware_mount.rb index 221e4510e4..66cffb1370 100644 --- a/modules/exploits/linux/local/vmware_mount.rb +++ b/modules/exploits/linux/local/vmware_mount.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Local 'DefaultTarget' => 0, 'References' => [ [ 'CVE', '2013-1662' ], + [ 'OSVDB', '96588' ], [ 'BID', '61966'], [ 'URL', 'http://blog.cmpxchg8b.com/2013/08/security-debianisms.html' ], [ 'URL', 'http://www.vmware.com/support/support-resources/advisories/VMSA-2013-0010.html' ], diff --git a/modules/exploits/linux/misc/accellion_fta_mpipe2.rb b/modules/exploits/linux/misc/accellion_fta_mpipe2.rb index 55197d5596..85c416e432 100644 --- a/modules/exploits/linux/misc/accellion_fta_mpipe2.rb +++ b/modules/exploits/linux/misc/accellion_fta_mpipe2.rb @@ -37,6 +37,8 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '71362'], + ['OSVDB', '71363'], ['URL', 'http://www.rapid7.com/security-center/advisories/R7-0039.jsp'], ], 'Platform' => ['unix'], diff --git a/modules/exploits/linux/misc/gld_postfix.rb b/modules/exploits/linux/misc/gld_postfix.rb index 45743319e8..96b42453d6 100644 --- a/modules/exploits/linux/misc/gld_postfix.rb +++ b/modules/exploits/linux/misc/gld_postfix.rb @@ -26,6 +26,7 @@ require 'msf/core' 'References' => [ [ 'CVE', '2005-1099' ], + [ 'OSVDB', '15492' ], [ 'BID', '13129' ], [ 'EDB', '934' ] ], diff --git a/modules/exploits/linux/misc/hp_data_protector_cmd_exec.rb b/modules/exploits/linux/misc/hp_data_protector_cmd_exec.rb index 0ce04a2a7d..bcd21a3f2d 100644 --- a/modules/exploits/linux/misc/hp_data_protector_cmd_exec.rb +++ b/modules/exploits/linux/misc/hp_data_protector_cmd_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-0923'], + [ 'OSVDB', '72526'], [ 'ZDI', '11-055'], [ 'URL', 'http://hackarandas.com/blog/2011/08/04/hp-data-protector-remote-shell-for-hpux'], [ 'URL', 'https://community.rapid7.com/thread/2253' ] diff --git a/modules/exploits/linux/misc/hp_vsa_login_bof.rb b/modules/exploits/linux/misc/hp_vsa_login_bof.rb index b9b2de1b25..9c698a5f23 100644 --- a/modules/exploits/linux/misc/hp_vsa_login_bof.rb +++ b/modules/exploits/linux/misc/hp_vsa_login_bof.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2013-2343'], + ['OSVDB', '94701'], ['ZDI', '13-179'], ['URL', 'http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c03661318'] ], diff --git a/modules/exploits/linux/misc/hplip_hpssd_exec.rb b/modules/exploits/linux/misc/hplip_hpssd_exec.rb index 0388e1ef86..2c591b6186 100644 --- a/modules/exploits/linux/misc/hplip_hpssd_exec.rb +++ b/modules/exploits/linux/misc/hplip_hpssd_exec.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5208' ], + [ 'OSVDB', '41693' ], [ 'BID', '26054' ], [ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=319921' ], [ 'URL', 'https://bugzilla.redhat.com/attachment.cgi?id=217201&action=edit' ] diff --git a/modules/exploits/linux/misc/ib_inet_connect.rb b/modules/exploits/linux/misc/ib_inet_connect.rb index 83eb8650b2..6804678d9c 100644 --- a/modules/exploits/linux/misc/ib_inet_connect.rb +++ b/modules/exploits/linux/misc/ib_inet_connect.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5243' ], + [ 'OSVDB', '38605' ], [ 'BID', '25917' ], [ 'URL', 'http://www.risesecurity.org/advisories/RISE-2007002.txt' ], ], diff --git a/modules/exploits/linux/misc/ib_jrd8_create_database.rb b/modules/exploits/linux/misc/ib_jrd8_create_database.rb index 549054dd74..abaa69dc85 100644 --- a/modules/exploits/linux/misc/ib_jrd8_create_database.rb +++ b/modules/exploits/linux/misc/ib_jrd8_create_database.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5243' ], + [ 'OSVDB', '38606' ], [ 'BID', '25917' ], [ 'URL', 'http://www.risesecurity.org/advisories/RISE-2007002.txt' ], ], diff --git a/modules/exploits/linux/misc/ib_open_marker_file.rb b/modules/exploits/linux/misc/ib_open_marker_file.rb index c8578aa957..68002ee8b1 100644 --- a/modules/exploits/linux/misc/ib_open_marker_file.rb +++ b/modules/exploits/linux/misc/ib_open_marker_file.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5244' ], + [ 'OSVDB', '38610' ], [ 'BID', '25917' ], [ 'URL', 'http://www.risesecurity.org/advisories/RISE-2007002.txt' ], ], diff --git a/modules/exploits/linux/misc/ib_pwd_db_aliased.rb b/modules/exploits/linux/misc/ib_pwd_db_aliased.rb index 244187ad62..6ea756791d 100644 --- a/modules/exploits/linux/misc/ib_pwd_db_aliased.rb +++ b/modules/exploits/linux/misc/ib_pwd_db_aliased.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5243' ], + [ 'OSVDB', '38607' ], [ 'BID', '25917' ], [ 'URL', 'http://www.risesecurity.org/advisories/RISE-2007002.txt' ], ], diff --git a/modules/exploits/linux/misc/lprng_format_string.rb b/modules/exploits/linux/misc/lprng_format_string.rb index 9515529a7a..f40fecdcba 100644 --- a/modules/exploits/linux/misc/lprng_format_string.rb +++ b/modules/exploits/linux/misc/lprng_format_string.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2000-0917' ], + [ 'OSVDB', '421' ], [ 'BID', '1712' ], [ 'US-CERT-VU', '382365' ], [ 'URL', 'http://www.cert.org/advisories/CA-2000-22.html' ], diff --git a/modules/exploits/linux/misc/mongod_native_helper.rb b/modules/exploits/linux/misc/mongod_native_helper.rb index 160a0b40d9..06100c2e4d 100644 --- a/modules/exploits/linux/misc/mongod_native_helper.rb +++ b/modules/exploits/linux/misc/mongod_native_helper.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-1892' ], + [ 'OSVDB', '91632' ], [ 'BID', '58695' ], [ 'URL', 'http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/' ] ], diff --git a/modules/exploits/linux/misc/nagios_nrpe_arguments.rb b/modules/exploits/linux/misc/nagios_nrpe_arguments.rb index 5468e62e3b..3ac5320c90 100644 --- a/modules/exploits/linux/misc/nagios_nrpe_arguments.rb +++ b/modules/exploits/linux/misc/nagios_nrpe_arguments.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-1362' ], + [ 'OSVDB', '90582'], [ 'BID', '58142'], [ 'URL', 'http://www.occamsec.com/vulnerabilities.html#nagios_metacharacter_vulnerability'] ], diff --git a/modules/exploits/linux/misc/netsupport_manager_agent.rb b/modules/exploits/linux/misc/netsupport_manager_agent.rb index 61c55a858a..abfa4247a6 100644 --- a/modules/exploits/linux/misc/netsupport_manager_agent.rb +++ b/modules/exploits/linux/misc/netsupport_manager_agent.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-0404' ], + [ 'OSVDB', '70408' ], [ 'BID', '45728' ], [ 'URL', 'http://seclists.org/fulldisclosure/2011/Jan/90' ], [ 'EDB', '15937' ] diff --git a/modules/exploits/linux/misc/novell_edirectory_ncp_bof.rb b/modules/exploits/linux/misc/novell_edirectory_ncp_bof.rb index 4441d8462d..3b1ea17ab1 100644 --- a/modules/exploits/linux/misc/novell_edirectory_ncp_bof.rb +++ b/modules/exploits/linux/misc/novell_edirectory_ncp_bof.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0432'], + [ 'OSVDB', '88718'], [ 'BID', '57038' ], [ 'EDB', '24205' ], [ 'URL', 'http://www.novell.com/support/kb/doc.php?id=3426981' ], diff --git a/modules/exploits/linux/misc/sercomm_exec.rb b/modules/exploits/linux/misc/sercomm_exec.rb index b12bc3969a..ed0637d842 100644 --- a/modules/exploits/linux/misc/sercomm_exec.rb +++ b/modules/exploits/linux/misc/sercomm_exec.rb @@ -116,6 +116,7 @@ class MetasploitModule < Msf::Exploit::Remote 'DefaultTarget' => 0, 'References' => [ + [ 'OSVDB', '101653' ], [ 'URL', 'https://github.com/elvanderb/TCP-32764' ] ], 'DisclosureDate' => "Dec 31 2013" )) diff --git a/modules/exploits/linux/misc/zabbix_server_exec.rb b/modules/exploits/linux/misc/zabbix_server_exec.rb index 240233b44a..0826b3cb16 100644 --- a/modules/exploits/linux/misc/zabbix_server_exec.rb +++ b/modules/exploits/linux/misc/zabbix_server_exec.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-4498' ], + [ 'OSVDB', '60965' ], [ 'BID', '37989' ], [ 'EDB', '10432' ], [ 'URL', 'https://support.zabbix.com/browse/ZBX-1030' ] diff --git a/modules/exploits/linux/mysql/mysql_yassl_getname.rb b/modules/exploits/linux/mysql/mysql_yassl_getname.rb index 50a1e7f18f..61ad7081f3 100644 --- a/modules/exploits/linux/mysql/mysql_yassl_getname.rb +++ b/modules/exploits/linux/mysql/mysql_yassl_getname.rb @@ -46,6 +46,7 @@ class MetasploitModule < Msf::Exploit::Remote [ 'BID', '37640' ], [ 'BID', '37943' ], [ 'BID', '37974' ], + [ 'OSVDB', '61956' ], [ 'URL', 'http://secunia.com/advisories/38344/' ] ], 'Privileged' => true, diff --git a/modules/exploits/linux/mysql/mysql_yassl_hello.rb b/modules/exploits/linux/mysql/mysql_yassl_hello.rb index b4a1e0053b..9b6811b040 100644 --- a/modules/exploits/linux/mysql/mysql_yassl_hello.rb +++ b/modules/exploits/linux/mysql/mysql_yassl_hello.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-0226' ], + [ 'OSVDB', '41195' ], [ 'BID', '27140' ], ], diff --git a/modules/exploits/linux/pop3/cyrus_pop3d_popsubfolders.rb b/modules/exploits/linux/pop3/cyrus_pop3d_popsubfolders.rb index a1bbebc9d5..b3e42f2ac6 100644 --- a/modules/exploits/linux/pop3/cyrus_pop3d_popsubfolders.rb +++ b/modules/exploits/linux/pop3/cyrus_pop3d_popsubfolders.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-2502' ], + [ 'OSVDB', '25853' ], [ 'BID', '18056' ], [ 'EDB', '2053' ], [ 'EDB', '2185' ], diff --git a/modules/exploits/linux/pptp/poptop_negative_read.rb b/modules/exploits/linux/pptp/poptop_negative_read.rb index e045c2d1a1..1960848adf 100644 --- a/modules/exploits/linux/pptp/poptop_negative_read.rb +++ b/modules/exploits/linux/pptp/poptop_negative_read.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2003-0213'], + ['OSVDB', '3293'], ['URL', 'http://securityfocus.com/archive/1/317995'], ['URL', 'http://www.freewebs.com/blightninjas/'], ], diff --git a/modules/exploits/linux/proxy/squid_ntlm_authenticate.rb b/modules/exploits/linux/proxy/squid_ntlm_authenticate.rb index bc55a7159b..5552ff0bbc 100644 --- a/modules/exploits/linux/proxy/squid_ntlm_authenticate.rb +++ b/modules/exploits/linux/proxy/squid_ntlm_authenticate.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-0541'], + [ 'OSVDB', '6791'], [ 'URL', 'http://www.idefense.com/application/poi/display?id=107'], [ 'BID', '10500'], ], diff --git a/modules/exploits/linux/samba/chain_reply.rb b/modules/exploits/linux/samba/chain_reply.rb index 2c211d8b11..5f6e867f48 100644 --- a/modules/exploits/linux/samba/chain_reply.rb +++ b/modules/exploits/linux/samba/chain_reply.rb @@ -46,6 +46,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-2063' ], + [ 'OSVDB', '65518' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=873' ] ], 'Privileged' => true, diff --git a/modules/exploits/linux/samba/lsa_transnames_heap.rb b/modules/exploits/linux/samba/lsa_transnames_heap.rb index e5f05c972a..5a9c5dfb6a 100644 --- a/modules/exploits/linux/samba/lsa_transnames_heap.rb +++ b/modules/exploits/linux/samba/lsa_transnames_heap.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-2446'], + ['OSVDB', '34699'], ], 'Privileged' => true, 'Payload' => diff --git a/modules/exploits/linux/samba/setinfopolicy_heap.rb b/modules/exploits/linux/samba/setinfopolicy_heap.rb index 5b4588260e..8dd9476745 100644 --- a/modules/exploits/linux/samba/setinfopolicy_heap.rb +++ b/modules/exploits/linux/samba/setinfopolicy_heap.rb @@ -42,6 +42,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-1182'], + ['OSVDB', '81303'], ['BID', '52973'], ['ZDI', '12-069'] ], diff --git a/modules/exploits/linux/samba/trans2open.rb b/modules/exploits/linux/samba/trans2open.rb index f8e0299733..e89a00faea 100644 --- a/modules/exploits/linux/samba/trans2open.rb +++ b/modules/exploits/linux/samba/trans2open.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0201' ], + [ 'OSVDB', '4469' ], [ 'BID', '7294' ], [ 'URL', 'http://seclists.org/bugtraq/2003/Apr/103' ] ], diff --git a/modules/exploits/linux/smtp/exim4_dovecot_exec.rb b/modules/exploits/linux/smtp/exim4_dovecot_exec.rb index 2f96660f42..2759efc69c 100644 --- a/modules/exploits/linux/smtp/exim4_dovecot_exec.rb +++ b/modules/exploits/linux/smtp/exim4_dovecot_exec.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '93004' ], [ 'EDB', '25297' ], [ 'URL', 'https://www.redteam-pentesting.de/advisories/rt-sa-2013-001' ] ], diff --git a/modules/exploits/linux/smtp/exim_gethostbyname_bof.rb b/modules/exploits/linux/smtp/exim_gethostbyname_bof.rb index f4550fc0ab..79540ed980 100644 --- a/modules/exploits/linux/smtp/exim_gethostbyname_bof.rb +++ b/modules/exploits/linux/smtp/exim_gethostbyname_bof.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2015-0235'], ['US-CERT-VU', '967332'], + ['OSVDB', '117579'], ['BID', '72325'], ['URL', 'https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt'], ['URL', 'https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability'], diff --git a/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb b/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb index e72b1165aa..db95be34b6 100644 --- a/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb +++ b/modules/exploits/linux/ssh/f5_bigip_known_privkey.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'URL', 'https://www.trustmatta.com/advisories/MATTA-2012-002.txt' ], [ 'CVE', '2012-1493' ], + [ 'OSVDB', '82780' ], [ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2012/06/25/press-f5-for-root-shell' ] ], 'DisclosureDate' => "Jun 11 2012", diff --git a/modules/exploits/linux/ssh/symantec_smg_ssh.rb b/modules/exploits/linux/ssh/symantec_smg_ssh.rb index db2791e248..5f107ea05f 100644 --- a/modules/exploits/linux/ssh/symantec_smg_ssh.rb +++ b/modules/exploits/linux/ssh/symantec_smg_ssh.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-3579'], + ['OSVDB', '85028'], ['BID', '55143'], ['URL', 'http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20120827_00'] ], diff --git a/modules/exploits/linux/telnet/telnet_encrypt_keyid.rb b/modules/exploits/linux/telnet/telnet_encrypt_keyid.rb index 15f268762c..a5f7d68121 100644 --- a/modules/exploits/linux/telnet/telnet_encrypt_keyid.rb +++ b/modules/exploits/linux/telnet/telnet_encrypt_keyid.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-4862'], + ['OSVDB', '78020'], ['BID', '51182'], ['EDB', '18280'] ], diff --git a/modules/exploits/linux/upnp/miniupnpd_soap_bof.rb b/modules/exploits/linux/upnp/miniupnpd_soap_bof.rb index 8e5bb9109b..77161f34cc 100644 --- a/modules/exploits/linux/upnp/miniupnpd_soap_bof.rb +++ b/modules/exploits/linux/upnp/miniupnpd_soap_bof.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-0230' ], + [ 'OSVDB', '89624' ], [ 'BID', '57608' ], [ 'URL', 'https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play'] ], diff --git a/modules/exploits/multi/browser/firefox_escape_retval.rb b/modules/exploits/multi/browser/firefox_escape_retval.rb index 563402a7fa..a3c709311a 100644 --- a/modules/exploits/multi/browser/firefox_escape_retval.rb +++ b/modules/exploits/multi/browser/firefox_escape_retval.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2009-2477'], + ['OSVDB', '55846'], ['BID', '35660'], ['URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=503286'] ], diff --git a/modules/exploits/multi/browser/firefox_proto_crmfrequest.rb b/modules/exploits/multi/browser/firefox_proto_crmfrequest.rb index ecd7adaf23..a8697b93ed 100644 --- a/modules/exploits/multi/browser/firefox_proto_crmfrequest.rb +++ b/modules/exploits/multi/browser/firefox_proto_crmfrequest.rb @@ -45,8 +45,10 @@ class MetasploitModule < Msf::Exploit::Remote 'DisclosureDate' => "Aug 6 2013", 'References' => [ ['CVE', '2012-3993'], # used to install function that gets called from chrome:// (ff<15) + ['OSVDB', '86111'], ['URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=768101'], ['CVE', '2013-1710'], # used to peek into privileged caller's closure (ff<23) + ['OSVDB', '96019'] ], 'BrowserRequirements' => { :source => 'script', diff --git a/modules/exploits/multi/browser/firefox_queryinterface.rb b/modules/exploits/multi/browser/firefox_queryinterface.rb index da7b0fec2d..a78533c60a 100644 --- a/modules/exploits/multi/browser/firefox_queryinterface.rb +++ b/modules/exploits/multi/browser/firefox_queryinterface.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-0295'], + ['OSVDB', '22893'], ['BID', '16476'], ['URL', 'http://www.mozilla.org/security/announce/mfsa2006-04.html'], ], diff --git a/modules/exploits/multi/browser/firefox_svg_plugin.rb b/modules/exploits/multi/browser/firefox_svg_plugin.rb index 9be34cd2cd..568c9ed1de 100644 --- a/modules/exploits/multi/browser/firefox_svg_plugin.rb +++ b/modules/exploits/multi/browser/firefox_svg_plugin.rb @@ -66,6 +66,8 @@ class MetasploitModule < Msf::Exploit::Remote [ ['CVE', '2013-0758'], # navigate a frame to a chrome:// URL ['CVE', '2013-0757'], # bypass Chrome Object Wrapper to talk to chrome:// + ['OSVDB', '89019'], # maps to CVE 2013-0757 + ['OSVDB', '89020'], # maps to CVE 2013-0758 ['URL', 'http://www.mozilla.org/security/announce/2013/mfsa2013-15.html'], ['URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=813906'] ], diff --git a/modules/exploits/multi/browser/itms_overflow.rb b/modules/exploits/multi/browser/itms_overflow.rb index 9ad49e0fed..9faaab409d 100644 --- a/modules/exploits/multi/browser/itms_overflow.rb +++ b/modules/exploits/multi/browser/itms_overflow.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-0950' ], + [ 'OSVDB', '54833' ], [ 'URL', 'http://support.apple.com/kb/HT3592' ], [ 'URL', 'http://redpig.dataspill.org/2009/05/drive-by-attack-for-itunes-811.html' ] ], diff --git a/modules/exploits/multi/browser/java_atomicreferencearray.rb b/modules/exploits/multi/browser/java_atomicreferencearray.rb index f4128a5d50..2efbc2544a 100644 --- a/modules/exploits/multi/browser/java_atomicreferencearray.rb +++ b/modules/exploits/multi/browser/java_atomicreferencearray.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-0507'], + ['OSVDB', '80724'], ['BID', '52161'], ['URL', 'http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3'], ['URL', 'http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx'], diff --git a/modules/exploits/multi/browser/java_calendar_deserialize.rb b/modules/exploits/multi/browser/java_calendar_deserialize.rb index 83dd878619..7d91e8b864 100644 --- a/modules/exploits/multi/browser/java_calendar_deserialize.rb +++ b/modules/exploits/multi/browser/java_calendar_deserialize.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-5353' ], + [ 'OSVDB', '50500'], [ 'URL', 'http://slightlyrandombrokenthoughts.blogspot.com/2008/12/calendar-bug.html' ], [ 'URL', 'http://landonf.bikemonkey.org/code/macosx/CVE-2008-5353.20090519.html' ], [ 'URL', 'http://blog.cr0.org/2009/05/write-once-own-everyone.html' ] diff --git a/modules/exploits/multi/browser/java_getsoundbank_bof.rb b/modules/exploits/multi/browser/java_getsoundbank_bof.rb index af8c73e011..5f9427aae4 100644 --- a/modules/exploits/multi/browser/java_getsoundbank_bof.rb +++ b/modules/exploits/multi/browser/java_getsoundbank_bof.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3867' ], + [ 'OSVDB', '59711' ], [ 'BID', '36881' ], [ 'ZDI', '09-076' ] ], diff --git a/modules/exploits/multi/browser/java_jre17_driver_manager.rb b/modules/exploits/multi/browser/java_jre17_driver_manager.rb index ce250ff120..8c68bb3eeb 100644 --- a/modules/exploits/multi/browser/java_jre17_driver_manager.rb +++ b/modules/exploits/multi/browser/java_jre17_driver_manager.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-1488' ], + [ 'OSVDB', '91472' ], [ 'BID', '58504' ], [ 'URL', 'http://www.contextis.com/research/blog/java-pwn2own/' ], [ 'URL', 'http://immunityproducts.blogspot.com/2013/04/yet-another-java-security-warning-bypass.html' ], diff --git a/modules/exploits/multi/browser/java_jre17_exec.rb b/modules/exploits/multi/browser/java_jre17_exec.rb index 0ac8af3a14..b3a797e075 100644 --- a/modules/exploits/multi/browser/java_jre17_exec.rb +++ b/modules/exploits/multi/browser/java_jre17_exec.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-4681' ], + [ 'OSVDB', '84867' ], [ 'URL', 'http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html' ], [ 'URL', 'http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html' ], [ 'URL', 'http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/' ], diff --git a/modules/exploits/multi/browser/java_jre17_glassfish_averagerangestatisticimpl.rb b/modules/exploits/multi/browser/java_jre17_glassfish_averagerangestatisticimpl.rb index 103473b173..e0545f2e52 100644 --- a/modules/exploits/multi/browser/java_jre17_glassfish_averagerangestatisticimpl.rb +++ b/modules/exploits/multi/browser/java_jre17_glassfish_averagerangestatisticimpl.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-5076' ], + [ 'OSVDB', '86363' ], [ 'BID', '56054' ], [ 'URL', 'http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html' ], [ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5076' ], diff --git a/modules/exploits/multi/browser/java_jre17_jaxws.rb b/modules/exploits/multi/browser/java_jre17_jaxws.rb index ef2e9f205c..5333aced38 100644 --- a/modules/exploits/multi/browser/java_jre17_jaxws.rb +++ b/modules/exploits/multi/browser/java_jre17_jaxws.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-5076' ], + [ 'OSVDB', '86363' ], [ 'BID', '56054' ], [ 'URL', 'http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html' ], [ 'URL', 'http://malware.dontneedcoffee.com/2012/11/cool-ek-hello-my-friend-cve-2012-5067.html' ], diff --git a/modules/exploits/multi/browser/java_jre17_jmxbean.rb b/modules/exploits/multi/browser/java_jre17_jmxbean.rb index 7848347b35..ce12144e5f 100644 --- a/modules/exploits/multi/browser/java_jre17_jmxbean.rb +++ b/modules/exploits/multi/browser/java_jre17_jmxbean.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-0422' ], + [ 'OSVDB', '89059' ], [ 'US-CERT-VU', '625617' ], [ 'URL', 'http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html' ], [ 'URL', 'http://labs.alienvault.com/labs/index.php/2013/new-year-new-java-zeroday/' ], diff --git a/modules/exploits/multi/browser/java_jre17_jmxbean_2.rb b/modules/exploits/multi/browser/java_jre17_jmxbean_2.rb index 95ba067d8d..1902a0eb83 100644 --- a/modules/exploits/multi/browser/java_jre17_jmxbean_2.rb +++ b/modules/exploits/multi/browser/java_jre17_jmxbean_2.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-0431' ], + [ 'OSVDB', '89613' ], [ 'BID', '57726' ], [ 'URL', 'http://www.security-explorations.com/materials/SE-2012-01-ORACLE-8.pdf' ], [ 'URL', 'http://www.security-explorations.com/materials/SE-2012-01-ORACLE-9.pdf' ], diff --git a/modules/exploits/multi/browser/java_jre17_method_handle.rb b/modules/exploits/multi/browser/java_jre17_method_handle.rb index e649f6c0da..1bbea0f9c8 100644 --- a/modules/exploits/multi/browser/java_jre17_method_handle.rb +++ b/modules/exploits/multi/browser/java_jre17_method_handle.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-5088' ], + [ 'OSVDB', '86352' ], [ 'BID', '56057' ], [ 'URL', 'http://www.security-explorations.com/materials/SE-2012-01-ORACLE-5.pdf' ], [ 'URL', 'http://www.security-explorations.com/materials/se-2012-01-report.pdf' ] diff --git a/modules/exploits/multi/browser/java_jre17_provider_skeleton.rb b/modules/exploits/multi/browser/java_jre17_provider_skeleton.rb index 494147cd7f..32da73a192 100644 --- a/modules/exploits/multi/browser/java_jre17_provider_skeleton.rb +++ b/modules/exploits/multi/browser/java_jre17_provider_skeleton.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-2460' ], + [ 'OSVDB', '94346' ], [ 'URL', 'http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html'], [ 'URL', 'http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/160cde99bb1a' ], [ 'URL', 'http://www.security-explorations.com/materials/SE-2012-01-ORACLE-12.pdf' ], diff --git a/modules/exploits/multi/browser/java_jre17_reflection_types.rb b/modules/exploits/multi/browser/java_jre17_reflection_types.rb index df1f592143..b3852a2629 100644 --- a/modules/exploits/multi/browser/java_jre17_reflection_types.rb +++ b/modules/exploits/multi/browser/java_jre17_reflection_types.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-2423' ], + [ 'OSVDB', '92348' ], [ 'BID', '59162' ], [ 'URL', 'http://weblog.ikvm.net/PermaLink.aspx?guid=acd2dd6d-1028-4996-95df-efa42ac237f0' ], [ 'URL', 'http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html' ], diff --git a/modules/exploits/multi/browser/java_rhino.rb b/modules/exploits/multi/browser/java_rhino.rb index cc53075048..5577bb5818 100644 --- a/modules/exploits/multi/browser/java_rhino.rb +++ b/modules/exploits/multi/browser/java_rhino.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-3544' ], + [ 'OSVDB', '76500' ], [ 'ZDI', '11-305' ], [ 'URL', 'http://schierlm.users.sourceforge.net/CVE-2011-3544.html' ], ], diff --git a/modules/exploits/multi/browser/java_rmi_connection_impl.rb b/modules/exploits/multi/browser/java_rmi_connection_impl.rb index 48389ad896..5ae6062ed0 100644 --- a/modules/exploits/multi/browser/java_rmi_connection_impl.rb +++ b/modules/exploits/multi/browser/java_rmi_connection_impl.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0094' ], + [ 'OSVDB', '63484' ], [ 'URL', 'http://slightlyrandombrokenthoughts.blogspot.com/2010/04/java-rmiconnectionimpl-deserialization.html' ], ], 'Platform' => [ 'java' ], diff --git a/modules/exploits/multi/browser/java_setdifficm_bof.rb b/modules/exploits/multi/browser/java_setdifficm_bof.rb index c74d89910c..290c212685 100644 --- a/modules/exploits/multi/browser/java_setdifficm_bof.rb +++ b/modules/exploits/multi/browser/java_setdifficm_bof.rb @@ -39,6 +39,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3869' ], + [ 'OSVDB', '59710' ], [ 'BID', '36881' ], [ 'ZDI', '09-078' ] ], diff --git a/modules/exploits/multi/browser/java_storeimagearray.rb b/modules/exploits/multi/browser/java_storeimagearray.rb index 1384cb5f69..68fb323109 100644 --- a/modules/exploits/multi/browser/java_storeimagearray.rb +++ b/modules/exploits/multi/browser/java_storeimagearray.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-2465' ], + [ 'OSVDB', '96269' ], [ 'EDB', '27526' ], [ 'PACKETSTORM', '122777' ], [ 'URL', 'http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040' ] diff --git a/modules/exploits/multi/browser/java_trusted_chain.rb b/modules/exploits/multi/browser/java_trusted_chain.rb index 696154112f..fb54d99100 100644 --- a/modules/exploits/multi/browser/java_trusted_chain.rb +++ b/modules/exploits/multi/browser/java_trusted_chain.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0840' ], + [ 'OSVDB', '63483' ], [ 'URL', 'http://slightlyrandombrokenthoughts.blogspot.com/2010/04/java-trusted-method-chaining-cve-2010.html' ], ], 'Platform' => %w{ java linux win }, diff --git a/modules/exploits/multi/browser/java_verifier_field_access.rb b/modules/exploits/multi/browser/java_verifier_field_access.rb index 89edd793db..644ecbf818 100644 --- a/modules/exploits/multi/browser/java_verifier_field_access.rb +++ b/modules/exploits/multi/browser/java_verifier_field_access.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-1723'], + ['OSVDB', '82877'], ['BID', '52161'], ['URL', 'http://schierlm.users.sourceforge.net/CVE-2012-1723.html'], ['URL', 'http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html'], diff --git a/modules/exploits/multi/browser/mozilla_compareto.rb b/modules/exploits/multi/browser/mozilla_compareto.rb index 4bfd9e3721..a0781321ae 100644 --- a/modules/exploits/multi/browser/mozilla_compareto.rb +++ b/modules/exploits/multi/browser/mozilla_compareto.rb @@ -39,6 +39,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-2265'], + ['OSVDB', '17968'], ['BID', '14242'], ['URL', 'http://www.mozilla.org/security/announce/mfsa2005-50.html'], ], diff --git a/modules/exploits/multi/browser/mozilla_navigatorjava.rb b/modules/exploits/multi/browser/mozilla_navigatorjava.rb index 6ae4f882c1..e2b148f5c9 100644 --- a/modules/exploits/multi/browser/mozilla_navigatorjava.rb +++ b/modules/exploits/multi/browser/mozilla_navigatorjava.rb @@ -39,6 +39,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-3677'], + ['OSVDB', '27559'], ['BID', '19192'], ['URL', 'http://www.mozilla.org/security/announce/mfsa2006-45.html'] ], diff --git a/modules/exploits/multi/browser/opera_configoverwrite.rb b/modules/exploits/multi/browser/opera_configoverwrite.rb index 25defd4efb..74045adbdd 100644 --- a/modules/exploits/multi/browser/opera_configoverwrite.rb +++ b/modules/exploits/multi/browser/opera_configoverwrite.rb @@ -37,6 +37,10 @@ class MetasploitModule < Msf::Exploit::Remote [ 'egypt', # stolen from mpack ], + 'References' => + [ + [ 'OSVDB', '66472'], + ], 'Payload' => { 'EXITFUNC' => 'process', diff --git a/modules/exploits/multi/browser/opera_historysearch.rb b/modules/exploits/multi/browser/opera_historysearch.rb index f00e2b12ad..e04ac98519 100644 --- a/modules/exploits/multi/browser/opera_historysearch.rb +++ b/modules/exploits/multi/browser/opera_historysearch.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2008-4696'], + ['OSVDB', '49472'], ['BID', '31869'], ['URL', 'http://www.opera.com/support/kb/view/903/'], ], diff --git a/modules/exploits/multi/browser/qtjava_pointer.rb b/modules/exploits/multi/browser/qtjava_pointer.rb index 9f17d52ab9..e23c60c516 100644 --- a/modules/exploits/multi/browser/qtjava_pointer.rb +++ b/modules/exploits/multi/browser/qtjava_pointer.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-2175'], + ['OSVDB', '34178'], ['BID', '23608'], ['ZDI', '07-023'], ], diff --git a/modules/exploits/multi/elasticsearch/script_mvel_rce.rb b/modules/exploits/multi/elasticsearch/script_mvel_rce.rb index 6d11cea449..726953c360 100644 --- a/modules/exploits/multi/elasticsearch/script_mvel_rce.rb +++ b/modules/exploits/multi/elasticsearch/script_mvel_rce.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2014-3120'], + ['OSVDB', '106949'], ['EDB', '33370'], ['URL', 'http://bouk.co/blog/elasticsearch-rce/'], ['URL', 'https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch'] diff --git a/modules/exploits/multi/fileformat/adobe_u3d_meshcont.rb b/modules/exploits/multi/fileformat/adobe_u3d_meshcont.rb index 52e6b11cdf..2aa31da111 100644 --- a/modules/exploits/multi/fileformat/adobe_u3d_meshcont.rb +++ b/modules/exploits/multi/fileformat/adobe_u3d_meshcont.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-2990' ], + [ 'OSVDB', '58920' ], [ 'BID', '36665' ], [ 'URL', 'http://sites.google.com/site/felipeandresmanzano/' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb09-15.html' ] diff --git a/modules/exploits/multi/fileformat/maple_maplet.rb b/modules/exploits/multi/fileformat/maple_maplet.rb index a299b04a68..bc14a88c60 100644 --- a/modules/exploits/multi/fileformat/maple_maplet.rb +++ b/modules/exploits/multi/fileformat/maple_maplet.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '64541'], [ 'URL', 'http://www.maplesoft.com/products/maple/' ] ], 'Payload' => diff --git a/modules/exploits/multi/fileformat/nodejs_js_yaml_load_code_exec.rb b/modules/exploits/multi/fileformat/nodejs_js_yaml_load_code_exec.rb index dbf239f068..920ca81f2c 100644 --- a/modules/exploits/multi/fileformat/nodejs_js_yaml_load_code_exec.rb +++ b/modules/exploits/multi/fileformat/nodejs_js_yaml_load_code_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2013-4660'], + ['OSVDB', '94656'], ['BID', '60867'], ['URL', 'https://nealpoole.com/blog/2013/06/code-execution-via-yaml-in-js-yaml-nodejs-module/'] ], diff --git a/modules/exploits/multi/fileformat/peazip_command_injection.rb b/modules/exploits/multi/fileformat/peazip_command_injection.rb index 9873d9879a..7c92f18163 100644 --- a/modules/exploits/multi/fileformat/peazip_command_injection.rb +++ b/modules/exploits/multi/fileformat/peazip_command_injection.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-2261' ], + [ 'OSVDB', '54966' ], [ 'URL', 'http://peazip.sourceforge.net/' ], [ 'EDB', '8881' ] ], diff --git a/modules/exploits/multi/ftp/pureftpd_bash_env_exec.rb b/modules/exploits/multi/ftp/pureftpd_bash_env_exec.rb index c75df17e8e..baf8345adb 100644 --- a/modules/exploits/multi/ftp/pureftpd_bash_env_exec.rb +++ b/modules/exploits/multi/ftp/pureftpd_bash_env_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['CVE', '2014-6271'], ['CWE', '94'], + ['OSVDB', '112004'], ['EDB', '34765'], ['URL', 'https://gist.github.com/jedisct1/88c62ee34e6fa92c31dc'], ['URL', 'http://download.pureftpd.org/pub/pure-ftpd/doc/README.Authentication-Modules'] diff --git a/modules/exploits/multi/ftp/wuftpd_site_exec_format.rb b/modules/exploits/multi/ftp/wuftpd_site_exec_format.rb index 524ed3d72f..a9d22c9429 100644 --- a/modules/exploits/multi/ftp/wuftpd_site_exec_format.rb +++ b/modules/exploits/multi/ftp/wuftpd_site_exec_format.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2000-0573'], + ['OSVDB', '11805'], ['BID', '1387'] ], 'DefaultOptions' => diff --git a/modules/exploits/multi/http/activecollab_chat.rb b/modules/exploits/multi/http/activecollab_chat.rb index 6116909d4d..c7e6129b76 100644 --- a/modules/exploits/multi/http/activecollab_chat.rb +++ b/modules/exploits/multi/http/activecollab_chat.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-6554'], + ['OSVDB', '81966'], ['URL', 'http://www.activecollab.com/downloads/category/4/package/62/releases'], ], 'Privileged' => false, diff --git a/modules/exploits/multi/http/ajaxplorer_checkinstall_exec.rb b/modules/exploits/multi/http/ajaxplorer_checkinstall_exec.rb index 9bd9e693de..bc94a338b3 100644 --- a/modules/exploits/multi/http/ajaxplorer_checkinstall_exec.rb +++ b/modules/exploits/multi/http/ajaxplorer_checkinstall_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '63552' ], [ 'BID', '39334' ] ], 'Privileged' => false, diff --git a/modules/exploits/multi/http/apache_mod_cgi_bash_env_exec.rb b/modules/exploits/multi/http/apache_mod_cgi_bash_env_exec.rb index abc08ddaaa..9be7e7fffd 100644 --- a/modules/exploits/multi/http/apache_mod_cgi_bash_env_exec.rb +++ b/modules/exploits/multi/http/apache_mod_cgi_bash_env_exec.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote ['CVE', '2014-6271'], ['CVE', '2014-6278'], ['CWE', '94'], + ['OSVDB', '112004'], ['EDB', '34765'], ['URL', 'https://access.redhat.com/articles/1200223'], ['URL', 'http://seclists.org/oss-sec/2014/q3/649'] diff --git a/modules/exploits/multi/http/apprain_upload_exec.rb b/modules/exploits/multi/http/apprain_upload_exec.rb index f26da689a4..0ca04d25f8 100644 --- a/modules/exploits/multi/http/apprain_upload_exec.rb +++ b/modules/exploits/multi/http/apprain_upload_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-1153'], + ['OSVDB', '78473'], ['EDB', '18392'], ['BID', '51576'] ], diff --git a/modules/exploits/multi/http/auxilium_upload_exec.rb b/modules/exploits/multi/http/auxilium_upload_exec.rb index ac738e8608..392ffc6c62 100644 --- a/modules/exploits/multi/http/auxilium_upload_exec.rb +++ b/modules/exploits/multi/http/auxilium_upload_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '85554'], ['EDB', '21329'] ], 'Payload' => diff --git a/modules/exploits/multi/http/axis2_deployer.rb b/modules/exploits/multi/http/axis2_deployer.rb index c768c0d217..762484a328 100644 --- a/modules/exploits/multi/http/axis2_deployer.rb +++ b/modules/exploits/multi/http/axis2_deployer.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote [ 'URL', 'http://www.rapid7.com/security-center/advisories/R7-0037.jsp' ], [ 'URL', 'http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf' ], [ 'CVE', '2010-0219' ], + [ 'OSVDB', '68662' ] ], 'Platform' => %w{ java linux win }, # others? 'Targets' => diff --git a/modules/exploits/multi/http/cisco_dcnm_upload.rb b/modules/exploits/multi/http/cisco_dcnm_upload.rb index 056fe7806c..78267b571c 100644 --- a/modules/exploits/multi/http/cisco_dcnm_upload.rb +++ b/modules/exploits/multi/http/cisco_dcnm_upload.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-5486'], + [ 'OSVDB', '97426' ], [ 'ZDI', '13-254' ], [ 'URL', 'http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-dcnm' ] ], diff --git a/modules/exploits/multi/http/cups_bash_env_exec.rb b/modules/exploits/multi/http/cups_bash_env_exec.rb index a2d376e42e..c8d35b9342 100644 --- a/modules/exploits/multi/http/cups_bash_env_exec.rb +++ b/modules/exploits/multi/http/cups_bash_env_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ['CVE', '2014-6271'], ['CVE', '2014-6278'], ['CWE', '94'], + ['OSVDB', '112004'], ['EDB', '34765'], ['URL', 'https://access.redhat.com/articles/1200223'], ['URL', 'http://seclists.org/oss-sec/2014/q3/649'] diff --git a/modules/exploits/multi/http/cuteflow_upload_exec.rb b/modules/exploits/multi/http/cuteflow_upload_exec.rb index 56c23c9daf..1775c6d41c 100644 --- a/modules/exploits/multi/http/cuteflow_upload_exec.rb +++ b/modules/exploits/multi/http/cuteflow_upload_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['URL', 'http://itsecuritysolutions.org/2012-07-01-CuteFlow-2.11.2-multiple-security-vulnerabilities/'], + ['OSVDB', '84829'], #['EDB', ''], ], 'Payload' => diff --git a/modules/exploits/multi/http/eaton_nsm_code_exec.rb b/modules/exploits/multi/http/eaton_nsm_code_exec.rb index 1cdf0ab7ab..aa9ea2ce7f 100644 --- a/modules/exploits/multi/http/eaton_nsm_code_exec.rb +++ b/modules/exploits/multi/http/eaton_nsm_code_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '83199'], ['URL', 'http://secunia.com/advisories/49103/'] ], 'Payload' => diff --git a/modules/exploits/multi/http/eventlog_file_upload.rb b/modules/exploits/multi/http/eventlog_file_upload.rb index f5b5f41af9..442cb13d75 100644 --- a/modules/exploits/multi/http/eventlog_file_upload.rb +++ b/modules/exploits/multi/http/eventlog_file_upload.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2014-6037' ], + [ 'OSVDB', '110642' ], [ 'URL', 'https://www.mogwaisecurity.de/advisories/MSA-2014-01.txt' ], [ 'URL', 'http://seclists.org/fulldisclosure/2014/Aug/86' ] ], diff --git a/modules/exploits/multi/http/extplorer_upload_exec.rb b/modules/exploits/multi/http/extplorer_upload_exec.rb index 63efc20155..a9208b1b86 100644 --- a/modules/exploits/multi/http/extplorer_upload_exec.rb +++ b/modules/exploits/multi/http/extplorer_upload_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '88751' ], [ 'BID', '57058' ], [ 'URL', 'http://itsecuritysolutions.org/2012-12-31-eXtplorer-v2.1-authentication-bypass-vulnerability' ], [ 'URL', 'http://extplorer.net/issues/105' ] diff --git a/modules/exploits/multi/http/familycms_less_exec.rb b/modules/exploits/multi/http/familycms_less_exec.rb index 4280509236..47fa520192 100644 --- a/modules/exploits/multi/http/familycms_less_exec.rb +++ b/modules/exploits/multi/http/familycms_less_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-5130' ], + [ 'OSVDB', '77492' ], [ 'URL', 'https://www.familycms.com/blog/2011/11/security-vulnerability-fcms-2-5-2-7-1/' ], [ 'URL', 'http://sourceforge.net/apps/trac/fam-connections/ticket/407' ], [ 'URL', 'http://rwx.biz.nf/advisories/fc_cms_rce_adv.html' ], diff --git a/modules/exploits/multi/http/freenas_exec_raw.rb b/modules/exploits/multi/http/freenas_exec_raw.rb index 1779c5a8fa..0911ea8a47 100644 --- a/modules/exploits/multi/http/freenas_exec_raw.rb +++ b/modules/exploits/multi/http/freenas_exec_raw.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '94441' ], [ 'URL', 'http://sourceforge.net/projects/freenas/files/stable/0.7.2/NOTES%200.7.2.5543.txt/download' ] ], 'Payload' => diff --git a/modules/exploits/multi/http/gitorious_graph.rb b/modules/exploits/multi/http/gitorious_graph.rb index 2d618897f5..aa70e5f6ce 100644 --- a/modules/exploits/multi/http/gitorious_graph.rb +++ b/modules/exploits/multi/http/gitorious_graph.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '78480' ], [ 'URL', 'http://gitorious.org/gitorious/mainline/commit/647aed91a4dc72e88a27476948dfbacd5d0bf7ce' ] ], 'Privileged' => false, diff --git a/modules/exploits/multi/http/glassfish_deployer.rb b/modules/exploits/multi/http/glassfish_deployer.rb index e8b4f54fed..dadd0efdc8 100644 --- a/modules/exploits/multi/http/glassfish_deployer.rb +++ b/modules/exploits/multi/http/glassfish_deployer.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-0807'], + ['OSVDB', '71948'] ], 'Platform' => ['win', 'linux', 'java'], 'Targets' => diff --git a/modules/exploits/multi/http/glossword_upload_exec.rb b/modules/exploits/multi/http/glossword_upload_exec.rb index 3de8eb7e91..1894ddd170 100644 --- a/modules/exploits/multi/http/glossword_upload_exec.rb +++ b/modules/exploits/multi/http/glossword_upload_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'EDB', '24456' ], + [ 'OSVDB', '89960' ] ], 'Platform' => 'php', 'Arch' => ARCH_PHP, diff --git a/modules/exploits/multi/http/horde_href_backdoor.rb b/modules/exploits/multi/http/horde_href_backdoor.rb index 687cb91050..49ef2be08b 100644 --- a/modules/exploits/multi/http/horde_href_backdoor.rb +++ b/modules/exploits/multi/http/horde_href_backdoor.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0209'], + [ 'OSVDB', '79246'], [ 'EDB', '18492'], [ 'URL', 'http://dev.horde.org/h/jonah/stories/view.php?channel_id=1&id=155' ], [ 'URL', 'http://eromang.zataz.com/2012/02/15/cve-2012-0209-horde-backdoor-analysis/' ] diff --git a/modules/exploits/multi/http/hp_sitescope_issuesiebelcmd.rb b/modules/exploits/multi/http/hp_sitescope_issuesiebelcmd.rb index 4e9f3bf585..bc8becf8b6 100644 --- a/modules/exploits/multi/http/hp_sitescope_issuesiebelcmd.rb +++ b/modules/exploits/multi/http/hp_sitescope_issuesiebelcmd.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-4835'], + [ 'OSVDB', '99230' ], [ 'BID', '63478' ], [ 'ZDI', '13-263' ] ], diff --git a/modules/exploits/multi/http/hp_sitescope_uploadfileshandler.rb b/modules/exploits/multi/http/hp_sitescope_uploadfileshandler.rb index 889e45fee8..275271580a 100644 --- a/modules/exploits/multi/http/hp_sitescope_uploadfileshandler.rb +++ b/modules/exploits/multi/http/hp_sitescope_uploadfileshandler.rb @@ -33,6 +33,8 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '85121' ], + [ 'OSVDB', '85151' ], [ 'BID', '55269' ], [ 'BID', '55273' ], [ 'ZDI', '12-174' ], diff --git a/modules/exploits/multi/http/hp_sys_mgmt_exec.rb b/modules/exploits/multi/http/hp_sys_mgmt_exec.rb index 74d19a131c..5ff5bc1d27 100644 --- a/modules/exploits/multi/http/hp_sys_mgmt_exec.rb +++ b/modules/exploits/multi/http/hp_sys_mgmt_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2013-3576'], + ['OSVDB', '94191'], ['US-CERT-VU', '735364'] ], 'DefaultOptions' => diff --git a/modules/exploits/multi/http/jboss_bshdeployer.rb b/modules/exploits/multi/http/jboss_bshdeployer.rb index 6399b74bd5..bfe151d892 100644 --- a/modules/exploits/multi/http/jboss_bshdeployer.rb +++ b/modules/exploits/multi/http/jboss_bshdeployer.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0738' ], # using a VERB other than GET/POST + [ 'OSVDB', '64171' ], [ 'URL', 'http://www.redteam-pentesting.de/publications/jboss' ], [ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=574105' ], ], diff --git a/modules/exploits/multi/http/jboss_deploymentfilerepository.rb b/modules/exploits/multi/http/jboss_deploymentfilerepository.rb index 0f9a6bc4ec..e3ddeb488b 100644 --- a/modules/exploits/multi/http/jboss_deploymentfilerepository.rb +++ b/modules/exploits/multi/http/jboss_deploymentfilerepository.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0738' ], # by using VERB other than GET/POST + [ 'OSVDB', '64171' ], [ 'URL', 'http://www.redteam-pentesting.de/publications/jboss' ], [ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=574105' ], ], diff --git a/modules/exploits/multi/http/jboss_invoke_deploy.rb b/modules/exploits/multi/http/jboss_invoke_deploy.rb index 9808c4a690..c5380c9318 100644 --- a/modules/exploits/multi/http/jboss_invoke_deploy.rb +++ b/modules/exploits/multi/http/jboss_invoke_deploy.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-1036' ], + [ 'OSVDB', '33744' ], [ 'URL', 'http://www.redteam-pentesting.de/publications/jboss' ], ], 'DisclosureDate' => 'Feb 20 2007', diff --git a/modules/exploits/multi/http/jboss_maindeployer.rb b/modules/exploits/multi/http/jboss_maindeployer.rb index a983b8c3f3..50f2944360 100644 --- a/modules/exploits/multi/http/jboss_maindeployer.rb +++ b/modules/exploits/multi/http/jboss_maindeployer.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2007-1036' ], [ 'CVE', '2010-0738' ], # by using VERB other than GET/POST + [ 'OSVDB', '33744' ], [ 'URL', 'http://www.redteam-pentesting.de/publications/jboss' ], [ 'URL', 'https://bugzilla.redhat.com/show_bug.cgi?id=574105' ], #For CVE-2010-0738 ], diff --git a/modules/exploits/multi/http/kordil_edms_upload_exec.rb b/modules/exploits/multi/http/kordil_edms_upload_exec.rb index 04d35a77cb..cbbf4c166a 100644 --- a/modules/exploits/multi/http/kordil_edms_upload_exec.rb +++ b/modules/exploits/multi/http/kordil_edms_upload_exec.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '90645'], ['EDB', '24547'], ], 'Platform' => 'php', diff --git a/modules/exploits/multi/http/lcms_php_exec.rb b/modules/exploits/multi/http/lcms_php_exec.rb index 90382d4609..45aba792cc 100644 --- a/modules/exploits/multi/http/lcms_php_exec.rb +++ b/modules/exploits/multi/http/lcms_php_exec.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '75095' ], [ 'URL', 'http://secunia.com/secunia_research/2011-21/' ] ], 'Payload' => diff --git a/modules/exploits/multi/http/log1cms_ajax_create_folder.rb b/modules/exploits/multi/http/log1cms_ajax_create_folder.rb index dda73f1108..dac6cb7080 100644 --- a/modules/exploits/multi/http/log1cms_ajax_create_folder.rb +++ b/modules/exploits/multi/http/log1cms_ajax_create_folder.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-4825'], + ['OSVDB', '76928'], ['EDB', '18075'], #Egix's advisory ['EDB', '18151'] #Adel's ], diff --git a/modules/exploits/multi/http/manage_engine_dc_pmp_sqli.rb b/modules/exploits/multi/http/manage_engine_dc_pmp_sqli.rb index 9af3e0e20d..930d4b482a 100644 --- a/modules/exploits/multi/http/manage_engine_dc_pmp_sqli.rb +++ b/modules/exploits/multi/http/manage_engine_dc_pmp_sqli.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2014-3996' ], + [ 'OSVDB', '110198' ], [ 'URL', 'http://seclists.org/fulldisclosure/2014/Aug/55' ] ], 'Arch' => ARCH_X86, diff --git a/modules/exploits/multi/http/manageengine_auth_upload.rb b/modules/exploits/multi/http/manageengine_auth_upload.rb index b560649722..40cf9be0dd 100644 --- a/modules/exploits/multi/http/manageengine_auth_upload.rb +++ b/modules/exploits/multi/http/manageengine_auth_upload.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2014-5301'], + ['OSVDB', '116733'], ['URL', 'http://seclists.org/fulldisclosure/2015/Jan/5'] ], 'DefaultOptions' => { 'WfsDelay' => 30 }, diff --git a/modules/exploits/multi/http/manageengine_search_sqli.rb b/modules/exploits/multi/http/manageengine_search_sqli.rb index 49234aaa19..cfc0508c60 100644 --- a/modules/exploits/multi/http/manageengine_search_sqli.rb +++ b/modules/exploits/multi/http/manageengine_search_sqli.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '86562'], ['EDB','22094'], ['BID', '56138'] ], diff --git a/modules/exploits/multi/http/mediawiki_thumb.rb b/modules/exploits/multi/http/mediawiki_thumb.rb index 1fa4201907..c42d61c2cf 100644 --- a/modules/exploits/multi/http/mediawiki_thumb.rb +++ b/modules/exploits/multi/http/mediawiki_thumb.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2014-1610' ], + [ 'OSVDB', '102630'], [ 'URL', 'http://www.checkpoint.com/threatcloud-central/articles/2014-01-28-tc-researchers-discover.html' ], [ 'URL', 'https://bugzilla.wikimedia.org/show_bug.cgi?id=60339' ] ], diff --git a/modules/exploits/multi/http/mobilecartly_upload_exec.rb b/modules/exploits/multi/http/mobilecartly_upload_exec.rb index ea230f296d..5b37159161 100644 --- a/modules/exploits/multi/http/mobilecartly_upload_exec.rb +++ b/modules/exploits/multi/http/mobilecartly_upload_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '85509' ], [ 'EDB', '20422 '], [ 'BID', '55399 '] ], diff --git a/modules/exploits/multi/http/movabletype_upgrade_exec.rb b/modules/exploits/multi/http/movabletype_upgrade_exec.rb index da793874a3..ec129c1f43 100644 --- a/modules/exploits/multi/http/movabletype_upgrade_exec.rb +++ b/modules/exploits/multi/http/movabletype_upgrade_exec.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2012-6315' ], # superseded by CVE-2013-0209 (duplicate) [ 'CVE', '2013-0209' ], + [ 'OSVDB', '89322' ], [ 'URL', 'http://www.sec-1.com/blog/?p=402' ], [ 'URL', 'http://www.movabletype.org/2013/01/movable_type_438_patch.html' ] ], diff --git a/modules/exploits/multi/http/mutiny_subnetmask_exec.rb b/modules/exploits/multi/http/mutiny_subnetmask_exec.rb index b50bb00be0..8dee91cb69 100644 --- a/modules/exploits/multi/http/mutiny_subnetmask_exec.rb +++ b/modules/exploits/multi/http/mutiny_subnetmask_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-3001'], + ['OSVDB', '86570'], ['BID', '56165'], ['US-CERT-VU', '841851'], ['URL', 'http://obscuresecurity.blogspot.com.es/2012/10/mutiny-command-injection-and-cve-2012.html'] diff --git a/modules/exploits/multi/http/netwin_surgeftp_exec.rb b/modules/exploits/multi/http/netwin_surgeftp_exec.rb index dbca039e40..117e37cc8b 100644 --- a/modules/exploits/multi/http/netwin_surgeftp_exec.rb +++ b/modules/exploits/multi/http/netwin_surgeftp_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '89105' ], [ 'EDB', '23522' ] ], 'Platform' => %w{ win unix }, diff --git a/modules/exploits/multi/http/op5_license.rb b/modules/exploits/multi/http/op5_license.rb index cae7a2d021..646a6d6b59 100644 --- a/modules/exploits/multi/http/op5_license.rb +++ b/modules/exploits/multi/http/op5_license.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-0261'], + ['OSVDB', '78064'], ['URL', 'http://secunia.com/advisories/47417/'], ], 'Privileged' => true, diff --git a/modules/exploits/multi/http/op5_welcome.rb b/modules/exploits/multi/http/op5_welcome.rb index 988d712045..d8a570bf4c 100644 --- a/modules/exploits/multi/http/op5_welcome.rb +++ b/modules/exploits/multi/http/op5_welcome.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-0262'], + ['OSVDB', '78065'], ['URL', 'http://secunia.com/advisories/47417/'], ], 'Privileged' => true, diff --git a/modules/exploits/multi/http/openfire_auth_bypass.rb b/modules/exploits/multi/http/openfire_auth_bypass.rb index 2f74981ee8..e12572648c 100644 --- a/modules/exploits/multi/http/openfire_auth_bypass.rb +++ b/modules/exploits/multi/http/openfire_auth_bypass.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-6508' ], + [ 'OSVDB', '49663' ], [ 'BID', '32189' ], [ 'EDB', '7075' ], [ 'URL', 'http://community.igniterealtime.org/thread/35874' ] diff --git a/modules/exploits/multi/http/openx_backdoor_php.rb b/modules/exploits/multi/http/openx_backdoor_php.rb index 994beafbef..0fd826a77b 100644 --- a/modules/exploits/multi/http/openx_backdoor_php.rb +++ b/modules/exploits/multi/http/openx_backdoor_php.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ [ 'CVE', '2013-4211' ], + [ 'OSVDB', '96073' ], [ 'URL', 'http://www.heise.de/security/meldung/Achtung-Anzeigen-Server-OpenX-enthaelt-eine-Hintertuer-1929769.html'], [ 'URL', 'http://forum.openx.org/index.php?showtopic=503521628'], ], diff --git a/modules/exploits/multi/http/opmanager_socialit_file_upload.rb b/modules/exploits/multi/http/opmanager_socialit_file_upload.rb index 7657d51b71..2b1876fd2f 100644 --- a/modules/exploits/multi/http/opmanager_socialit_file_upload.rb +++ b/modules/exploits/multi/http/opmanager_socialit_file_upload.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2014-6034' ], + [ 'OSVDB', '112276' ], [ 'URL', 'http://seclists.org/fulldisclosure/2014/Sep/110' ] ], 'Privileged' => true, diff --git a/modules/exploits/multi/http/oracle_reports_rce.rb b/modules/exploits/multi/http/oracle_reports_rce.rb index b7ae6e8e2d..4b8bf6c40b 100644 --- a/modules/exploits/multi/http/oracle_reports_rce.rb +++ b/modules/exploits/multi/http/oracle_reports_rce.rb @@ -39,6 +39,8 @@ class MetasploitModule < Msf::Exploit::Remote [ [ "CVE", "2012-3152" ], [ "CVE", "2012-3153" ], + [ "OSVDB", "86395" ], # Matches CVE-2012-3152 + [ "OSVDB", "86394" ], # Matches CVE-2012-3153 [ "EDB", "31253" ] ], 'Stance' => Msf::Exploit::Stance::Aggressive, diff --git a/modules/exploits/multi/http/pandora_upload_exec.rb b/modules/exploits/multi/http/pandora_upload_exec.rb index bb758c2b97..21e9ab5a64 100644 --- a/modules/exploits/multi/http/pandora_upload_exec.rb +++ b/modules/exploits/multi/http/pandora_upload_exec.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2010-4279'], + ['OSVDB', '69549'], ['BID', '45112'] ], 'Platform' => 'php', diff --git a/modules/exploits/multi/http/php_cgi_arg_injection.rb b/modules/exploits/multi/http/php_cgi_arg_injection.rb index 3153a00572..a5d142906b 100644 --- a/modules/exploits/multi/http/php_cgi_arg_injection.rb +++ b/modules/exploits/multi/http/php_cgi_arg_injection.rb @@ -34,6 +34,8 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ [ 'CVE', '2012-1823' ], + [ 'OSVDB', '81633'], + [ 'OSVDB', '93979'], [ 'EDB', '25986'], [ 'URL', 'http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/' ], [ 'URL', 'http://kb.parallels.com/en/116241'] diff --git a/modules/exploits/multi/http/php_volunteer_upload_exec.rb b/modules/exploits/multi/http/php_volunteer_upload_exec.rb index 748a2073bb..096812613d 100644 --- a/modules/exploits/multi/http/php_volunteer_upload_exec.rb +++ b/modules/exploits/multi/http/php_volunteer_upload_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '82391'], ['EDB', '18941'], ], 'Payload' => diff --git a/modules/exploits/multi/http/phpldapadmin_query_engine.rb b/modules/exploits/multi/http/phpldapadmin_query_engine.rb index e1f020b4f5..662214c355 100644 --- a/modules/exploits/multi/http/phpldapadmin_query_engine.rb +++ b/modules/exploits/multi/http/phpldapadmin_query_engine.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-4075'], + ['OSVDB', '76594'], ['BID', '50331'], ['EDB', '18021'] ], diff --git a/modules/exploits/multi/http/phpmyadmin_3522_backdoor.rb b/modules/exploits/multi/http/phpmyadmin_3522_backdoor.rb index d2ca307c3b..a540ab99c6 100644 --- a/modules/exploits/multi/http/phpmyadmin_3522_backdoor.rb +++ b/modules/exploits/multi/http/phpmyadmin_3522_backdoor.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-5159' ], + [ 'OSVDB', '85739' ], [ 'EDB', '21834' ], [ 'URL', 'http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php' ] ], diff --git a/modules/exploits/multi/http/phpmyadmin_preg_replace.rb b/modules/exploits/multi/http/phpmyadmin_preg_replace.rb index 2387522eb9..c2a6c602d5 100644 --- a/modules/exploits/multi/http/phpmyadmin_preg_replace.rb +++ b/modules/exploits/multi/http/phpmyadmin_preg_replace.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote [ 'PMASA', '2013-2'], [ 'waraxe', '2013-SA#103' ], [ 'EDB', '25003'], + [ 'OSVDB', '92793'], [ 'URL', 'http://www.waraxe.us/advisory-103.html' ], [ 'URL', 'http://www.phpmyadmin.net/home_page/security/PMASA-2013-2.php' ] ], diff --git a/modules/exploits/multi/http/phpscheduleit_start_date.rb b/modules/exploits/multi/http/phpscheduleit_start_date.rb index a4f17bec31..567b014c8c 100644 --- a/modules/exploits/multi/http/phpscheduleit_start_date.rb +++ b/modules/exploits/multi/http/phpscheduleit_start_date.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2008-6132'], + ['OSVDB', '48797'], ['BID', '31520'], ['EDB', '6646'], ], diff --git a/modules/exploits/multi/http/phptax_exec.rb b/modules/exploits/multi/http/phptax_exec.rb index f6c45bd2b1..b9d2ab419a 100644 --- a/modules/exploits/multi/http/phptax_exec.rb +++ b/modules/exploits/multi/http/phptax_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '86992'], ['EDB', '21665'] ], 'Payload' => diff --git a/modules/exploits/multi/http/phpwiki_ploticus_exec.rb b/modules/exploits/multi/http/phpwiki_ploticus_exec.rb index 2255d39e69..63d2cd6da9 100644 --- a/modules/exploits/multi/http/phpwiki_ploticus_exec.rb +++ b/modules/exploits/multi/http/phpwiki_ploticus_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2014-5519' ], + [ 'OSVDB', '110576' ], [ 'EDB', '34451'], [ 'URL', 'https://sourceforge.net/p/phpwiki/code/8974/?page=1' ], # This commit prevents exploitation [ 'URL', 'http://seclists.org/fulldisclosure/2014/Aug/77' ] # The day the vuln went public diff --git a/modules/exploits/multi/http/plone_popen2.rb b/modules/exploits/multi/http/plone_popen2.rb index 445c7b74a7..fddf70ee17 100644 --- a/modules/exploits/multi/http/plone_popen2.rb +++ b/modules/exploits/multi/http/plone_popen2.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-3587'], + ['OSVDB', '76105'], ['EDB', '18262'], ['URL', 'http://plone.org/products/plone/security/advisories/20110928'] ], diff --git a/modules/exploits/multi/http/pmwiki_pagelist.rb b/modules/exploits/multi/http/pmwiki_pagelist.rb index de6426357c..e0ddb9bc03 100644 --- a/modules/exploits/multi/http/pmwiki_pagelist.rb +++ b/modules/exploits/multi/http/pmwiki_pagelist.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['CVE', '2011-4453'], ['BID', '50776'], + ['OSVDB', '77261'], ['EDB', '18149'], ['URL', 'http://www.pmwiki.org/wiki/PITS/01271'] ], diff --git a/modules/exploits/multi/http/polarcms_upload_exec.rb b/modules/exploits/multi/http/polarcms_upload_exec.rb index 0bd483b784..68596ebef7 100644 --- a/modules/exploits/multi/http/polarcms_upload_exec.rb +++ b/modules/exploits/multi/http/polarcms_upload_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-0803' ], + [ 'OSVDB', '90627' ] ], 'Payload' => { diff --git a/modules/exploits/multi/http/processmaker_exec.rb b/modules/exploits/multi/http/processmaker_exec.rb index 56003f02a2..da859cb3f4 100644 --- a/modules/exploits/multi/http/processmaker_exec.rb +++ b/modules/exploits/multi/http/processmaker_exec.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => 'Brendan Coles ', 'References' => [ + ['OSVDB', '99199'], ['BID', '63411'], ['URL', 'http://bugs.processmaker.com/view.php?id=13436'] ], diff --git a/modules/exploits/multi/http/qdpm_upload_exec.rb b/modules/exploits/multi/http/qdpm_upload_exec.rb index 4bbc29d557..ff4b154ed1 100644 --- a/modules/exploits/multi/http/qdpm_upload_exec.rb +++ b/modules/exploits/multi/http/qdpm_upload_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '82978'], ['EDB', '19154'] ], 'Payload' => diff --git a/modules/exploits/multi/http/rails_json_yaml_code_exec.rb b/modules/exploits/multi/http/rails_json_yaml_code_exec.rb index ce30369981..14598f3398 100644 --- a/modules/exploits/multi/http/rails_json_yaml_code_exec.rb +++ b/modules/exploits/multi/http/rails_json_yaml_code_exec.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-0333' ], + [ 'OSVDB', '89594' ] ], 'Platform' => 'ruby', 'Arch' => ARCH_RUBY, diff --git a/modules/exploits/multi/http/rails_xml_yaml_code_exec.rb b/modules/exploits/multi/http/rails_xml_yaml_code_exec.rb index b29ebbaec1..c6a7904b59 100644 --- a/modules/exploits/multi/http/rails_xml_yaml_code_exec.rb +++ b/modules/exploits/multi/http/rails_xml_yaml_code_exec.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-0156' ], + [ 'OSVDB', '89026' ], [ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2013/01/09/serialization-mischief-in-ruby-land-cve-2013-0156' ] ], 'Platform' => 'ruby', diff --git a/modules/exploits/multi/http/sflog_upload_exec.rb b/modules/exploits/multi/http/sflog_upload_exec.rb index 90c1a9455c..e9f198bd6c 100644 --- a/modules/exploits/multi/http/sflog_upload_exec.rb +++ b/modules/exploits/multi/http/sflog_upload_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '83767'], ['EDB', '19626'] ], 'Payload' => diff --git a/modules/exploits/multi/http/sit_file_upload.rb b/modules/exploits/multi/http/sit_file_upload.rb index 6a42db047c..92568c6f94 100644 --- a/modules/exploits/multi/http/sit_file_upload.rb +++ b/modules/exploits/multi/http/sit_file_upload.rb @@ -32,6 +32,8 @@ class MetasploitModule < Msf::Exploit::Remote [ ['CVE', '2011-3829'], ['CVE', '2011-3833'], + ['OSVDB', '76999'], + ['OSVDB', '77003'], ['URL', 'http://secunia.com/secunia_research/2011-75/'], ['URL', 'http://secunia.com/secunia_research/2011-79/'], ], diff --git a/modules/exploits/multi/http/snortreport_exec.rb b/modules/exploits/multi/http/snortreport_exec.rb index 3a4bd6eed6..d4de32cf5c 100644 --- a/modules/exploits/multi/http/snortreport_exec.rb +++ b/modules/exploits/multi/http/snortreport_exec.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '67739'], ['URL', 'http://www.symmetrixtech.com/articles/news-016.html'] ], 'Payload' => diff --git a/modules/exploits/multi/http/sonicwall_gms_upload.rb b/modules/exploits/multi/http/sonicwall_gms_upload.rb index eea2976cd1..2f9e672522 100644 --- a/modules/exploits/multi/http/sonicwall_gms_upload.rb +++ b/modules/exploits/multi/http/sonicwall_gms_upload.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-1359'], + [ 'OSVDB', '89347' ], [ 'BID', '57445' ], [ 'EDB', '24204' ] ], diff --git a/modules/exploits/multi/http/splunk_mappy_exec.rb b/modules/exploits/multi/http/splunk_mappy_exec.rb index 517538723a..c96fe4d48d 100644 --- a/modules/exploits/multi/http/splunk_mappy_exec.rb +++ b/modules/exploits/multi/http/splunk_mappy_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '77695' ], [ 'BID', '51061' ], [ 'CVE', '2011-4642' ], [ 'URL', 'http://www.splunk.com/view/SP-CAAAGMM' ], diff --git a/modules/exploits/multi/http/spree_search_exec.rb b/modules/exploits/multi/http/spree_search_exec.rb index 3bc0ea2785..832cef2473 100644 --- a/modules/exploits/multi/http/spree_search_exec.rb +++ b/modules/exploits/multi/http/spree_search_exec.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '76011'], [ 'URL', 'http://spreecommerce.com/blog/2011/10/05/remote-command-product-group/' ], ], 'Privileged' => false, diff --git a/modules/exploits/multi/http/spree_searchlogic_exec.rb b/modules/exploits/multi/http/spree_searchlogic_exec.rb index 1443dff7f8..857c460402 100644 --- a/modules/exploits/multi/http/spree_searchlogic_exec.rb +++ b/modules/exploits/multi/http/spree_searchlogic_exec.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '71900'], [ 'URL', 'http://www.spreecommerce.com/blog/2011/04/19/security-fixes/' ], ], diff --git a/modules/exploits/multi/http/struts_code_exec.rb b/modules/exploits/multi/http/struts_code_exec.rb index 5f4861d924..b6480099dc 100644 --- a/modules/exploits/multi/http/struts_code_exec.rb +++ b/modules/exploits/multi/http/struts_code_exec.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1870'], + [ 'OSVDB', '66280'], [ 'EDB', '14360' ], ], 'Platform' => %w{ linux win }, diff --git a/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb b/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb index 62ce411926..9d9bcc461f 100644 --- a/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb +++ b/modules/exploits/multi/http/struts_code_exec_exception_delegator.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0391'], + [ 'OSVDB', '78277'], [ 'EDB', '18329'] ], 'Platform' => %w{ java linux win }, diff --git a/modules/exploits/multi/http/struts_code_exec_parameters.rb b/modules/exploits/multi/http/struts_code_exec_parameters.rb index 3d1248f716..8fc53b6155 100644 --- a/modules/exploits/multi/http/struts_code_exec_parameters.rb +++ b/modules/exploits/multi/http/struts_code_exec_parameters.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-3923'], + [ 'OSVDB', '78501'], [ 'URL', 'http://blog.o0o.nu/2012/01/cve-2011-3923-yet-another-struts2.html'], [ 'URL', 'https://cwiki.apache.org/confluence/display/WW/S2-009'] ], diff --git a/modules/exploits/multi/http/struts_default_action_mapper.rb b/modules/exploits/multi/http/struts_default_action_mapper.rb index 98ee5d3761..dc6ddf026c 100644 --- a/modules/exploits/multi/http/struts_default_action_mapper.rb +++ b/modules/exploits/multi/http/struts_default_action_mapper.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-2251' ], + [ 'OSVDB', '95405' ], [ 'BID', '61189' ], [ 'URL', 'http://struts.apache.org/release/2.3.x/docs/s2-016.html' ] ], diff --git a/modules/exploits/multi/http/struts_dev_mode.rb b/modules/exploits/multi/http/struts_dev_mode.rb index 5ed1cddb0d..51101ea197 100644 --- a/modules/exploits/multi/http/struts_dev_mode.rb +++ b/modules/exploits/multi/http/struts_dev_mode.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0394'], + [ 'OSVDB', '78276'], [ 'EDB', '18329'], [ 'URL', 'https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20120104-0_Apache_Struts2_Multiple_Critical_Vulnerabilities.txt' ] ], diff --git a/modules/exploits/multi/http/struts_include_params.rb b/modules/exploits/multi/http/struts_include_params.rb index 044e678347..14f272491c 100644 --- a/modules/exploits/multi/http/struts_include_params.rb +++ b/modules/exploits/multi/http/struts_include_params.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2013-2115'], [ 'CVE', '2013-1966'], + [ 'OSVDB', '93645'], [ 'URL', 'https://cwiki.apache.org/confluence/display/WW/S2-014'], [ 'URL', 'http://struts.apache.org/development/2.x/docs/s2-013.html'] ], diff --git a/modules/exploits/multi/http/stunshell_eval.rb b/modules/exploits/multi/http/stunshell_eval.rb index 976f302040..e6df8bb6b2 100644 --- a/modules/exploits/multi/http/stunshell_eval.rb +++ b/modules/exploits/multi/http/stunshell_eval.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '91842'], ['URL', 'https://defense.ballastsecurity.net/wiki/index.php/STUNSHELL'], ['URL', 'https://defense.ballastsecurity.net/decoding/index.php?hash=a4cd8ba05eb6ba7fb86dd66bed968007'] ], diff --git a/modules/exploits/multi/http/stunshell_exec.rb b/modules/exploits/multi/http/stunshell_exec.rb index 8983755de8..452faf5481 100644 --- a/modules/exploits/multi/http/stunshell_exec.rb +++ b/modules/exploits/multi/http/stunshell_exec.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '91842'], ['URL', 'https://defense.ballastsecurity.net/wiki/index.php/STUNSHELL'], ['URL', 'https://defense.ballastsecurity.net/decoding/index.php?hash=a4cd8ba05eb6ba7fb86dd66bed968007'] ], diff --git a/modules/exploits/multi/http/sun_jsws_dav_options.rb b/modules/exploits/multi/http/sun_jsws_dav_options.rb index 3bd41e0039..9601ddd0bd 100644 --- a/modules/exploits/multi/http/sun_jsws_dav_options.rb +++ b/modules/exploits/multi/http/sun_jsws_dav_options.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0361' ], + [ 'OSVDB', '61851' ] ], 'Platform' => [ 'win' ], 'Privileged' => true, diff --git a/modules/exploits/multi/http/testlink_upload_exec.rb b/modules/exploits/multi/http/testlink_upload_exec.rb index b913222313..1ef14c565f 100644 --- a/modules/exploits/multi/http/testlink_upload_exec.rb +++ b/modules/exploits/multi/http/testlink_upload_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '85446' ], [ 'EDB', '20500' ], [ 'URL', 'http://itsecuritysolutions.org/2012-08-13-TestLink-1.9.3-multiple-vulnerabilities/' ] ], diff --git a/modules/exploits/multi/http/tomcat_mgr_deploy.rb b/modules/exploits/multi/http/tomcat_mgr_deploy.rb index cddd1098dd..8bcde06e80 100644 --- a/modules/exploits/multi/http/tomcat_mgr_deploy.rb +++ b/modules/exploits/multi/http/tomcat_mgr_deploy.rb @@ -36,7 +36,9 @@ class MetasploitModule < Msf::Exploit::Remote # The following references refer to HP Operations Manager [ 'CVE', '2009-3843' ], + [ 'OSVDB', '60317' ], [ 'CVE', '2009-4189' ], + [ 'OSVDB', '60670' ], # HP Operations Dashboard [ 'CVE', '2009-4188' ], @@ -52,6 +54,7 @@ class MetasploitModule < Msf::Exploit::Remote # 'admin' password is blank in default Windows installer [ 'CVE', '2009-3548' ], + [ 'OSVDB', '60176' ], [ 'BID', '36954' ], # tomcat docs diff --git a/modules/exploits/multi/http/tomcat_mgr_upload.rb b/modules/exploits/multi/http/tomcat_mgr_upload.rb index f237323053..802cb21512 100644 --- a/modules/exploits/multi/http/tomcat_mgr_upload.rb +++ b/modules/exploits/multi/http/tomcat_mgr_upload.rb @@ -41,7 +41,9 @@ class MetasploitModule < Msf::Exploit::Remote # The following references refer to HP Operations Manager ['CVE', '2009-3843'], + ['OSVDB', '60317'], ['CVE', '2009-4189'], + ['OSVDB', '60670'], # HP Operations Dashboard ['CVE', '2009-4188'], @@ -57,6 +59,7 @@ class MetasploitModule < Msf::Exploit::Remote # 'admin' password is blank in default Windows installer ['CVE', '2009-3548'], + ['OSVDB', '60176'], ['BID', '36954'], # tomcat docs diff --git a/modules/exploits/multi/http/traq_plugin_exec.rb b/modules/exploits/multi/http/traq_plugin_exec.rb index b895b6924a..a5caeffc82 100644 --- a/modules/exploits/multi/http/traq_plugin_exec.rb +++ b/modules/exploits/multi/http/traq_plugin_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '77556'], [ 'EDB', '18213' ], [ 'URL', 'http://traqproject.org/' ], ], diff --git a/modules/exploits/multi/http/uptime_file_upload_1.rb b/modules/exploits/multi/http/uptime_file_upload_1.rb index 42fefcc936..e50a1ce5aa 100644 --- a/modules/exploits/multi/http/uptime_file_upload_1.rb +++ b/modules/exploits/multi/http/uptime_file_upload_1.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '100423' ], [ 'BID', '64031'], [ 'URL', 'http://www.security-assessment.com/files/documents/advisory/Up.Time%207.2%20-%20Arbitrary%20File%20Upload.pdf' ] ], diff --git a/modules/exploits/multi/http/v0pcr3w_exec.rb b/modules/exploits/multi/http/v0pcr3w_exec.rb index 7ff6a4ee55..c8c5958069 100644 --- a/modules/exploits/multi/http/v0pcr3w_exec.rb +++ b/modules/exploits/multi/http/v0pcr3w_exec.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '91841'], [ 'URL', 'https://defense.ballastsecurity.net/wiki/index.php/V0pCr3w_shell' ], [ 'URL', 'https://defense.ballastsecurity.net/decoding/index.php?hash=f6b534edf37c3cc0aa88997810daf9c0' ] ], diff --git a/modules/exploits/multi/http/vbseo_proc_deutf.rb b/modules/exploits/multi/http/vbseo_proc_deutf.rb index 82c3e982ce..081b7421fc 100644 --- a/modules/exploits/multi/http/vbseo_proc_deutf.rb +++ b/modules/exploits/multi/http/vbseo_proc_deutf.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '78508'], ['BID', '51647'], ['EDB', '18424'] ], diff --git a/modules/exploits/multi/http/vtiger_soap_upload.rb b/modules/exploits/multi/http/vtiger_soap_upload.rb index c6fd0ff36a..89f2684aed 100644 --- a/modules/exploits/multi/http/vtiger_soap_upload.rb +++ b/modules/exploits/multi/http/vtiger_soap_upload.rb @@ -33,6 +33,8 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2013-3214' ], [ 'CVE', '2013-3215' ], + [ 'OSVDB', '95902' ], + [ 'OSVDB', '95903' ], [ 'BID', '61558' ], [ 'BID', '61559' ], [ 'EDB', '27279' ], diff --git a/modules/exploits/multi/http/webpagetest_upload_exec.rb b/modules/exploits/multi/http/webpagetest_upload_exec.rb index 2aa870052a..4ad2b196c1 100644 --- a/modules/exploits/multi/http/webpagetest_upload_exec.rb +++ b/modules/exploits/multi/http/webpagetest_upload_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '83822'], ['EDB', '19790'] ], 'Payload' => diff --git a/modules/exploits/multi/http/wikka_spam_exec.rb b/modules/exploits/multi/http/wikka_spam_exec.rb index bbddb30b5d..6c5bc618a3 100644 --- a/modules/exploits/multi/http/wikka_spam_exec.rb +++ b/modules/exploits/multi/http/wikka_spam_exec.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-4451'], + ['OSVDB', '77393'], ['EDB', '18177'] ], 'Payload' => diff --git a/modules/exploits/multi/http/zenworks_configuration_management_upload.rb b/modules/exploits/multi/http/zenworks_configuration_management_upload.rb index f719f84938..5bba09e754 100644 --- a/modules/exploits/multi/http/zenworks_configuration_management_upload.rb +++ b/modules/exploits/multi/http/zenworks_configuration_management_upload.rb @@ -21,7 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote anywhere in the file system, and can be abused to deploy a WAR file in the Tomcat webapps directory. ZCM up to (and including) 11.3.1 is vulnerable to this attack. This module has been tested successfully with ZCM 11.3.1 on Windows and Linux. Note - that this is a similar vulnerability to ZDI-10-078 which also has a + that this is a similar vulnerability to ZDI-10-078 / OSVDB-63412 which also has a Metasploit exploit, but it abuses a different parameter of the same servlet. }, 'Author' => @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2015-0779'], + ['OSVDB', '120382'], ['URL', 'http://seclists.org/fulldisclosure/2015/Apr/21'] ], 'DefaultOptions' => { 'WfsDelay' => 30 }, diff --git a/modules/exploits/multi/http/zenworks_control_center_upload.rb b/modules/exploits/multi/http/zenworks_control_center_upload.rb index c9c1531949..0abf38123e 100644 --- a/modules/exploits/multi/http/zenworks_control_center_upload.rb +++ b/modules/exploits/multi/http/zenworks_control_center_upload.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2013-1080' ], [ 'BID', '58668' ], + [ 'OSVDB', '91627' ], [ 'ZDI', '13-049' ], [ 'URL', 'http://www.novell.com/support/kb/doc.php?id=7011812' ] ], diff --git a/modules/exploits/multi/http/zpanel_information_disclosure_rce.rb b/modules/exploits/multi/http/zpanel_information_disclosure_rce.rb index f02a022d43..18fe64bc64 100644 --- a/modules/exploits/multi/http/zpanel_information_disclosure_rce.rb +++ b/modules/exploits/multi/http/zpanel_information_disclosure_rce.rb @@ -41,6 +41,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'EDB', '31173' ], # vulnerable version of pChart used by zpanel + [ 'OSVDB', '102595' ], # vulnerable version of pChart used by zpanel [ 'URL', 'http://blog.0xlabs.com/2014/03/zpanel-10.1.x-remote-root.html' ], [ 'URL', 'http://pastebin.com/y5Pf4Yms' ] ], diff --git a/modules/exploits/multi/ids/snort_dce_rpc.rb b/modules/exploits/multi/ids/snort_dce_rpc.rb index e70c7d3147..75656d28c7 100644 --- a/modules/exploits/multi/ids/snort_dce_rpc.rb +++ b/modules/exploits/multi/ids/snort_dce_rpc.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '32094' ], [ 'CVE', '2006-5276' ], [ 'URL', 'http://web.archive.org/web/20070221235015/http://www.snort.org/docs/advisory-2007-02-19.html'], [ 'URL', 'http://sf-freedom.blogspot.com/2007/02/snort-261-dcerpc-preprocessor-remote.html'], diff --git a/modules/exploits/multi/misc/batik_svg_java.rb b/modules/exploits/multi/misc/batik_svg_java.rb index 3ad0c7212e..86db120167 100644 --- a/modules/exploits/multi/misc/batik_svg_java.rb +++ b/modules/exploits/multi/misc/batik_svg_java.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '81965'], ['URL', 'http://www.agarri.fr/blog/'] ], 'Payload' => diff --git a/modules/exploits/multi/misc/hp_vsa_exec.rb b/modules/exploits/multi/misc/hp_vsa_exec.rb index 674f770903..5161aa9cc8 100644 --- a/modules/exploits/multi/misc/hp_vsa_exec.rb +++ b/modules/exploits/multi/misc/hp_vsa_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-4361'], + ['OSVDB', '82087'], ['EDB', '18893'], ['URL', 'http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?loc=en_US&id=958'], ['URL', 'http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03082086'], diff --git a/modules/exploits/multi/misc/indesign_server_soap.rb b/modules/exploits/multi/misc/indesign_server_soap.rb index 19acd0deef..99f3775b53 100644 --- a/modules/exploits/multi/misc/indesign_server_soap.rb +++ b/modules/exploits/multi/misc/indesign_server_soap.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'DisclosureDate' => 'Nov 11 2012', 'References' => [ + [ 'OSVDB', '87548'], [ 'URL', 'http://secunia.com/advisories/48572/' ] ], 'Targets' => diff --git a/modules/exploits/multi/misc/java_jdwp_debugger.rb b/modules/exploits/multi/misc/java_jdwp_debugger.rb index 22a6bc8724..412626afd9 100644 --- a/modules/exploits/multi/misc/java_jdwp_debugger.rb +++ b/modules/exploits/multi/misc/java_jdwp_debugger.rb @@ -85,6 +85,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '96066'], ['EDB', '27179'], ['URL', 'http://docs.oracle.com/javase/1.5.0/docs/guide/jpda/jdwp-spec.html'], ['URL', 'http://seclists.org/nmap-dev/2010/q1/867'], diff --git a/modules/exploits/multi/misc/legend_bot_exec.rb b/modules/exploits/multi/misc/legend_bot_exec.rb index efbb81583a..fe8127cd92 100644 --- a/modules/exploits/multi/misc/legend_bot_exec.rb +++ b/modules/exploits/multi/misc/legend_bot_exec.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '121681' ], [ 'EDB', '36836' ], [ 'URL', 'https://www.damballa.com/perlbotnado/' ], [ 'URL', 'http://www.csoonline.com/article/2839054/vulnerabilities/report-criminals-use-shellshock-against-mail-servers-to-build-botnet.html' ] # Shellshock spam October 2014 details diff --git a/modules/exploits/multi/misc/openview_omniback_exec.rb b/modules/exploits/multi/misc/openview_omniback_exec.rb index cb731cf72d..1c27b58489 100644 --- a/modules/exploits/multi/misc/openview_omniback_exec.rb +++ b/modules/exploits/multi/misc/openview_omniback_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2001-0311'], + ['OSVDB', '6018'], ['BID', '11032'], ['URL', 'http://www.securiteam.com/exploits/6M00O150KG.html'], ], diff --git a/modules/exploits/multi/misc/pbot_exec.rb b/modules/exploits/multi/misc/pbot_exec.rb index a1b41b4778..26465c6334 100644 --- a/modules/exploits/multi/misc/pbot_exec.rb +++ b/modules/exploits/multi/misc/pbot_exec.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '84913' ], [ 'EDB', '20168' ], [ 'URL', 'http://resources.infosecinstitute.com/pbot-analysis/'] ], diff --git a/modules/exploits/multi/misc/ra1nx_pubcall_exec.rb b/modules/exploits/multi/misc/ra1nx_pubcall_exec.rb index 5bdb82da79..6307eda55d 100644 --- a/modules/exploits/multi/misc/ra1nx_pubcall_exec.rb +++ b/modules/exploits/multi/misc/ra1nx_pubcall_exec.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '91663'], ['URL', 'https://defense.ballastsecurity.net/wiki/index.php/Ra1NX_bot'], ['URL', 'https://defense.ballastsecurity.net/decoding/index.php?hash=69401ac90262f3855c23cd143d7d2ae0'], ['URL', 'http://ddecode.com/phpdecoder/?results=8c6ba611ea2a504da928c6e176a6537b'] diff --git a/modules/exploits/multi/misc/veritas_netbackup_cmdexec.rb b/modules/exploits/multi/misc/veritas_netbackup_cmdexec.rb index 71cf35294a..4882496650 100644 --- a/modules/exploits/multi/misc/veritas_netbackup_cmdexec.rb +++ b/modules/exploits/multi/misc/veritas_netbackup_cmdexec.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1389' ], + [ 'OSVDB', '11026' ], [ 'BID', '11494' ] ], 'Privileged' => true, diff --git a/modules/exploits/multi/misc/w3tw0rk_exec.rb b/modules/exploits/multi/misc/w3tw0rk_exec.rb index 54c02da764..3691b10e28 100644 --- a/modules/exploits/multi/misc/w3tw0rk_exec.rb +++ b/modules/exploits/multi/misc/w3tw0rk_exec.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '120384' ], [ 'EDB', '36652' ] ], 'Platform' => %w{ unix win }, diff --git a/modules/exploits/multi/misc/wireshark_lwres_getaddrbyname.rb b/modules/exploits/multi/misc/wireshark_lwres_getaddrbyname.rb index 136ce0bfe2..b481303f09 100644 --- a/modules/exploits/multi/misc/wireshark_lwres_getaddrbyname.rb +++ b/modules/exploits/multi/misc/wireshark_lwres_getaddrbyname.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0304' ], + [ 'OSVDB', '61987' ], [ 'BID', '37985' ], [ 'URL', 'http://www.wireshark.org/security/wnpa-sec-2010-02.html' ], [ 'URL', 'http://anonsvn.wireshark.org/viewvc/trunk-1.2/epan/dissectors/packet-lwres.c?view=diff&r1=31596&r2=28492&diff_format=h' ] diff --git a/modules/exploits/multi/misc/wireshark_lwres_getaddrbyname_loop.rb b/modules/exploits/multi/misc/wireshark_lwres_getaddrbyname_loop.rb index 7165a30635..6b0159a527 100644 --- a/modules/exploits/multi/misc/wireshark_lwres_getaddrbyname_loop.rb +++ b/modules/exploits/multi/misc/wireshark_lwres_getaddrbyname_loop.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0304' ], + [ 'OSVDB', '61987' ], [ 'BID', '37985' ], [ 'URL', 'http://www.wireshark.org/security/wnpa-sec-2010-02.html' ], [ 'URL', 'http://anonsvn.wireshark.org/viewvc/trunk-1.2/epan/dissectors/packet-lwres.c?view=diff&r1=31596&r2=28492&diff_format=h' ] diff --git a/modules/exploits/multi/misc/zend_java_bridge.rb b/modules/exploits/multi/misc/zend_java_bridge.rb index 58213c5323..2a361b807f 100644 --- a/modules/exploits/multi/misc/zend_java_bridge.rb +++ b/modules/exploits/multi/misc/zend_java_bridge.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '71420'], [ 'ZDI', '11-113'], [ 'EDB', '17078' ], ], diff --git a/modules/exploits/multi/ntp/ntp_overflow.rb b/modules/exploits/multi/ntp/ntp_overflow.rb index 4475b2b726..6f5190ac45 100644 --- a/modules/exploits/multi/ntp/ntp_overflow.rb +++ b/modules/exploits/multi/ntp/ntp_overflow.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2001-0414' ], + [ 'OSVDB', '805' ], [ 'BID', '2540' ], [ 'US-CERT-VU', '970472' ], ], diff --git a/modules/exploits/multi/php/php_unserialize_zval_cookie.rb b/modules/exploits/multi/php/php_unserialize_zval_cookie.rb index 4f98658eef..c609ef77bf 100644 --- a/modules/exploits/multi/php/php_unserialize_zval_cookie.rb +++ b/modules/exploits/multi/php/php_unserialize_zval_cookie.rb @@ -41,6 +41,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-1286'], + ['OSVDB', '32771'], ['URL', 'http://www.php-security.org/MOPB/MOPB-04-2007.html'], ], 'Privileged' => false, diff --git a/modules/exploits/multi/realserver/describe.rb b/modules/exploits/multi/realserver/describe.rb index 8bddfe5215..5cb8006f8e 100644 --- a/modules/exploits/multi/realserver/describe.rb +++ b/modules/exploits/multi/realserver/describe.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2002-1643' ], + [ 'OSVDB', '4468'] ], 'Privileged' => true, 'Payload' => diff --git a/modules/exploits/multi/samba/nttrans.rb b/modules/exploits/multi/samba/nttrans.rb index 9117a11be9..55bce31106 100644 --- a/modules/exploits/multi/samba/nttrans.rb +++ b/modules/exploits/multi/samba/nttrans.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2002-1318' ], + [ 'OSVDB', '14525' ], [ 'BID', '6210' ], [ 'URL', 'http://www.samba.org/samba/history/samba-2.2.7a.html' ] ], diff --git a/modules/exploits/multi/samba/usermap_script.rb b/modules/exploits/multi/samba/usermap_script.rb index 883f94b8ea..273535b2d3 100644 --- a/modules/exploits/multi/samba/usermap_script.rb +++ b/modules/exploits/multi/samba/usermap_script.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-2447' ], + [ 'OSVDB', '34700' ], [ 'BID', '23972' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=534' ], [ 'URL', 'http://samba.org/samba/security/CVE-2007-2447.html' ] diff --git a/modules/exploits/multi/sap/sap_soap_rfc_sxpg_call_system_exec.rb b/modules/exploits/multi/sap/sap_soap_rfc_sxpg_call_system_exec.rb index 69ac214922..29b4f79091 100644 --- a/modules/exploits/multi/sap/sap_soap_rfc_sxpg_call_system_exec.rb +++ b/modules/exploits/multi/sap/sap_soap_rfc_sxpg_call_system_exec.rb @@ -41,6 +41,7 @@ class MetasploitModule < Msf::Exploit::Remote }, 'References' => [ + [ 'OSVDB', '93537' ], [ 'URL', 'http://labs.mwrinfosecurity.com/tools/2012/04/27/sap-metasploit-modules/' ] ], 'DisclosureDate' => 'Mar 26 2013', diff --git a/modules/exploits/multi/svn/svnserve_date.rb b/modules/exploits/multi/svn/svnserve_date.rb index 505426abed..db88821c4f 100644 --- a/modules/exploits/multi/svn/svnserve_date.rb +++ b/modules/exploits/multi/svn/svnserve_date.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2004-0397'], + ['OSVDB', '6301'], ['BID', '10386'], ['URL', 'http://lists.netsys.com/pipermail/full-disclosure/2004-May/021737.html'] ], diff --git a/modules/exploits/multi/upnp/libupnp_ssdp_overflow.rb b/modules/exploits/multi/upnp/libupnp_ssdp_overflow.rb index 1bcfd0ccd3..668405d446 100644 --- a/modules/exploits/multi/upnp/libupnp_ssdp_overflow.rb +++ b/modules/exploits/multi/upnp/libupnp_ssdp_overflow.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-5958' ], + [ 'OSVDB', '89611' ], [ 'US-CERT-VU', '922681' ], [ 'URL', 'https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play' ] ], diff --git a/modules/exploits/multi/vpn/tincd_bof.rb b/modules/exploits/multi/vpn/tincd_bof.rb index 4bdf7e60dc..e9528b6b5b 100644 --- a/modules/exploits/multi/vpn/tincd_bof.rb +++ b/modules/exploits/multi/vpn/tincd_bof.rb @@ -39,6 +39,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2013-1428'], + ['OSVDB', '92653'], ['BID', '59369'], ['URL', 'http://www.floyd.ch/?p=741'], ['URL', 'http://sitsec.net/blog/2013/04/22/stack-based-buffer-overflow-in-the-vpn-software-tinc-for-authenticated-peers/'] diff --git a/modules/exploits/multi/wyse/hagent_untrusted_hsdata.rb b/modules/exploits/multi/wyse/hagent_untrusted_hsdata.rb index 39f4fa2a70..35ce7f691f 100644 --- a/modules/exploits/multi/wyse/hagent_untrusted_hsdata.rb +++ b/modules/exploits/multi/wyse/hagent_untrusted_hsdata.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2009-0695'], + ['OSVDB', '55839'], ['US-CERT-VU', '654545'], ['URL', 'http://snosoft.blogspot.com/'], ['URL', 'http://www.theregister.co.uk/2009/07/10/wyse_remote_exploit_bugs/'] diff --git a/modules/exploits/netware/smb/lsass_cifs.rb b/modules/exploits/netware/smb/lsass_cifs.rb index 6535cf76bc..6693f0923b 100644 --- a/modules/exploits/netware/smb/lsass_cifs.rb +++ b/modules/exploits/netware/smb/lsass_cifs.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-2852' ], + [ 'OSVDB', '12790' ] ], 'Privileged' => true, 'Payload' => diff --git a/modules/exploits/netware/sunrpc/pkernel_callit.rb b/modules/exploits/netware/sunrpc/pkernel_callit.rb index 80f2f068c1..51a3178859 100644 --- a/modules/exploits/netware/sunrpc/pkernel_callit.rb +++ b/modules/exploits/netware/sunrpc/pkernel_callit.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote [ # There is no CVE for this vulnerability [ 'BID', '36564' ], + [ 'OSVDB', '58447' ], [ 'ZDI', '09-067' ], ], 'Privileged' => true, diff --git a/modules/exploits/osx/afp/loginext.rb b/modules/exploits/osx/afp/loginext.rb index aa4a238bc7..a79cdfa897 100644 --- a/modules/exploits/osx/afp/loginext.rb +++ b/modules/exploits/osx/afp/loginext.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-0430'], + [ 'OSVDB', '5762'], [ 'BID', '10271'], ], 'Payload' => diff --git a/modules/exploits/osx/arkeia/type77.rb b/modules/exploits/osx/arkeia/type77.rb index 9674d110ea..175fc3b918 100644 --- a/modules/exploits/osx/arkeia/type77.rb +++ b/modules/exploits/osx/arkeia/type77.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0491'], + [ 'OSVDB', '14011'], [ 'BID', '12594'] ], 'Privileged' => true, diff --git a/modules/exploits/osx/browser/mozilla_mchannel.rb b/modules/exploits/osx/browser/mozilla_mchannel.rb index e493765344..870e5fdfe2 100644 --- a/modules/exploits/osx/browser/mozilla_mchannel.rb +++ b/modules/exploits/osx/browser/mozilla_mchannel.rb @@ -41,6 +41,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-0065'], + ['OSVDB', '72085'], ['URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=634986'], ['URL', 'http://www.mozilla.org/security/announce/2011/mfsa2011-13.html'] ], diff --git a/modules/exploits/osx/browser/safari_file_policy.rb b/modules/exploits/osx/browser/safari_file_policy.rb index ee20626f9f..d799eff564 100644 --- a/modules/exploits/osx/browser/safari_file_policy.rb +++ b/modules/exploits/osx/browser/safari_file_policy.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-3230' ], + [ 'OSVDB', '76389' ], [ 'URL', 'http://vttynotes.blogspot.com/2011/10/cve-2011-3230-launch-any-file-path-from.html#comments' ], [ 'URL', 'http://support.apple.com/kb/HT5000' ] ], diff --git a/modules/exploits/osx/browser/safari_metadata_archive.rb b/modules/exploits/osx/browser/safari_metadata_archive.rb index 972bd4404c..0c1d0842ce 100644 --- a/modules/exploits/osx/browser/safari_metadata_archive.rb +++ b/modules/exploits/osx/browser/safari_metadata_archive.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-0848'], + ['OSVDB', '23510'], ['BID', '16736'], ], 'Payload' => diff --git a/modules/exploits/osx/browser/software_update.rb b/modules/exploits/osx/browser/software_update.rb index 7cadbfad79..d4db34dba8 100644 --- a/modules/exploits/osx/browser/software_update.rb +++ b/modules/exploits/osx/browser/software_update.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-5863'], + ['OSVDB', '40722'], ], 'Payload' => { diff --git a/modules/exploits/osx/email/mailapp_image_exec.rb b/modules/exploits/osx/email/mailapp_image_exec.rb index 43531b06d2..d98f9e22b3 100644 --- a/modules/exploits/osx/email/mailapp_image_exec.rb +++ b/modules/exploits/osx/email/mailapp_image_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['CVE', '2006-0395'], ['CVE', '2007-6165'], + ['OSVDB', '40875'], ['BID', '26510'], ['BID', '16907'] ], diff --git a/modules/exploits/osx/ftp/webstar_ftp_user.rb b/modules/exploits/osx/ftp/webstar_ftp_user.rb index 7ed6a71bb3..651d321fc0 100644 --- a/modules/exploits/osx/ftp/webstar_ftp_user.rb +++ b/modules/exploits/osx/ftp/webstar_ftp_user.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-0695'], + [ 'OSVDB', '7794'], [ 'BID', '10720'], ], diff --git a/modules/exploits/osx/http/evocam_webserver.rb b/modules/exploits/osx/http/evocam_webserver.rb index 3be8fe5da7..26e58fd9ce 100644 --- a/modules/exploits/osx/http/evocam_webserver.rb +++ b/modules/exploits/osx/http/evocam_webserver.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2010-2309'], + ['OSVDB', '65043'], ['EDB', '12835'], ], 'Payload' => diff --git a/modules/exploits/osx/local/rootpipe.rb b/modules/exploits/osx/local/rootpipe.rb index b3891cb730..b438b4513c 100644 --- a/modules/exploits/osx/local/rootpipe.rb +++ b/modules/exploits/osx/local/rootpipe.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Local ], 'References' => [ ['CVE', '2015-1130'], + ['OSVDB', '114114'], ['EDB', '36692'], ['URL', 'https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/'] ], diff --git a/modules/exploits/osx/local/setuid_tunnelblick.rb b/modules/exploits/osx/local/setuid_tunnelblick.rb index 4a98569627..d4969cd478 100644 --- a/modules/exploits/osx/local/setuid_tunnelblick.rb +++ b/modules/exploits/osx/local/setuid_tunnelblick.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ [ 'CVE', '2012-3485' ], + [ 'OSVDB', '84706' ], [ 'EDB', '20443' ], [ 'URL', 'http://blog.zx2c4.com/791' ] ], diff --git a/modules/exploits/osx/local/setuid_viscosity.rb b/modules/exploits/osx/local/setuid_viscosity.rb index 00ff933b06..dddb7b82a0 100644 --- a/modules/exploits/osx/local/setuid_viscosity.rb +++ b/modules/exploits/osx/local/setuid_viscosity.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ [ 'CVE', '2012-4284' ], + [ 'OSVDB', '84709' ], [ 'EDB', '20485' ], [ 'URL', 'http://blog.zx2c4.com/791' ] ], diff --git a/modules/exploits/osx/local/sudo_password_bypass.rb b/modules/exploits/osx/local/sudo_password_bypass.rb index e013f5cfab..018af4fcbe 100644 --- a/modules/exploits/osx/local/sudo_password_bypass.rb +++ b/modules/exploits/osx/local/sudo_password_bypass.rb @@ -59,6 +59,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ [ 'CVE', '2013-1775' ], + [ 'OSVDB', '90677' ], [ 'BID', '58203' ], [ 'URL', 'http://www.sudo.ws/sudo/alerts/epoch_ticket.html' ] ], diff --git a/modules/exploits/osx/local/vmware_bash_function_root.rb b/modules/exploits/osx/local/vmware_bash_function_root.rb index 034235cf25..25410875e1 100644 --- a/modules/exploits/osx/local/vmware_bash_function_root.rb +++ b/modules/exploits/osx/local/vmware_bash_function_root.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Local [ ['CVE', '2014-6271'], ['CWE', '94'], + ['OSVDB', '112004'], ['EDB', '34765'] ], 'Platform' => 'osx', diff --git a/modules/exploits/osx/mdns/upnp_location.rb b/modules/exploits/osx/mdns/upnp_location.rb index 1217ba44f3..99667e4a44 100644 --- a/modules/exploits/osx/mdns/upnp_location.rb +++ b/modules/exploits/osx/mdns/upnp_location.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '35142' ], [ 'CVE', '2007-2386' ], [ 'BID', '24144' ], [ 'URL', 'http://support.apple.com/kb/TA24732' ] diff --git a/modules/exploits/osx/misc/ufo_ai.rb b/modules/exploits/osx/misc/ufo_ai.rb index a27e0c79ea..35011f1d02 100644 --- a/modules/exploits/osx/misc/ufo_ai.rb +++ b/modules/exploits/osx/misc/ufo_ai.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '65689' ], [ 'EDB', '14013' ] ], 'Payload' => diff --git a/modules/exploits/osx/rtsp/quicktime_rtsp_content_type.rb b/modules/exploits/osx/rtsp/quicktime_rtsp_content_type.rb index d00e4651f0..3dfedafd3d 100644 --- a/modules/exploits/osx/rtsp/quicktime_rtsp_content_type.rb +++ b/modules/exploits/osx/rtsp/quicktime_rtsp_content_type.rb @@ -19,6 +19,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-6166' ], + [ 'OSVDB', '40876'], [ 'BID', '26549' ], ], 'Payload' => diff --git a/modules/exploits/osx/samba/lsa_transnames_heap.rb b/modules/exploits/osx/samba/lsa_transnames_heap.rb index c0992410e2..03bc2152dd 100644 --- a/modules/exploits/osx/samba/lsa_transnames_heap.rb +++ b/modules/exploits/osx/samba/lsa_transnames_heap.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-2446'], + ['OSVDB', '34699'], ], 'Privileged' => true, 'Payload' => diff --git a/modules/exploits/osx/samba/trans2open.rb b/modules/exploits/osx/samba/trans2open.rb index 0e5f5f2e6f..7e0e123d0a 100644 --- a/modules/exploits/osx/samba/trans2open.rb +++ b/modules/exploits/osx/samba/trans2open.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0201' ], + [ 'OSVDB', '4469' ], [ 'BID', '7294' ], [ 'URL', 'http://seclists.org/bugtraq/2003/Apr/103' ] ], diff --git a/modules/exploits/solaris/dtspcd/heap_noir.rb b/modules/exploits/solaris/dtspcd/heap_noir.rb index 8d5ae03ec2..f65d028141 100644 --- a/modules/exploits/solaris/dtspcd/heap_noir.rb +++ b/modules/exploits/solaris/dtspcd/heap_noir.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2001-0803'], + [ 'OSVDB', '4503'], [ 'BID', '3517'], [ 'URL', 'http://www.cert.org/advisories/CA-2001-31.html'], [ 'URL', 'http://media.wiley.com/product_ancillary/83/07645446/DOWNLOAD/Source_Files.zip'], diff --git a/modules/exploits/solaris/lpd/sendmail_exec.rb b/modules/exploits/solaris/lpd/sendmail_exec.rb index 675eeae4fa..d7739db4ca 100644 --- a/modules/exploits/solaris/lpd/sendmail_exec.rb +++ b/modules/exploits/solaris/lpd/sendmail_exec.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2001-1583'], + [ 'OSVDB', '15131'], [ 'BID', '3274'], ], 'Platform' => %w{ solaris unix }, diff --git a/modules/exploits/solaris/samba/lsa_transnames_heap.rb b/modules/exploits/solaris/samba/lsa_transnames_heap.rb index bfd28c4642..09b25d9077 100644 --- a/modules/exploits/solaris/samba/lsa_transnames_heap.rb +++ b/modules/exploits/solaris/samba/lsa_transnames_heap.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-2446'], + ['OSVDB', '34699'], ], 'Privileged' => true, 'Payload' => diff --git a/modules/exploits/solaris/samba/trans2open.rb b/modules/exploits/solaris/samba/trans2open.rb index eb846affd7..3623fcbd90 100644 --- a/modules/exploits/solaris/samba/trans2open.rb +++ b/modules/exploits/solaris/samba/trans2open.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0201' ], + [ 'OSVDB', '4469' ], [ 'BID', '7294' ], [ 'URL', 'http://seclists.org/bugtraq/2003/Apr/103' ] ], diff --git a/modules/exploits/solaris/sunrpc/sadmind_adm_build_path.rb b/modules/exploits/solaris/sunrpc/sadmind_adm_build_path.rb index d0e9ed83f2..9ebc7d42e6 100644 --- a/modules/exploits/solaris/sunrpc/sadmind_adm_build_path.rb +++ b/modules/exploits/solaris/sunrpc/sadmind_adm_build_path.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2008-4556'], + ['OSVDB', '49111'], ['URL', 'http://risesecurity.org/advisories/RISE-2008001.txt'], ], 'Privileged' => true, diff --git a/modules/exploits/solaris/sunrpc/sadmind_exec.rb b/modules/exploits/solaris/sunrpc/sadmind_exec.rb index 11ed3ff29e..3557828c07 100644 --- a/modules/exploits/solaris/sunrpc/sadmind_exec.rb +++ b/modules/exploits/solaris/sunrpc/sadmind_exec.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2003-0722'], + ['OSVDB', '4585'], ['BID', '8615'] ], 'Privileged' => true, diff --git a/modules/exploits/solaris/sunrpc/ypupdated_exec.rb b/modules/exploits/solaris/sunrpc/ypupdated_exec.rb index f1f9bddb82..5053c21189 100644 --- a/modules/exploits/solaris/sunrpc/ypupdated_exec.rb +++ b/modules/exploits/solaris/sunrpc/ypupdated_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '1999-0209'], + ['OSVDB', '11517'], ['BID', '1749'], ], 'Privileged' => true, diff --git a/modules/exploits/solaris/telnet/fuser.rb b/modules/exploits/solaris/telnet/fuser.rb index aa1756ce29..5fde51c927 100644 --- a/modules/exploits/solaris/telnet/fuser.rb +++ b/modules/exploits/solaris/telnet/fuser.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-0882' ], + [ 'OSVDB', '31881'], [ 'BID', '22512' ], ], 'Privileged' => false, diff --git a/modules/exploits/solaris/telnet/ttyprompt.rb b/modules/exploits/solaris/telnet/ttyprompt.rb index 5c92319c68..6672291ed6 100644 --- a/modules/exploits/solaris/telnet/ttyprompt.rb +++ b/modules/exploits/solaris/telnet/ttyprompt.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2001-0797'], + [ 'OSVDB', '690'], [ 'BID', '5531'], ], diff --git a/modules/exploits/unix/dhcp/bash_environment.rb b/modules/exploits/unix/dhcp/bash_environment.rb index 3c476819a4..ee3447c380 100644 --- a/modules/exploits/unix/dhcp/bash_environment.rb +++ b/modules/exploits/unix/dhcp/bash_environment.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['CVE', '2014-6271'], ['CWE', '94'], + ['OSVDB', '112004'], ['EDB', '34765'], ['URL', 'https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/'], ['URL', 'http://seclists.org/oss-sec/2014/q3/649'], diff --git a/modules/exploits/unix/ftp/proftpd_133c_backdoor.rb b/modules/exploits/unix/ftp/proftpd_133c_backdoor.rb index eaa8a67d2c..588bab550e 100644 --- a/modules/exploits/unix/ftp/proftpd_133c_backdoor.rb +++ b/modules/exploits/unix/ftp/proftpd_133c_backdoor.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '69562'], [ 'BID', '45150' ] ], 'Privileged' => true, diff --git a/modules/exploits/unix/ftp/vsftpd_234_backdoor.rb b/modules/exploits/unix/ftp/vsftpd_234_backdoor.rb index 6d78fab17c..49de9d25e1 100644 --- a/modules/exploits/unix/ftp/vsftpd_234_backdoor.rb +++ b/modules/exploits/unix/ftp/vsftpd_234_backdoor.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '73573'], [ 'URL', 'http://pastebin.com/AetT9sS5'], [ 'URL', 'http://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html' ], ], diff --git a/modules/exploits/unix/http/contentkeeperweb_mimencode.rb b/modules/exploits/unix/http/contentkeeperweb_mimencode.rb index 3ba7a5c5d5..91eccda718 100644 --- a/modules/exploits/unix/http/contentkeeperweb_mimencode.rb +++ b/modules/exploits/unix/http/contentkeeperweb_mimencode.rb @@ -24,6 +24,8 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '54551' ], + [ 'OSVDB', '54552' ], [ 'URL', 'http://www.aushack.com/200904-contentkeeper.txt' ], ], 'Privileged' => false, diff --git a/modules/exploits/unix/http/ctek_skyrouter.rb b/modules/exploits/unix/http/ctek_skyrouter.rb index 066b403b70..746a77a401 100644 --- a/modules/exploits/unix/http/ctek_skyrouter.rb +++ b/modules/exploits/unix/http/ctek_skyrouter.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ ['CVE', '2011-5010'], + ['OSVDB', '77497'] ], 'Privileged' => false, 'Payload' => diff --git a/modules/exploits/unix/http/freepbx_callmenum.rb b/modules/exploits/unix/http/freepbx_callmenum.rb index fbe47a63f0..2c1e3a00a7 100644 --- a/modules/exploits/unix/http/freepbx_callmenum.rb +++ b/modules/exploits/unix/http/freepbx_callmenum.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-4869' ], + [ 'OSVDB', '80544' ], [ 'EDB', '18649' ] ], 'Platform' => ['unix'], diff --git a/modules/exploits/unix/http/lifesize_room.rb b/modules/exploits/unix/http/lifesize_room.rb index 4525885ce6..f149a66c21 100644 --- a/modules/exploits/unix/http/lifesize_room.rb +++ b/modules/exploits/unix/http/lifesize_room.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-2763' ], + [ 'OSVDB', '75212' ], ], 'Privileged' => false, 'Payload' => diff --git a/modules/exploits/unix/http/twiki_debug_plugins.rb b/modules/exploits/unix/http/twiki_debug_plugins.rb index 226dbb10ac..78c51d98f0 100644 --- a/modules/exploits/unix/http/twiki_debug_plugins.rb +++ b/modules/exploits/unix/http/twiki_debug_plugins.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2014-7236'], + [ 'OSVDB', '112977'], [ 'URL', 'http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236'] ], 'Privileged' => false, diff --git a/modules/exploits/unix/http/vmturbo_vmtadmin_exec_noauth.rb b/modules/exploits/unix/http/vmturbo_vmtadmin_exec_noauth.rb index bed5dbf7af..3765e1585b 100644 --- a/modules/exploits/unix/http/vmturbo_vmtadmin_exec_noauth.rb +++ b/modules/exploits/unix/http/vmturbo_vmtadmin_exec_noauth.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2014-5073'], + ['OSVDB', '109572'], ['URL', 'http://secunia.com/secunia_research/2014-8/'] ], 'DisclosureDate' => 'Jun 25 2014', diff --git a/modules/exploits/unix/irc/unreal_ircd_3281_backdoor.rb b/modules/exploits/unix/irc/unreal_ircd_3281_backdoor.rb index 5566fe41f9..49205040b0 100644 --- a/modules/exploits/unix/irc/unreal_ircd_3281_backdoor.rb +++ b/modules/exploits/unix/irc/unreal_ircd_3281_backdoor.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-2075' ], + [ 'OSVDB', '65445' ], [ 'URL', 'http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt' ] ], 'Platform' => ['unix'], diff --git a/modules/exploits/unix/local/chkrootkit.rb b/modules/exploits/unix/local/chkrootkit.rb index 41aeee342a..fc495385bd 100644 --- a/modules/exploits/unix/local/chkrootkit.rb +++ b/modules/exploits/unix/local/chkrootkit.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Local ], 'References' => [ ['CVE', '2014-0476'], + ['OSVDB', '107710'], ['EDB', '33899'], ['BID', '67813'], ['CWE', '20'], diff --git a/modules/exploits/unix/misc/distcc_exec.rb b/modules/exploits/unix/misc/distcc_exec.rb index 8d82010d1c..c46bbf9295 100644 --- a/modules/exploits/unix/misc/distcc_exec.rb +++ b/modules/exploits/unix/misc/distcc_exec.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-2687'], + [ 'OSVDB', '13378' ], [ 'URL', 'http://distcc.samba.org/security.html'], ], diff --git a/modules/exploits/unix/misc/qnx_qconn_exec.rb b/modules/exploits/unix/misc/qnx_qconn_exec.rb index 76e620ce1c..e86a518727 100644 --- a/modules/exploits/unix/misc/qnx_qconn_exec.rb +++ b/modules/exploits/unix/misc/qnx_qconn_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '86672'], ['EDB', '21520'], ['URL', 'http://www.fishnetsecurity.com/6labs/blog/pentesting-qnx-neutrino-rtos'], ['URL', 'http://www.qnx.com/developers/docs/6.3.0SP3/neutrino/utilities/q/qconn.html'] diff --git a/modules/exploits/unix/misc/spamassassin_exec.rb b/modules/exploits/unix/misc/spamassassin_exec.rb index 0cb816aa53..5b52c215f9 100644 --- a/modules/exploits/unix/misc/spamassassin_exec.rb +++ b/modules/exploits/unix/misc/spamassassin_exec.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-2447' ], + [ 'OSVDB', '26177' ], [ 'BID', '18290' ], [ 'URL', 'http://spamassassin.apache.org/advisories/cve-2006-2447.txt' ], ], diff --git a/modules/exploits/unix/misc/zabbix_agent_exec.rb b/modules/exploits/unix/misc/zabbix_agent_exec.rb index c245a33413..f197f52cf8 100644 --- a/modules/exploits/unix/misc/zabbix_agent_exec.rb +++ b/modules/exploits/unix/misc/zabbix_agent_exec.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-4502' ], + [ 'OSVDB', '60956' ], [ 'URL', 'https://support.zabbix.com/browse/ZBX-1032'], ], 'Platform' => ['unix'], diff --git a/modules/exploits/unix/smtp/clamav_milter_blackhole.rb b/modules/exploits/unix/smtp/clamav_milter_blackhole.rb index d5fb07f3dc..e2bcac05b5 100644 --- a/modules/exploits/unix/smtp/clamav_milter_blackhole.rb +++ b/modules/exploits/unix/smtp/clamav_milter_blackhole.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-4560' ], + [ 'OSVDB', '36909' ], [ 'BID', '25439' ], [ 'EDB', '4761' ] ], diff --git a/modules/exploits/unix/smtp/exim4_string_format.rb b/modules/exploits/unix/smtp/exim4_string_format.rb index ff3b4eace1..429deb28bf 100644 --- a/modules/exploits/unix/smtp/exim4_string_format.rb +++ b/modules/exploits/unix/smtp/exim4_string_format.rb @@ -50,6 +50,8 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2010-4344' ], [ 'CVE', '2010-4345' ], + [ 'OSVDB', '69685' ], + [ 'OSVDB', '69860' ], [ 'BID', '45308' ], [ 'BID', '45341' ], [ 'URL', 'http://seclists.org/oss-sec/2010/q4/311' ], diff --git a/modules/exploits/unix/ssh/array_vxag_vapv_privkey_privesc.rb b/modules/exploits/unix/ssh/array_vxag_vapv_privkey_privesc.rb index a927f56bfa..3ba50240b7 100644 --- a/modules/exploits/unix/ssh/array_vxag_vapv_privkey_privesc.rb +++ b/modules/exploits/unix/ssh/array_vxag_vapv_privkey_privesc.rb @@ -29,6 +29,9 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '104652'], + ['OSVDB', '104653'], + ['OSVDB', '104654'], ['PACKETSTORM', '125761'] ], 'DefaultOptions' => diff --git a/modules/exploits/unix/ssh/tectia_passwd_changereq.rb b/modules/exploits/unix/ssh/tectia_passwd_changereq.rb index 74672cdb5e..1ab9cd26f4 100644 --- a/modules/exploits/unix/ssh/tectia_passwd_changereq.rb +++ b/modules/exploits/unix/ssh/tectia_passwd_changereq.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['CVE', '2012-5975'], ['EDB', '23082'], + ['OSVDB', '88103'], ['URL', 'http://seclists.org/fulldisclosure/2012/Dec/12'] ], 'Payload' => diff --git a/modules/exploits/unix/webapp/actualanalyzer_ant_cookie_exec.rb b/modules/exploits/unix/webapp/actualanalyzer_ant_cookie_exec.rb index b16ff156be..3700edc024 100644 --- a/modules/exploits/unix/webapp/actualanalyzer_ant_cookie_exec.rb +++ b/modules/exploits/unix/webapp/actualanalyzer_ant_cookie_exec.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['EDB', '34450'], + ['OSVDB', '110601'] ], 'Payload' => { diff --git a/modules/exploits/unix/webapp/arkeia_upload_exec.rb b/modules/exploits/unix/webapp/arkeia_upload_exec.rb index 5568e62726..2d27a36799 100644 --- a/modules/exploits/unix/webapp/arkeia_upload_exec.rb +++ b/modules/exploits/unix/webapp/arkeia_upload_exec.rb @@ -30,6 +30,8 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '97614' ], + [ 'OSVDB', '97615' ], [ 'EDB', '28330' ] ], 'Platform' => ['php'], diff --git a/modules/exploits/unix/webapp/awstats_configdir_exec.rb b/modules/exploits/unix/webapp/awstats_configdir_exec.rb index 0aa2ebdd17..c047d659b8 100644 --- a/modules/exploits/unix/webapp/awstats_configdir_exec.rb +++ b/modules/exploits/unix/webapp/awstats_configdir_exec.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-0116'], + ['OSVDB', '13002'], ['BID', '12298'], ['URL', 'http://www.idefense.com/application/poi/display?id=185&type=vulnerabilities'], ], diff --git a/modules/exploits/unix/webapp/awstats_migrate_exec.rb b/modules/exploits/unix/webapp/awstats_migrate_exec.rb index 2bb899b054..b91d673eb6 100644 --- a/modules/exploits/unix/webapp/awstats_migrate_exec.rb +++ b/modules/exploits/unix/webapp/awstats_migrate_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-2237'], + ['OSVDB', '25284'], ['BID', '17844'], ['URL', 'http://awstats.sourceforge.net/awstats_security_news.php'], ['EDB', '1755'], diff --git a/modules/exploits/unix/webapp/awstatstotals_multisort.rb b/modules/exploits/unix/webapp/awstatstotals_multisort.rb index 48aa084ec4..12a82d861e 100644 --- a/modules/exploits/unix/webapp/awstatstotals_multisort.rb +++ b/modules/exploits/unix/webapp/awstatstotals_multisort.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2008-3922'], + ['OSVDB', '47807'], ['BID', '30856'] ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/barracuda_img_exec.rb b/modules/exploits/unix/webapp/barracuda_img_exec.rb index 78d906c3c0..d334336979 100644 --- a/modules/exploits/unix/webapp/barracuda_img_exec.rb +++ b/modules/exploits/unix/webapp/barracuda_img_exec.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-2847'], + ['OSVDB', '19279'], ['BID', '14712'], ['URL', 'http://www.nessus.org/plugins/index.php?view=single&id=19556'] ], diff --git a/modules/exploits/unix/webapp/base_qry_common.rb b/modules/exploits/unix/webapp/base_qry_common.rb index bb2a6b2520..48882338b7 100644 --- a/modules/exploits/unix/webapp/base_qry_common.rb +++ b/modules/exploits/unix/webapp/base_qry_common.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-2685' ], + [ 'OSVDB', '49366'], [ 'BID', '18298' ], ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/basilic_diff_exec.rb b/modules/exploits/unix/webapp/basilic_diff_exec.rb index baac920876..748c447481 100644 --- a/modules/exploits/unix/webapp/basilic_diff_exec.rb +++ b/modules/exploits/unix/webapp/basilic_diff_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '83719' ], [ 'BID', '54234' ] ], 'Platform' => %w{ linux unix }, diff --git a/modules/exploits/unix/webapp/cacti_graphimage_exec.rb b/modules/exploits/unix/webapp/cacti_graphimage_exec.rb index bce0456a6a..a91d30bcad 100644 --- a/modules/exploits/unix/webapp/cacti_graphimage_exec.rb +++ b/modules/exploits/unix/webapp/cacti_graphimage_exec.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '17539' ], [ 'BID', '14042' ], ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/cakephp_cache_corruption.rb b/modules/exploits/unix/webapp/cakephp_cache_corruption.rb index 1829ba8939..247850e4b8 100644 --- a/modules/exploits/unix/webapp/cakephp_cache_corruption.rb +++ b/modules/exploits/unix/webapp/cakephp_cache_corruption.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '69352' ], [ 'CVE', '2010-4335' ], [ 'BID', '44852' ], [ 'PACKETSTORM', '95847' ] diff --git a/modules/exploits/unix/webapp/citrix_access_gateway_exec.rb b/modules/exploits/unix/webapp/citrix_access_gateway_exec.rb index 111f4cbf0a..30434c954c 100644 --- a/modules/exploits/unix/webapp/citrix_access_gateway_exec.rb +++ b/modules/exploits/unix/webapp/citrix_access_gateway_exec.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-4566' ], + [ 'OSVDB', '70099' ], [ 'BID', '45402' ], [ 'URL', 'http://www.vsecurity.com/resources/advisory/20101221-1/' ] ], diff --git a/modules/exploits/unix/webapp/coppermine_piceditor.rb b/modules/exploits/unix/webapp/coppermine_piceditor.rb index a987eba00c..4d589b50b6 100644 --- a/modules/exploits/unix/webapp/coppermine_piceditor.rb +++ b/modules/exploits/unix/webapp/coppermine_piceditor.rb @@ -45,6 +45,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-0506' ], + [ 'OSVDB', '41676' ], [ 'EDB', '5019' ], [ 'URL', 'http://forum.coppermine-gallery.net/index.php?topic=50103.0' ] ], diff --git a/modules/exploits/unix/webapp/datalife_preview_exec.rb b/modules/exploits/unix/webapp/datalife_preview_exec.rb index e7808a79bb..603c96f61f 100644 --- a/modules/exploits/unix/webapp/datalife_preview_exec.rb +++ b/modules/exploits/unix/webapp/datalife_preview_exec.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-1412' ], + [ 'OSVDB', '89662' ], [ 'EDB', '24438' ], [ 'BID', '57603' ], [ 'URL', 'http://karmainsecurity.com/KIS-2013-01' ], diff --git a/modules/exploits/unix/webapp/dogfood_spell_exec.rb b/modules/exploits/unix/webapp/dogfood_spell_exec.rb index 134b443911..cd39139bb4 100644 --- a/modules/exploits/unix/webapp/dogfood_spell_exec.rb +++ b/modules/exploits/unix/webapp/dogfood_spell_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => BSD_LICENSE, 'References' => [ + [ 'OSVDB', '54707' ], [ 'URL', 'http://downloads.sourceforge.net/dogfood/' ], ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/egallery_upload_exec.rb b/modules/exploits/unix/webapp/egallery_upload_exec.rb index 49c49cce40..bbbfdab839 100644 --- a/modules/exploits/unix/webapp/egallery_upload_exec.rb +++ b/modules/exploits/unix/webapp/egallery_upload_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '83891'], ['BID', '54464'], ['URL', 'http://www.opensyscom.fr/Actualites/egallery-arbitrary-file-upload-vulnerability.html'] ], diff --git a/modules/exploits/unix/webapp/flashchat_upload_exec.rb b/modules/exploits/unix/webapp/flashchat_upload_exec.rb index 6225a0e506..ed1b03f3f3 100644 --- a/modules/exploits/unix/webapp/flashchat_upload_exec.rb +++ b/modules/exploits/unix/webapp/flashchat_upload_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '98233'], ['EDB', '28709'] ], 'Payload' => diff --git a/modules/exploits/unix/webapp/foswiki_maketext.rb b/modules/exploits/unix/webapp/foswiki_maketext.rb index dab17dce62..297c2c987f 100644 --- a/modules/exploits/unix/webapp/foswiki_maketext.rb +++ b/modules/exploits/unix/webapp/foswiki_maketext.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-6329' ], + [ 'OSVDB', '88410' ], [ 'URL', 'http://foswiki.org/Support/SecurityAlert-CVE-2012-6330' ] ], 'Privileged' => false, # web server context diff --git a/modules/exploits/unix/webapp/freepbx_config_exec.rb b/modules/exploits/unix/webapp/freepbx_config_exec.rb index 133932fda4..ce9fec4a64 100644 --- a/modules/exploits/unix/webapp/freepbx_config_exec.rb +++ b/modules/exploits/unix/webapp/freepbx_config_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2014-1903'], + ['OSVDB', '103240'], ['EDB', '32214'], ['URL', 'http://issues.freepbx.org/browse/FREEPBX-7123'] ], diff --git a/modules/exploits/unix/webapp/get_simple_cms_upload_exec.rb b/modules/exploits/unix/webapp/get_simple_cms_upload_exec.rb index e2d3416598..110a0ca5ec 100644 --- a/modules/exploits/unix/webapp/get_simple_cms_upload_exec.rb +++ b/modules/exploits/unix/webapp/get_simple_cms_upload_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['EDB', '25405'], + ['OSVDB', '93034'] ], 'Payload' => { diff --git a/modules/exploits/unix/webapp/google_proxystylesheet_exec.rb b/modules/exploits/unix/webapp/google_proxystylesheet_exec.rb index 0ec224ba89..97d0e53509 100644 --- a/modules/exploits/unix/webapp/google_proxystylesheet_exec.rb +++ b/modules/exploits/unix/webapp/google_proxystylesheet_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-3757'], + ['OSVDB', '20981'], ['BID', '15509'], ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/guestbook_ssi_exec.rb b/modules/exploits/unix/webapp/guestbook_ssi_exec.rb index 3e3088583c..3be8d20512 100644 --- a/modules/exploits/unix/webapp/guestbook_ssi_exec.rb +++ b/modules/exploits/unix/webapp/guestbook_ssi_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '1999-1053' ], + [ 'OSVDB', '84' ], [ 'BID', '776' ], ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/hastymail_exec.rb b/modules/exploits/unix/webapp/hastymail_exec.rb index 828c0d02f6..1d3a6013ee 100644 --- a/modules/exploits/unix/webapp/hastymail_exec.rb +++ b/modules/exploits/unix/webapp/hastymail_exec.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2011-4542' ], [ 'BID', '50791' ], + [ 'OSVDB', '77331' ], [ 'URL', 'https://www.dognaedis.com/vulns/DGS-SEC-3.html' ] ], 'Payload' => diff --git a/modules/exploits/unix/webapp/havalite_upload_exec.rb b/modules/exploits/unix/webapp/havalite_upload_exec.rb index afecd4850a..f74529955c 100644 --- a/modules/exploits/unix/webapp/havalite_upload_exec.rb +++ b/modules/exploits/unix/webapp/havalite_upload_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '94405'], ['EDB', '26243'] ], 'Payload' => @@ -53,7 +54,7 @@ class MetasploitModule < Msf::Exploit::Remote # # Checks if target is running HavaLite CMS 1.1.7 # We only flag 1.1.7 as vulnerable, because we don't have enough information from - # the vendor about exactly which ones are really vulnerable. + # the vendor or OSVDB about exactly which ones are really vulnerable. # def check uri = normalize_uri(target_uri.path, 'havalite/') diff --git a/modules/exploits/unix/webapp/hybridauth_install_php_exec.rb b/modules/exploits/unix/webapp/hybridauth_install_php_exec.rb index b20eca9507..1932c444a3 100644 --- a/modules/exploits/unix/webapp/hybridauth_install_php_exec.rb +++ b/modules/exploits/unix/webapp/hybridauth_install_php_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['EDB', '34273'], + ['OSVDB','109838'] ], 'Arch' => ARCH_PHP, 'Platform' => 'php', diff --git a/modules/exploits/unix/webapp/invision_pboard_unserialize_exec.rb b/modules/exploits/unix/webapp/invision_pboard_unserialize_exec.rb index 82b4da8f26..c684cd70a8 100644 --- a/modules/exploits/unix/webapp/invision_pboard_unserialize_exec.rb +++ b/modules/exploits/unix/webapp/invision_pboard_unserialize_exec.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-5692' ], + [ 'OSVDB', '86702' ], [ 'BID', '56288' ], [ 'EDB', '22398' ], [ 'URL', 'http://community.invisionpower.com/topic/371625-ipboard-31x-32x-and-33x-critical-security-update/' ] diff --git a/modules/exploits/unix/webapp/joomla_comjce_imgmanager.rb b/modules/exploits/unix/webapp/joomla_comjce_imgmanager.rb index a1c072a375..f36e78b209 100644 --- a/modules/exploits/unix/webapp/joomla_comjce_imgmanager.rb +++ b/modules/exploits/unix/webapp/joomla_comjce_imgmanager.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '74839'], ['EDB', '17734'], ['BID', '49338'] ], diff --git a/modules/exploits/unix/webapp/joomla_media_upload_exec.rb b/modules/exploits/unix/webapp/joomla_media_upload_exec.rb index 9712d2f44b..1e7eb42741 100644 --- a/modules/exploits/unix/webapp/joomla_media_upload_exec.rb +++ b/modules/exploits/unix/webapp/joomla_media_upload_exec.rb @@ -26,12 +26,13 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'Author' => [ - 'Jens Hinrichsen', + 'Jens Hinrichsen', # Vulnerability discovery according to the OSVDB 'juan vazquez' # Metasploit module ], 'References' => [ [ 'CVE', '2013-5576' ], + [ 'OSVDB', '95933' ], [ 'URL', 'http://developer.joomla.org/security/news/563-20130801-core-unauthorised-uploads' ], [ 'URL', 'http://www.cso.com.au/article/523528/joomla_patches_file_manager_vulnerability_responsible_hijacked_websites/' ], [ 'URL', 'https://github.com/joomla/joomla-cms/commit/fa5645208eefd70f521cd2e4d53d5378622133d8' ], diff --git a/modules/exploits/unix/webapp/joomla_tinybrowser.rb b/modules/exploits/unix/webapp/joomla_tinybrowser.rb index 670063934b..15e2279e94 100644 --- a/modules/exploits/unix/webapp/joomla_tinybrowser.rb +++ b/modules/exploits/unix/webapp/joomla_tinybrowser.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-4908'], + ['OSVDB', '64578'], ['EDB', '9296'], ['URL', 'http://developer.joomla.org/security/news/301-20090722-core-file-upload.html'], ], diff --git a/modules/exploits/unix/webapp/kimai_sqli.rb b/modules/exploits/unix/webapp/kimai_sqli.rb index 9207404874..3b8111d4b0 100644 --- a/modules/exploits/unix/webapp/kimai_sqli.rb +++ b/modules/exploits/unix/webapp/kimai_sqli.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['EDB', '25606'], + ['OSVDB', '93547'], ], 'Payload' => { diff --git a/modules/exploits/unix/webapp/libretto_upload_exec.rb b/modules/exploits/unix/webapp/libretto_upload_exec.rb index 1875ba335c..af5e4c5445 100644 --- a/modules/exploits/unix/webapp/libretto_upload_exec.rb +++ b/modules/exploits/unix/webapp/libretto_upload_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '94391'], ['EDB', '26213'] ], 'Payload' => diff --git a/modules/exploits/unix/webapp/mambo_cache_lite.rb b/modules/exploits/unix/webapp/mambo_cache_lite.rb index 12e1443100..a3d237047f 100644 --- a/modules/exploits/unix/webapp/mambo_cache_lite.rb +++ b/modules/exploits/unix/webapp/mambo_cache_lite.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-2905' ], + [ 'OSVDB', '46173' ], [ 'BID', '29716' ], ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/mitel_awc_exec.rb b/modules/exploits/unix/webapp/mitel_awc_exec.rb index 04125a1d90..943f3d32ac 100644 --- a/modules/exploits/unix/webapp/mitel_awc_exec.rb +++ b/modules/exploits/unix/webapp/mitel_awc_exec.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '69934'], # ['CVE', ''], # ['BID', ''] ], diff --git a/modules/exploits/unix/webapp/moinmoin_twikidraw.rb b/modules/exploits/unix/webapp/moinmoin_twikidraw.rb index 7dd69c9d04..1a558a3e0d 100644 --- a/modules/exploits/unix/webapp/moinmoin_twikidraw.rb +++ b/modules/exploits/unix/webapp/moinmoin_twikidraw.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-6081' ], + [ 'OSVDB', '88825' ], [ 'BID', '57082' ], [ 'EDB', '25304' ], [ 'URL', 'http://hg.moinmo.in/moin/1.9/rev/7e7e1cbb9d3f' ], diff --git a/modules/exploits/unix/webapp/mybb_backdoor.rb b/modules/exploits/unix/webapp/mybb_backdoor.rb index ee29acf9c7..084d6f44b9 100644 --- a/modules/exploits/unix/webapp/mybb_backdoor.rb +++ b/modules/exploits/unix/webapp/mybb_backdoor.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '76111' ], [ 'BID', '49993' ], [ 'SECUNIA', '46300' ], [ 'URL', 'http://blog.mybb.com/2011/10/06/1-6-4-security-vulnerabilit/' ] diff --git a/modules/exploits/unix/webapp/nagios3_history_cgi.rb b/modules/exploits/unix/webapp/nagios3_history_cgi.rb index fa1881923b..9329442d45 100644 --- a/modules/exploits/unix/webapp/nagios3_history_cgi.rb +++ b/modules/exploits/unix/webapp/nagios3_history_cgi.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-6096' ], + [ 'OSVDB', '88322' ], [ 'BID', '56879' ], [ 'EDB', '24084' ] ], diff --git a/modules/exploits/unix/webapp/nagios3_statuswml_ping.rb b/modules/exploits/unix/webapp/nagios3_statuswml_ping.rb index 57ca2f92cd..75bd25e80d 100644 --- a/modules/exploits/unix/webapp/nagios3_statuswml_ping.rb +++ b/modules/exploits/unix/webapp/nagios3_statuswml_ping.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-2288' ], + [ 'OSVDB', '55281'], ], 'Platform' => ['unix'], 'Arch' => ARCH_CMD, diff --git a/modules/exploits/unix/webapp/nagios_graph_explorer.rb b/modules/exploits/unix/webapp/nagios_graph_explorer.rb index 70db301912..3f39baba91 100644 --- a/modules/exploits/unix/webapp/nagios_graph_explorer.rb +++ b/modules/exploits/unix/webapp/nagios_graph_explorer.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '83552' ], [ 'BID', '54263' ], [ 'PACKETSTORM', '118497' ] ], diff --git a/modules/exploits/unix/webapp/narcissus_backend_exec.rb b/modules/exploits/unix/webapp/narcissus_backend_exec.rb index 33dc44e1e3..6a18933811 100644 --- a/modules/exploits/unix/webapp/narcissus_backend_exec.rb +++ b/modules/exploits/unix/webapp/narcissus_backend_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'EDB', '22709' ], + [ 'OSVDB', '87410' ] ], 'Payload' => { diff --git a/modules/exploits/unix/webapp/open_flash_chart_upload_exec.rb b/modules/exploits/unix/webapp/open_flash_chart_upload_exec.rb index 0d17cfe956..2a83f31155 100644 --- a/modules/exploits/unix/webapp/open_flash_chart_upload_exec.rb +++ b/modules/exploits/unix/webapp/open_flash_chart_upload_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['BID', '37314'], ['CVE', '2009-4140'], + ['OSVDB', '59051'], ['EDB', '10532'], ['WPVDB', '6787'], ['WPVDB', '6788'], diff --git a/modules/exploits/unix/webapp/openemr_sqli_privesc_upload.rb b/modules/exploits/unix/webapp/openemr_sqli_privesc_upload.rb index a3ca173799..3b0a3a3eb1 100644 --- a/modules/exploits/unix/webapp/openemr_sqli_privesc_upload.rb +++ b/modules/exploits/unix/webapp/openemr_sqli_privesc_upload.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '97482'], ['EDB', '28329'] ], 'Platform' => ['php'], diff --git a/modules/exploits/unix/webapp/openemr_upload_exec.rb b/modules/exploits/unix/webapp/openemr_upload_exec.rb index 54dd41a2d4..cd9dac9f8b 100644 --- a/modules/exploits/unix/webapp/openemr_upload_exec.rb +++ b/modules/exploits/unix/webapp/openemr_upload_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '90222' ], [ 'BID', '37314' ], [ 'EBD', '24492' ], [ 'URL', 'http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5126.php' ], diff --git a/modules/exploits/unix/webapp/opensis_modname_exec.rb b/modules/exploits/unix/webapp/opensis_modname_exec.rb index c22453a157..1c7a6a73b5 100644 --- a/modules/exploits/unix/webapp/opensis_modname_exec.rb +++ b/modules/exploits/unix/webapp/opensis_modname_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2013-1349'], + ['OSVDB', '100676'], ['URL', 'http://karmainsecurity.com/KIS-2013-10'], ['URL', 'http://sourceforge.net/p/opensis-ce/bugs/59/'] ], diff --git a/modules/exploits/unix/webapp/openview_connectednodes_exec.rb b/modules/exploits/unix/webapp/openview_connectednodes_exec.rb index 784d6e1aef..01606273b0 100644 --- a/modules/exploits/unix/webapp/openview_connectednodes_exec.rb +++ b/modules/exploits/unix/webapp/openview_connectednodes_exec.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-2773'], + ['OSVDB', '19057'], ['BID', '14662'], ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/openx_banner_edit.rb b/modules/exploits/unix/webapp/openx_banner_edit.rb index 8149467e64..c6a695a8d5 100644 --- a/modules/exploits/unix/webapp/openx_banner_edit.rb +++ b/modules/exploits/unix/webapp/openx_banner_edit.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-4098' ], + [ 'OSVDB', '60499' ], [ 'BID', '37110' ], [ 'URL', 'http://archives.neohapsis.com/archives/bugtraq/2009-11/0166.html' ], [ 'URL', 'http://www.openx.org/docs/2.8/release-notes/openx-2.8.2' ], diff --git a/modules/exploits/unix/webapp/oracle_vm_agent_utl.rb b/modules/exploits/unix/webapp/oracle_vm_agent_utl.rb index 7c93899619..6efb784256 100644 --- a/modules/exploits/unix/webapp/oracle_vm_agent_utl.rb +++ b/modules/exploits/unix/webapp/oracle_vm_agent_utl.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote [ # ovs-agent.spec:- Fix ovs agent command injection [orabug 10146644] {CVE-2010-3585} ['CVE', '2010-3585'], + ['OSVDB', '68797'], ['BID', '44047'] ], 'Privileged' => true, diff --git a/modules/exploits/unix/webapp/oscommerce_filemanager.rb b/modules/exploits/unix/webapp/oscommerce_filemanager.rb index 7ef74f9838..b3e1bf3bbd 100644 --- a/modules/exploits/unix/webapp/oscommerce_filemanager.rb +++ b/modules/exploits/unix/webapp/oscommerce_filemanager.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '60018' ], [ 'EDB', '9556' ] ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/pajax_remote_exec.rb b/modules/exploits/unix/webapp/pajax_remote_exec.rb index 11451f0b8b..711533e4f3 100644 --- a/modules/exploits/unix/webapp/pajax_remote_exec.rb +++ b/modules/exploits/unix/webapp/pajax_remote_exec.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-1551'], + ['OSVDB', '24618'], ['BID', '17519'], ['URL', 'http://www.redteam-pentesting.de/advisories/rt-sa-2006-001.php'], ], diff --git a/modules/exploits/unix/webapp/php_charts_exec.rb b/modules/exploits/unix/webapp/php_charts_exec.rb index 4580b6e3a1..b33f1a45bc 100644 --- a/modules/exploits/unix/webapp/php_charts_exec.rb +++ b/modules/exploits/unix/webapp/php_charts_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '89334'], ['BID', '57448'], ['EDB', '24201'] ], diff --git a/modules/exploits/unix/webapp/php_vbulletin_template.rb b/modules/exploits/unix/webapp/php_vbulletin_template.rb index fb8273c13f..70a7a5713e 100644 --- a/modules/exploits/unix/webapp/php_vbulletin_template.rb +++ b/modules/exploits/unix/webapp/php_vbulletin_template.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2005-0511' ], [ 'BID', '12622' ], + [ 'OSVDB', '14047' ], ], 'Privileged' => false, 'Platform' => ['unix'], diff --git a/modules/exploits/unix/webapp/php_xmlrpc_eval.rb b/modules/exploits/unix/webapp/php_xmlrpc_eval.rb index 6191f448e7..fedf43dcfc 100644 --- a/modules/exploits/unix/webapp/php_xmlrpc_eval.rb +++ b/modules/exploits/unix/webapp/php_xmlrpc_eval.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-1921'], + ['OSVDB', '17793'], ['BID', '14088'], ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/phpbb_highlight.rb b/modules/exploits/unix/webapp/phpbb_highlight.rb index 06a930e782..92159e9983 100644 --- a/modules/exploits/unix/webapp/phpbb_highlight.rb +++ b/modules/exploits/unix/webapp/phpbb_highlight.rb @@ -29,6 +29,8 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2005-2086'], [ 'CVE', '2004-1315'], + [ 'OSVDB', '11719'], + [ 'OSVDB', '17613'], [ 'BID', '14086'], [ 'BID', '10701'], ], diff --git a/modules/exploits/unix/webapp/phpmyadmin_config.rb b/modules/exploits/unix/webapp/phpmyadmin_config.rb index 103c937d83..2505a8901e 100644 --- a/modules/exploits/unix/webapp/phpmyadmin_config.rb +++ b/modules/exploits/unix/webapp/phpmyadmin_config.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-1151' ], + [ 'OSVDB', '53076' ], [ 'EDB', '8921' ], [ 'URL', 'http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php' ], [ 'URL', 'http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/' ] diff --git a/modules/exploits/unix/webapp/projectpier_upload_exec.rb b/modules/exploits/unix/webapp/projectpier_upload_exec.rb index 8242558e26..6149f0a6cf 100644 --- a/modules/exploits/unix/webapp/projectpier_upload_exec.rb +++ b/modules/exploits/unix/webapp/projectpier_upload_exec.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '85881'], ['EDB', '21929'], ['PACKETSTORM', '117070'] ], diff --git a/modules/exploits/unix/webapp/qtss_parse_xml_exec.rb b/modules/exploits/unix/webapp/qtss_parse_xml_exec.rb index 696ba765cb..90cab50a10 100644 --- a/modules/exploits/unix/webapp/qtss_parse_xml_exec.rb +++ b/modules/exploits/unix/webapp/qtss_parse_xml_exec.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '10562'], [ 'BID', '6954' ], [ 'CVE', '2003-0050' ] ], diff --git a/modules/exploits/unix/webapp/redmine_scm_exec.rb b/modules/exploits/unix/webapp/redmine_scm_exec.rb index 9f68a532d2..fa917c7e4e 100644 --- a/modules/exploits/unix/webapp/redmine_scm_exec.rb +++ b/modules/exploits/unix/webapp/redmine_scm_exec.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-4929'], + ['OSVDB', '70090'], ['URL', 'http://www.redmine.org/news/49' ] ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/seportal_sqli_exec.rb b/modules/exploits/unix/webapp/seportal_sqli_exec.rb index 64a7be28b6..f71b7fd44c 100644 --- a/modules/exploits/unix/webapp/seportal_sqli_exec.rb +++ b/modules/exploits/unix/webapp/seportal_sqli_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2008-5191'], + ['OSVDB', '46567'], ['EDB', '32359'] ], 'Platform' => ['php'], diff --git a/modules/exploits/unix/webapp/skybluecanvas_exec.rb b/modules/exploits/unix/webapp/skybluecanvas_exec.rb index f4c1a85db6..3f4535f7cc 100644 --- a/modules/exploits/unix/webapp/skybluecanvas_exec.rb +++ b/modules/exploits/unix/webapp/skybluecanvas_exec.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2014-1683'], + ['OSVDB', '102586'], ['BID', '65129'], ['EDB', '31183'], ['PACKETSTORM', '124948'] diff --git a/modules/exploits/unix/webapp/sphpblog_file_upload.rb b/modules/exploits/unix/webapp/sphpblog_file_upload.rb index c059be9ed3..1633e81cde 100644 --- a/modules/exploits/unix/webapp/sphpblog_file_upload.rb +++ b/modules/exploits/unix/webapp/sphpblog_file_upload.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-2733'], + ['OSVDB', '19012'], ['BID', '14667'], ['EDB', '1191'], ], diff --git a/modules/exploits/unix/webapp/spip_connect_exec.rb b/modules/exploits/unix/webapp/spip_connect_exec.rb index b7101a5db8..5d7cc5c5e9 100644 --- a/modules/exploits/unix/webapp/spip_connect_exec.rb +++ b/modules/exploits/unix/webapp/spip_connect_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '83543' ], [ 'BID', '54292' ], [ 'URL', 'http://contrib.spip.net/SPIP-3-0-3-2-1-16-et-2-0-21-a-l-etape-303-epate-la' ] ], diff --git a/modules/exploits/unix/webapp/squash_yaml_exec.rb b/modules/exploits/unix/webapp/squash_yaml_exec.rb index bb1cfde8c4..bd489e6b3a 100644 --- a/modules/exploits/unix/webapp/squash_yaml_exec.rb +++ b/modules/exploits/unix/webapp/squash_yaml_exec.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'URL', 'http://ceriksen.com/2013/08/06/squash-remote-code-execution-vulnerability-advisory/'], + [ 'OSVDB', '95992'], [ 'CVE', '2013-5036'] ], 'Platform' => 'ruby', diff --git a/modules/exploits/unix/webapp/squirrelmail_pgp_plugin.rb b/modules/exploits/unix/webapp/squirrelmail_pgp_plugin.rb index 0a25ac7679..61eba13594 100644 --- a/modules/exploits/unix/webapp/squirrelmail_pgp_plugin.rb +++ b/modules/exploits/unix/webapp/squirrelmail_pgp_plugin.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2003-0990'], + ['OSVDB', '3178'], ['URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=330'], ['URL', 'http://www.wslabi.com/wabisabilabi/initPublishedBid.do?'], ], diff --git a/modules/exploits/unix/webapp/sugarcrm_unserialize_exec.rb b/modules/exploits/unix/webapp/sugarcrm_unserialize_exec.rb index 02077bb801..a659def99d 100644 --- a/modules/exploits/unix/webapp/sugarcrm_unserialize_exec.rb +++ b/modules/exploits/unix/webapp/sugarcrm_unserialize_exec.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0694' ], + [ 'OSVDB', '83361' ], [ 'EDB', '19381' ], [ 'URL', 'http://www.sugarcrm.com/forums/f22/critical-security-vulnerability-76537/' ] ], diff --git a/modules/exploits/unix/webapp/tikiwiki_graph_formula_exec.rb b/modules/exploits/unix/webapp/tikiwiki_graph_formula_exec.rb index 8c11b8ca09..de46b20848 100644 --- a/modules/exploits/unix/webapp/tikiwiki_graph_formula_exec.rb +++ b/modules/exploits/unix/webapp/tikiwiki_graph_formula_exec.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-5423'], + ['OSVDB', '40478'], ['BID', '26006'], ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb b/modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb index aad8830f55..4d46b0051f 100644 --- a/modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb +++ b/modules/exploits/unix/webapp/tikiwiki_jhot_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-4602'], + ['OSVDB', '28456'], ['BID', '19819'], ['URL', 'http://secunia.com/advisories/21733/'], ], diff --git a/modules/exploits/unix/webapp/tikiwiki_unserialize_exec.rb b/modules/exploits/unix/webapp/tikiwiki_unserialize_exec.rb index badd93c7fc..0839e46091 100644 --- a/modules/exploits/unix/webapp/tikiwiki_unserialize_exec.rb +++ b/modules/exploits/unix/webapp/tikiwiki_unserialize_exec.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0911' ], + [ 'OSVDB', '83534' ], [ 'BID', '54298' ], [ 'EDB', '19573' ], [ 'URL', 'http://dev.tiki.org/item4109' ] diff --git a/modules/exploits/unix/webapp/trixbox_langchoice.rb b/modules/exploits/unix/webapp/trixbox_langchoice.rb index 653bde0988..777ae27a6c 100644 --- a/modules/exploits/unix/webapp/trixbox_langchoice.rb +++ b/modules/exploits/unix/webapp/trixbox_langchoice.rb @@ -18,12 +18,13 @@ class MetasploitModule < Msf::Exploit::Remote 'Name' => 'Trixbox langChoice PHP Local File Inclusion', 'Description' => %q{ This module injects php into the trixbox session file and then, in a second call, evaluates - that code by manipulating the langChoice parameter. + that code by manipulating the langChoice parameter as described in OSVDB-50421. }, 'Author' => ['chao-mu'], 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '50421'], ['CVE', '2008-6825'], ['BID', '30135'], ['EDB', '6026' ], diff --git a/modules/exploits/unix/webapp/tuleap_unserialize_exec.rb b/modules/exploits/unix/webapp/tuleap_unserialize_exec.rb index 12f2b3e73a..56144a5917 100644 --- a/modules/exploits/unix/webapp/tuleap_unserialize_exec.rb +++ b/modules/exploits/unix/webapp/tuleap_unserialize_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2014-8791'], + ['OSVDB', '115128'], ['URL', 'http://karmainsecurity.com/KIS-2014-13'], ['URL', 'https://tuleap.net/plugins/tracker/?aid=7601'] ], diff --git a/modules/exploits/unix/webapp/twiki_history.rb b/modules/exploits/unix/webapp/twiki_history.rb index 97c232056a..6cc5113f2e 100644 --- a/modules/exploits/unix/webapp/twiki_history.rb +++ b/modules/exploits/unix/webapp/twiki_history.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-2877' ], + [ 'OSVDB', '19403' ], [ 'BID', '14834' ], [ 'URL', 'http://twiki.org/cgi-bin/view/Codev/SecurityAlertExecuteCommandsWithRev' ] ], diff --git a/modules/exploits/unix/webapp/twiki_maketext.rb b/modules/exploits/unix/webapp/twiki_maketext.rb index 83f00098f6..73207fd2a9 100644 --- a/modules/exploits/unix/webapp/twiki_maketext.rb +++ b/modules/exploits/unix/webapp/twiki_maketext.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-6329' ], + [ 'OSVDB', '88460' ], [ 'BID', '56950' ], [ 'URL', 'http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2012-6329' ] ], diff --git a/modules/exploits/unix/webapp/twiki_search.rb b/modules/exploits/unix/webapp/twiki_search.rb index 63a8a74075..183f696ffb 100644 --- a/modules/exploits/unix/webapp/twiki_search.rb +++ b/modules/exploits/unix/webapp/twiki_search.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1037' ], + [ 'OSVDB', '11714' ], [ 'BID', '11674' ], [ 'URL', 'http://twiki.org/cgi-bin/view/Codev/SecurityAlertExecuteCommandsWithSearch' ] ], diff --git a/modules/exploits/unix/webapp/vbulletin_vote_sqli_exec.rb b/modules/exploits/unix/webapp/vbulletin_vote_sqli_exec.rb index 4afb6896e4..6f94c0aa4e 100644 --- a/modules/exploits/unix/webapp/vbulletin_vote_sqli_exec.rb +++ b/modules/exploits/unix/webapp/vbulletin_vote_sqli_exec.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-3522' ], + [ 'OSVDB', '92031' ], [ 'EDB', '24882' ], [ 'BID', '58754' ], [ 'URL', 'http://www.zempirians.com/archive/legion/vbulletin_5.pl.txt' ] diff --git a/modules/exploits/unix/webapp/vicidial_manager_send_cmd_exec.rb b/modules/exploits/unix/webapp/vicidial_manager_send_cmd_exec.rb index ccc9161507..01ea8823c6 100644 --- a/modules/exploits/unix/webapp/vicidial_manager_send_cmd_exec.rb +++ b/modules/exploits/unix/webapp/vicidial_manager_send_cmd_exec.rb @@ -38,6 +38,8 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2013-4467' ], [ 'CVE', '2013-4468' ], + [ 'OSVDB', '98903' ], + [ 'OSVDB', '98902' ], [ 'BID', '63340' ], [ 'BID', '63288' ], [ 'URL', 'http://www.openwall.com/lists/oss-security/2013/10/23/10' ], diff --git a/modules/exploits/unix/webapp/webmin_show_cgi_exec.rb b/modules/exploits/unix/webapp/webmin_show_cgi_exec.rb index 88d8372fde..c058cbf271 100644 --- a/modules/exploits/unix/webapp/webmin_show_cgi_exec.rb +++ b/modules/exploits/unix/webapp/webmin_show_cgi_exec.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '85248'], ['BID', '55446'], ['CVE', '2012-2982'], ['URL', 'http://www.americaninfosec.com/research/dossiers/AISG-12-001.pdf'], diff --git a/modules/exploits/unix/webapp/webtester_exec.rb b/modules/exploits/unix/webapp/webtester_exec.rb index d24d57f58c..bf55cd2c70 100644 --- a/modules/exploits/unix/webapp/webtester_exec.rb +++ b/modules/exploits/unix/webapp/webtester_exec.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '98750'], ['URL', 'https://sourceforge.net/p/webtesteronline/bugs/3/'] ], 'Payload' => diff --git a/modules/exploits/unix/webapp/wp_advanced_custom_fields_exec.rb b/modules/exploits/unix/webapp/wp_advanced_custom_fields_exec.rb index 6d4e3369a3..b76d8d9fdd 100644 --- a/modules/exploits/unix/webapp/wp_advanced_custom_fields_exec.rb +++ b/modules/exploits/unix/webapp/wp_advanced_custom_fields_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '87353'], ['URL', 'http://secunia.com/advisories/51037/'], ['WPVDB', '6103'] ], diff --git a/modules/exploits/unix/webapp/wp_asset_manager_upload_exec.rb b/modules/exploits/unix/webapp/wp_asset_manager_upload_exec.rb index a729b95203..fec5e636cb 100644 --- a/modules/exploits/unix/webapp/wp_asset_manager_upload_exec.rb +++ b/modules/exploits/unix/webapp/wp_asset_manager_upload_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '82653'], ['BID', '53809'], ['EDB', '18993'], ['URL', 'http://www.opensyscom.fr/Actualites/wordpress-plugins-asset-manager-shell-upload-vulnerability.html'], diff --git a/modules/exploits/unix/webapp/wp_creativecontactform_file_upload.rb b/modules/exploits/unix/webapp/wp_creativecontactform_file_upload.rb index 4e7abc1da0..f9ac0917a8 100644 --- a/modules/exploits/unix/webapp/wp_creativecontactform_file_upload.rb +++ b/modules/exploits/unix/webapp/wp_creativecontactform_file_upload.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['EDB', '35057'], + ['OSVDB', '113669'], ['WPVDB', '7652'] ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/wp_easycart_unrestricted_file_upload.rb b/modules/exploits/unix/webapp/wp_easycart_unrestricted_file_upload.rb index 336f46a69a..714471ec6b 100644 --- a/modules/exploits/unix/webapp/wp_easycart_unrestricted_file_upload.rb +++ b/modules/exploits/unix/webapp/wp_easycart_unrestricted_file_upload.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '116806'], ['WPVDB', '7745'] ], 'DisclosureDate' => 'Jan 08 2015', diff --git a/modules/exploits/unix/webapp/wp_foxypress_upload.rb b/modules/exploits/unix/webapp/wp_foxypress_upload.rb index afa40931e2..5b46f5a16a 100644 --- a/modules/exploits/unix/webapp/wp_foxypress_upload.rb +++ b/modules/exploits/unix/webapp/wp_foxypress_upload.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['EDB', '18991'], + ['OSVDB' '82652'], ['BID', '53805'], ['WPVDB', '6231'] ], diff --git a/modules/exploits/unix/webapp/wp_frontend_editor_file_upload.rb b/modules/exploits/unix/webapp/wp_frontend_editor_file_upload.rb index 2b2d6407b7..805a886437 100644 --- a/modules/exploits/unix/webapp/wp_frontend_editor_file_upload.rb +++ b/modules/exploits/unix/webapp/wp_frontend_editor_file_upload.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '83637'], ['WPVDB', '7569'], ['URL', 'http://www.opensyscom.fr/Actualites/wordpress-plugins-front-end-editor-arbitrary-file-upload-vulnerability.html'] ], diff --git a/modules/exploits/unix/webapp/wp_google_document_embedder_exec.rb b/modules/exploits/unix/webapp/wp_google_document_embedder_exec.rb index f6c184b05e..b6e1d7ddc1 100644 --- a/modules/exploits/unix/webapp/wp_google_document_embedder_exec.rb +++ b/modules/exploits/unix/webapp/wp_google_document_embedder_exec.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-4915'], + ['OSVDB', '88891'], ['URL', 'http://secunia.com/advisories/50832'], ['WPVDB', '6073'] ], diff --git a/modules/exploits/unix/webapp/wp_inboundio_marketing_file_upload.rb b/modules/exploits/unix/webapp/wp_inboundio_marketing_file_upload.rb index 5fdc9b6aa2..feae3662d5 100644 --- a/modules/exploits/unix/webapp/wp_inboundio_marketing_file_upload.rb +++ b/modules/exploits/unix/webapp/wp_inboundio_marketing_file_upload.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['EDB', '36478'], + ['OSVDB', '119890'], ['WPVDB', '7864'] ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/wp_lastpost_exec.rb b/modules/exploits/unix/webapp/wp_lastpost_exec.rb index 6257e54629..8f5fc9ba22 100644 --- a/modules/exploits/unix/webapp/wp_lastpost_exec.rb +++ b/modules/exploits/unix/webapp/wp_lastpost_exec.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-2612'], + ['OSVDB', '18672'], ['BID', '14533'], ['WPVDB', '6034'] ], diff --git a/modules/exploits/unix/webapp/wp_photo_gallery_unrestricted_file_upload.rb b/modules/exploits/unix/webapp/wp_photo_gallery_unrestricted_file_upload.rb index e6fcdd6c49..941dc8f538 100644 --- a/modules/exploits/unix/webapp/wp_photo_gallery_unrestricted_file_upload.rb +++ b/modules/exploits/unix/webapp/wp_photo_gallery_unrestricted_file_upload.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '117676'], ['WPVDB', '7769'], ['CVE', '2014-9312'], ['URL', 'http://security.szurek.pl/photo-gallery-125-unrestricted-file-upload.html'] diff --git a/modules/exploits/unix/webapp/wp_pixabay_images_upload.rb b/modules/exploits/unix/webapp/wp_pixabay_images_upload.rb index a316e4d38f..a75eefc24b 100644 --- a/modules/exploits/unix/webapp/wp_pixabay_images_upload.rb +++ b/modules/exploits/unix/webapp/wp_pixabay_images_upload.rb @@ -27,6 +27,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['URL', 'https://www.mogwaisecurity.de/advisories/MSA-2015-01.txt'], + ['OSVDB', '117145'], + ['OSVDB', '117146'], ['WPVDB', '7758'] ], 'Privileged' => false, diff --git a/modules/exploits/unix/webapp/wp_property_upload_exec.rb b/modules/exploits/unix/webapp/wp_property_upload_exec.rb index 60e80b4663..be24e09124 100644 --- a/modules/exploits/unix/webapp/wp_property_upload_exec.rb +++ b/modules/exploits/unix/webapp/wp_property_upload_exec.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '82656'], ['BID', '53787'], ['EDB', '18987'], ['URL', 'http://www.opensyscom.fr/Actualites/wordpress-plugins-wp-property-shell-upload-vulnerability.html'], diff --git a/modules/exploits/unix/webapp/wp_reflexgallery_file_upload.rb b/modules/exploits/unix/webapp/wp_reflexgallery_file_upload.rb index 470ccdaf3e..7590f4caef 100644 --- a/modules/exploits/unix/webapp/wp_reflexgallery_file_upload.rb +++ b/modules/exploits/unix/webapp/wp_reflexgallery_file_upload.rb @@ -27,13 +27,14 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['EDB', '36374'], + ['OSVDB', '88853'], ['WPVDB', '7867'] ], 'Privileged' => false, 'Platform' => 'php', 'Arch' => ARCH_PHP, 'Targets' => [['Reflex Gallery 3.1.3', {}]], - 'DisclosureDate' => 'Dec 30 2012', # EDB? WPVDB? Cannot set the date. + 'DisclosureDate' => 'Dec 30 2012', # OSVDB? EDB? WPVDB? Cannot set the date. 'DefaultTarget' => 0) ) end diff --git a/modules/exploits/unix/webapp/wp_revslider_upload_execute.rb b/modules/exploits/unix/webapp/wp_revslider_upload_execute.rb index c6d0dc9666..c79b3069df 100644 --- a/modules/exploits/unix/webapp/wp_revslider_upload_execute.rb +++ b/modules/exploits/unix/webapp/wp_revslider_upload_execute.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '115118'], ['EDB', '35385'], ['WPVDB', '7954'], ['URL', 'https://whatisgon.wordpress.com/2014/11/30/another-revslider-vulnerability/'] diff --git a/modules/exploits/unix/webapp/wp_symposium_shell_upload.rb b/modules/exploits/unix/webapp/wp_symposium_shell_upload.rb index 12712dd6c8..620594fc2f 100644 --- a/modules/exploits/unix/webapp/wp_symposium_shell_upload.rb +++ b/modules/exploits/unix/webapp/wp_symposium_shell_upload.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '116046'], ['WPVDB', '7716'] ], 'DisclosureDate' => 'Dec 11 2014', diff --git a/modules/exploits/unix/webapp/wp_total_cache_exec.rb b/modules/exploits/unix/webapp/wp_total_cache_exec.rb index eeba9f53de..8380660362 100644 --- a/modules/exploits/unix/webapp/wp_total_cache_exec.rb +++ b/modules/exploits/unix/webapp/wp_total_cache_exec.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-2010' ], + [ 'OSVDB', '92652' ], [ 'BID', '59316' ], [ 'URL', 'http://wordpress.org/support/topic/pwn3d' ], [ 'URL', 'http://www.acunetix.com/blog/web-security-zone/wp-plugins-remote-code-execution/' ], diff --git a/modules/exploits/unix/webapp/xoda_file_upload.rb b/modules/exploits/unix/webapp/xoda_file_upload.rb index c0caf402f3..5877144ba3 100644 --- a/modules/exploits/unix/webapp/xoda_file_upload.rb +++ b/modules/exploits/unix/webapp/xoda_file_upload.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '85117' ], [ 'BID', '55127' ], [ 'EDB', '20703' ] ], diff --git a/modules/exploits/unix/webapp/zimbra_lfi.rb b/modules/exploits/unix/webapp/zimbra_lfi.rb index 6e76077ab1..c11f84545f 100644 --- a/modules/exploits/unix/webapp/zimbra_lfi.rb +++ b/modules/exploits/unix/webapp/zimbra_lfi.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-7091' ], + [ 'OSVDB', '100747' ], [ 'BID', '64149' ], [ 'EDB', '30085' ], [ 'URL', 'http://cxsecurity.com/issue/WLB-2013120097' ] diff --git a/modules/exploits/unix/webapp/zoneminder_packagecontrol_exec.rb b/modules/exploits/unix/webapp/zoneminder_packagecontrol_exec.rb index 17a3c4bcd0..e1ff8e7aa0 100644 --- a/modules/exploits/unix/webapp/zoneminder_packagecontrol_exec.rb +++ b/modules/exploits/unix/webapp/zoneminder_packagecontrol_exec.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2013-0232'], + ['OSVDB', '89529'], ['EDB', '24310'], ['URL', 'http://itsecuritysolutions.org/2013-01-22-ZoneMinder-Video-Server-arbitrary-command-execution-vulnerability/'] ], diff --git a/modules/exploits/unix/webapp/zpanel_username_exec.rb b/modules/exploits/unix/webapp/zpanel_username_exec.rb index afa64c9c84..d087d53acc 100644 --- a/modules/exploits/unix/webapp/zpanel_username_exec.rb +++ b/modules/exploits/unix/webapp/zpanel_username_exec.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '94038'], ['URL', 'https://github.com/bobsta63/zpanelx/commit/fe9cec7a8164801e2b3755b7abeabdd607f97906'], ['URL', 'http://forums.zpanelcp.com/showthread.php?27898-Serious-Remote-Execution-Exploit-in-Zpanel-10-0-0-2'] ], diff --git a/modules/exploits/windows/antivirus/ams_hndlrsvc.rb b/modules/exploits/windows/antivirus/ams_hndlrsvc.rb index 049b4efb4b..3a1f29e0f0 100644 --- a/modules/exploits/windows/antivirus/ams_hndlrsvc.rb +++ b/modules/exploits/windows/antivirus/ams_hndlrsvc.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '66807'], [ 'BID', '41959' ], [ 'URL', 'http://www.foofus.net/~spider/code/AMS2_072610.txt' ], ], diff --git a/modules/exploits/windows/antivirus/ams_xfr.rb b/modules/exploits/windows/antivirus/ams_xfr.rb index a5c0df6cab..73479bd7c3 100644 --- a/modules/exploits/windows/antivirus/ams_xfr.rb +++ b/modules/exploits/windows/antivirus/ams_xfr.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2009-1429' ], [ 'BID', '34671' ], + [ 'OSVDB', '54157' ], [ 'ZDI', '09-060' ], [ 'URL', 'http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20090428_02' ] ], diff --git a/modules/exploits/windows/antivirus/symantec_endpoint_manager_rce.rb b/modules/exploits/windows/antivirus/symantec_endpoint_manager_rce.rb index c052e82697..1f62f84c1e 100644 --- a/modules/exploits/windows/antivirus/symantec_endpoint_manager_rce.rb +++ b/modules/exploits/windows/antivirus/symantec_endpoint_manager_rce.rb @@ -34,6 +34,8 @@ class MetasploitModule < Msf::Exploit::Remote [ ['CVE', '2013-5014'], ['CVE', '2013-5015'], + ['OSVDB', '103305'], + ['OSVDB', '103306'], ['EDB', '31853'], ['URL', 'https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140218-0_Symantec_Endpoint_Protection_Multiple_critical_vulnerabilities_wo_poc_v10.txt'] ], diff --git a/modules/exploits/windows/antivirus/symantec_iao.rb b/modules/exploits/windows/antivirus/symantec_iao.rb index afba49551f..e1ae91de8e 100644 --- a/modules/exploits/windows/antivirus/symantec_iao.rb +++ b/modules/exploits/windows/antivirus/symantec_iao.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-1430' ], + [ 'OSVDB', '54159'], [ 'BID', '34674' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/antivirus/symantec_rtvscan.rb b/modules/exploits/windows/antivirus/symantec_rtvscan.rb index 40e294c31f..1e464e7b5d 100644 --- a/modules/exploits/windows/antivirus/symantec_rtvscan.rb +++ b/modules/exploits/windows/antivirus/symantec_rtvscan.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-2630'], + ['OSVDB', '25846'], ['BID', '18107'], ['URL', 'http://research.eeye.com/html/advisories/published/AD20060612.html'], ], diff --git a/modules/exploits/windows/antivirus/symantec_workspace_streaming_exec.rb b/modules/exploits/windows/antivirus/symantec_workspace_streaming_exec.rb index bcf7296f8e..1100693c5a 100644 --- a/modules/exploits/windows/antivirus/symantec_workspace_streaming_exec.rb +++ b/modules/exploits/windows/antivirus/symantec_workspace_streaming_exec.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2014-1649'], + ['OSVDB', '106923'], ['BID', '67189'], ['ZDI', '14-127'], ['URL', 'http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140512_00'] diff --git a/modules/exploits/windows/antivirus/trendmicro_serverprotect.rb b/modules/exploits/windows/antivirus/trendmicro_serverprotect.rb index 690cb15e1d..78276f632f 100644 --- a/modules/exploits/windows/antivirus/trendmicro_serverprotect.rb +++ b/modules/exploits/windows/antivirus/trendmicro_serverprotect.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-1070'], + ['OSVDB', '33042'], ['BID', '22639'], ], 'Privileged' => true, diff --git a/modules/exploits/windows/antivirus/trendmicro_serverprotect_createbinding.rb b/modules/exploits/windows/antivirus/trendmicro_serverprotect_createbinding.rb index a3688d9240..f85e5a0d20 100644 --- a/modules/exploits/windows/antivirus/trendmicro_serverprotect_createbinding.rb +++ b/modules/exploits/windows/antivirus/trendmicro_serverprotect_createbinding.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-2508'], + ['OSVDB', '35790'], ['BID', '23868'], ], 'Privileged' => true, diff --git a/modules/exploits/windows/antivirus/trendmicro_serverprotect_earthagent.rb b/modules/exploits/windows/antivirus/trendmicro_serverprotect_earthagent.rb index 8116b20d91..aab4bbef64 100644 --- a/modules/exploits/windows/antivirus/trendmicro_serverprotect_earthagent.rb +++ b/modules/exploits/windows/antivirus/trendmicro_serverprotect_earthagent.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-2508'], + ['OSVDB', '35789'], ['BID', '23866'], ], 'Privileged' => true, diff --git a/modules/exploits/windows/arkeia/type77.rb b/modules/exploits/windows/arkeia/type77.rb index cca910ad75..c4ef38be85 100644 --- a/modules/exploits/windows/arkeia/type77.rb +++ b/modules/exploits/windows/arkeia/type77.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0491' ], + [ 'OSVDB', '14011'], [ 'BID', '12594'], [ 'URL', 'http://lists.netsys.com/pipermail/full-disclosure/2005-February/031831.html'], ], diff --git a/modules/exploits/windows/backdoor/energizer_duo_payload.rb b/modules/exploits/windows/backdoor/energizer_duo_payload.rb index cc9ba7d3f2..6b1392a2b6 100644 --- a/modules/exploits/windows/backdoor/energizer_duo_payload.rb +++ b/modules/exploits/windows/backdoor/energizer_duo_payload.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2010-0103'], + ['OSVDB', '62782'], ['US-CERT-VU', '154421'] ], 'Platform' => 'win', diff --git a/modules/exploits/windows/backupexec/name_service.rb b/modules/exploits/windows/backupexec/name_service.rb index 290695b9f1..f67e8af3b3 100644 --- a/modules/exploits/windows/backupexec/name_service.rb +++ b/modules/exploits/windows/backupexec/name_service.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1172'], + [ 'OSVDB', '12418'], [ 'BID', '11974'], [ 'URL', 'http://www.idefense.com/application/poi/display?id=169&type=vulnerabilities'], ], diff --git a/modules/exploits/windows/backupexec/remote_agent.rb b/modules/exploits/windows/backupexec/remote_agent.rb index 4da430dcb5..85ca160d70 100644 --- a/modules/exploits/windows/backupexec/remote_agent.rb +++ b/modules/exploits/windows/backupexec/remote_agent.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0773'], + [ 'OSVDB', '17624'], [ 'BID', '14022'], [ 'URL', 'http://www.idefense.com/application/poi/display?id=272&type=vulnerabilities'] ], diff --git a/modules/exploits/windows/brightstor/ca_arcserve_342.rb b/modules/exploits/windows/brightstor/ca_arcserve_342.rb index 88d92e48f1..9c34ac5621 100644 --- a/modules/exploits/windows/brightstor/ca_arcserve_342.rb +++ b/modules/exploits/windows/brightstor/ca_arcserve_342.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'BID', '31684' ], + [ 'OSVDB', '49468' ], [ 'CVE', '2008-4397' ], [ 'URL', 'http://crackinglandia.blogspot.com/2009/10/el-colador-de-ca-computer-associates.html' ], ], diff --git a/modules/exploits/windows/brightstor/discovery_tcp.rb b/modules/exploits/windows/brightstor/discovery_tcp.rb index 9ee27eecc3..c2c7d89872 100644 --- a/modules/exploits/windows/brightstor/discovery_tcp.rb +++ b/modules/exploits/windows/brightstor/discovery_tcp.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-2535'], + [ 'OSVDB', '13814'], [ 'BID', '12536'], [ 'URL', 'http://archives.neohapsis.com/archives/bugtraq/2005-02/0123.html'], [ 'EDB', '1131'] diff --git a/modules/exploits/windows/brightstor/discovery_udp.rb b/modules/exploits/windows/brightstor/discovery_udp.rb index cd065dab40..1a8a8d5885 100644 --- a/modules/exploits/windows/brightstor/discovery_udp.rb +++ b/modules/exploits/windows/brightstor/discovery_udp.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0260'], + [ 'OSVDB', '13613'], [ 'BID', '12491'], [ 'URL', 'http://www.idefense.com/application/poi/display?id=194&type=vulnerabilities'], ], diff --git a/modules/exploits/windows/brightstor/etrust_itm_alert.rb b/modules/exploits/windows/brightstor/etrust_itm_alert.rb index 3262f0d669..5947954bba 100644 --- a/modules/exploits/windows/brightstor/etrust_itm_alert.rb +++ b/modules/exploits/windows/brightstor/etrust_itm_alert.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-4620' ], + [ 'OSVDB', '44040' ], [ 'BID', '28605' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/brightstor/hsmserver.rb b/modules/exploits/windows/brightstor/hsmserver.rb index a344ea05ff..a23793e2e1 100644 --- a/modules/exploits/windows/brightstor/hsmserver.rb +++ b/modules/exploits/windows/brightstor/hsmserver.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5082' ], + [ 'OSVDB', '41363' ], [ 'BID', '25823' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/brightstor/lgserver.rb b/modules/exploits/windows/brightstor/lgserver.rb index a58c857e0e..11017fc1d8 100644 --- a/modules/exploits/windows/brightstor/lgserver.rb +++ b/modules/exploits/windows/brightstor/lgserver.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-0449' ], + [ 'OSVDB', '31593' ], [ 'BID', '22342' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/brightstor/lgserver_multi.rb b/modules/exploits/windows/brightstor/lgserver_multi.rb index 34f31a06f8..6aadbd1579 100644 --- a/modules/exploits/windows/brightstor/lgserver_multi.rb +++ b/modules/exploits/windows/brightstor/lgserver_multi.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-3216' ], + [ 'OSVDB', '35329' ], [ 'BID', '24348' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/brightstor/lgserver_rxrlogin.rb b/modules/exploits/windows/brightstor/lgserver_rxrlogin.rb index 81b11a96dd..307a6d1eb0 100644 --- a/modules/exploits/windows/brightstor/lgserver_rxrlogin.rb +++ b/modules/exploits/windows/brightstor/lgserver_rxrlogin.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5003' ], + [ 'OSVDB', '41353' ], [ 'BID', '24348' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilter.rb b/modules/exploits/windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilter.rb index 6ba1485108..9af29f1237 100644 --- a/modules/exploits/windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilter.rb +++ b/modules/exploits/windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilter.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-3216' ], + [ 'OSVDB', '35329' ], [ 'BID', '24348' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/brightstor/lgserver_rxsuselicenseini.rb b/modules/exploits/windows/brightstor/lgserver_rxsuselicenseini.rb index bc8f042a87..8f464578f1 100644 --- a/modules/exploits/windows/brightstor/lgserver_rxsuselicenseini.rb +++ b/modules/exploits/windows/brightstor/lgserver_rxsuselicenseini.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-3216' ], + [ 'OSVDB', '35329' ], [ 'BID', '24348' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/brightstor/license_gcr.rb b/modules/exploits/windows/brightstor/license_gcr.rb index 12e6f67d6f..2e6634ae61 100644 --- a/modules/exploits/windows/brightstor/license_gcr.rb +++ b/modules/exploits/windows/brightstor/license_gcr.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0581' ], + [ 'OSVDB', '14389' ], [ 'BID', '12705' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/brightstor/mediasrv_sunrpc.rb b/modules/exploits/windows/brightstor/mediasrv_sunrpc.rb index 3ad87c9bf2..f6a5fc70d8 100644 --- a/modules/exploits/windows/brightstor/mediasrv_sunrpc.rb +++ b/modules/exploits/windows/brightstor/mediasrv_sunrpc.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-2139'], + [ 'OSVDB', '35326' ], [ 'BID', '23635'], [ 'ZDI', '07-022'], ], diff --git a/modules/exploits/windows/brightstor/message_engine.rb b/modules/exploits/windows/brightstor/message_engine.rb index b3cd6eb05d..5f8c82ef4f 100644 --- a/modules/exploits/windows/brightstor/message_engine.rb +++ b/modules/exploits/windows/brightstor/message_engine.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-0169' ], + [ 'OSVDB', '31318' ], [ 'BID', '22005' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/brightstor/message_engine_72.rb b/modules/exploits/windows/brightstor/message_engine_72.rb index 805a6da370..377f36c163 100644 --- a/modules/exploits/windows/brightstor/message_engine_72.rb +++ b/modules/exploits/windows/brightstor/message_engine_72.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '68329'], [ 'URL', 'http://www.metasploit.com/users/mc' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/brightstor/message_engine_heap.rb b/modules/exploits/windows/brightstor/message_engine_heap.rb index 7f2613d367..0fe296dcb1 100644 --- a/modules/exploits/windows/brightstor/message_engine_heap.rb +++ b/modules/exploits/windows/brightstor/message_engine_heap.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-5143' ], + [ 'OSVDB', '29533' ], [ 'BID', '20365' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/brightstor/sql_agent.rb b/modules/exploits/windows/brightstor/sql_agent.rb index d19f890277..6c485b64f0 100644 --- a/modules/exploits/windows/brightstor/sql_agent.rb +++ b/modules/exploits/windows/brightstor/sql_agent.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-1272'], + [ 'OSVDB', '18501' ], [ 'BID', '14453'], [ 'URL', 'http://www.idefense.com/application/poi/display?id=287&type=vulnerabilities'], [ 'URL', 'http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239'], diff --git a/modules/exploits/windows/brightstor/tape_engine.rb b/modules/exploits/windows/brightstor/tape_engine.rb index f144e4fc46..46702d30fd 100644 --- a/modules/exploits/windows/brightstor/tape_engine.rb +++ b/modules/exploits/windows/brightstor/tape_engine.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-6076' ], + [ 'OSVDB', '30637' ], [ 'BID', '21221' ], [ 'EDB', '3086' ] ], diff --git a/modules/exploits/windows/brightstor/tape_engine_0x8a.rb b/modules/exploits/windows/brightstor/tape_engine_0x8a.rb index f03525f473..36c01eb3c3 100644 --- a/modules/exploits/windows/brightstor/tape_engine_0x8a.rb +++ b/modules/exploits/windows/brightstor/tape_engine_0x8a.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '68330'], [ 'URL', 'http://www.metasploit.com/users/mc' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/brightstor/universal_agent.rb b/modules/exploits/windows/brightstor/universal_agent.rb index c8ef348e0a..4d157fe3e2 100644 --- a/modules/exploits/windows/brightstor/universal_agent.rb +++ b/modules/exploits/windows/brightstor/universal_agent.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-1018'], + [ 'OSVDB', '15471' ], [ 'BID', '13102'], [ 'URL', 'http://www.idefense.com/application/poi/display?id=232&type=vulnerabilities'], ], diff --git a/modules/exploits/windows/browser/adobe_cooltype_sing.rb b/modules/exploits/windows/browser/adobe_cooltype_sing.rb index bf1730c7c9..39112c8f94 100644 --- a/modules/exploits/windows/browser/adobe_cooltype_sing.rb +++ b/modules/exploits/windows/browser/adobe_cooltype_sing.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-2883' ], + [ 'OSVDB', '67849'], [ 'URL', 'http://contagiodump.blogspot.com/2010/09/cve-david-leadbetters-one-point-lesson.html' ], [ 'URL', 'http://www.adobe.com/support/security/advisories/apsa10-02.html' ] ], diff --git a/modules/exploits/windows/browser/adobe_flash_avm2.rb b/modules/exploits/windows/browser/adobe_flash_avm2.rb index 7fd1ab7d90..20550092a5 100644 --- a/modules/exploits/windows/browser/adobe_flash_avm2.rb +++ b/modules/exploits/windows/browser/adobe_flash_avm2.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2014-0497' ], + [ 'OSVDB', '102849' ], [ 'BID', '65327' ], [ 'URL', 'http://helpx.adobe.com/security/products/flash-player/apsb14-04.html' ], [ 'URL', 'http://blogs.technet.com/b/mmpc/archive/2014/02/17/a-journey-to-cve-2014-0497-exploit.aspx' ] diff --git a/modules/exploits/windows/browser/adobe_flash_casi32_int_overflow.rb b/modules/exploits/windows/browser/adobe_flash_casi32_int_overflow.rb index 2c9b3b6cec..fc286ce6bd 100644 --- a/modules/exploits/windows/browser/adobe_flash_casi32_int_overflow.rb +++ b/modules/exploits/windows/browser/adobe_flash_casi32_int_overflow.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['ZDI', '14-365'], ['CVE', '2014-0569'], + ['OSVDB', '113199'], ['URL', 'https://helpx.adobe.com/security/products/flash-player/apsb14-22.html'], ['URL', 'http://malware.dontneedcoffee.com/2014/10/cve-2014-0569.html'] ], diff --git a/modules/exploits/windows/browser/adobe_flash_copy_pixels_to_byte_array.rb b/modules/exploits/windows/browser/adobe_flash_copy_pixels_to_byte_array.rb index e98e80e743..0b3e808fbc 100644 --- a/modules/exploits/windows/browser/adobe_flash_copy_pixels_to_byte_array.rb +++ b/modules/exploits/windows/browser/adobe_flash_copy_pixels_to_byte_array.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2014-0556'], + ['OSVDB', '111110'], ['URL', 'http://googleprojectzero.blogspot.com/2014/09/exploiting-cve-2014-0556-in-flash.html'], ['URL', 'https://code.google.com/p/google-security-research/issues/detail?id=46'], ['URL', 'http://hacklab.kr/cve-2014-0556-%EB%B6%84%EC%84%9D/'], diff --git a/modules/exploits/windows/browser/adobe_flash_filters_type_confusion.rb b/modules/exploits/windows/browser/adobe_flash_filters_type_confusion.rb index f6fb310d57..7d18fb3de6 100644 --- a/modules/exploits/windows/browser/adobe_flash_filters_type_confusion.rb +++ b/modules/exploits/windows/browser/adobe_flash_filters_type_confusion.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-5331' ], + [ 'OSVDB', '100774'], [ 'BID', '64199'], [ 'URL', 'http://helpx.adobe.com/security/products/flash-player/apsb13-28.html' ], [ 'URL', 'http://blog.malwaretracker.com/2014/01/cve-2013-5331-evaded-av-by-using.html' ] diff --git a/modules/exploits/windows/browser/adobe_flash_mp4_cprt.rb b/modules/exploits/windows/browser/adobe_flash_mp4_cprt.rb index cfaf96e3ad..3e0b780952 100644 --- a/modules/exploits/windows/browser/adobe_flash_mp4_cprt.rb +++ b/modules/exploits/windows/browser/adobe_flash_mp4_cprt.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0754' ], + [ 'OSVDB', '79300'], [ 'BID', '52034' ], [ 'URL', 'http://contagiodump.blogspot.com/2012/03/mar-2-cve-2012-0754-irans-oil-and.html' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb12-03.html' ] diff --git a/modules/exploits/windows/browser/adobe_flash_otf_font.rb b/modules/exploits/windows/browser/adobe_flash_otf_font.rb index de2f0657fa..4f831045aa 100644 --- a/modules/exploits/windows/browser/adobe_flash_otf_font.rb +++ b/modules/exploits/windows/browser/adobe_flash_otf_font.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-1535' ], + [ 'OSVDB', '84607'], [ 'BID', '55009'], [ 'URL', 'http://labs.alienvault.com/labs/index.php/2012/cve-2012-1535-adobe-flash-being-exploited-in-the-wild/' ], [ 'URL', 'https://developer.apple.com/fonts/TTRefMan/RM06/Chap6.html' ], diff --git a/modules/exploits/windows/browser/adobe_flash_regex_value.rb b/modules/exploits/windows/browser/adobe_flash_regex_value.rb index 3f47149fc2..3d5fea3c40 100644 --- a/modules/exploits/windows/browser/adobe_flash_regex_value.rb +++ b/modules/exploits/windows/browser/adobe_flash_regex_value.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-0634' ], + [ 'OSVDB', '89936'], [ 'BID', '57787'], [ 'URL', 'http://malwaremustdie.blogspot.ru/2013/02/cve-2013-0634-this-ladyboyle-is-not.html' ], [ 'URL', 'http://malware.dontneedcoffee.com/2013/03/cve-2013-0634-adobe-flash-player.html' ], diff --git a/modules/exploits/windows/browser/adobe_flash_rtmp.rb b/modules/exploits/windows/browser/adobe_flash_rtmp.rb index 6efeb20917..84bc9cf971 100644 --- a/modules/exploits/windows/browser/adobe_flash_rtmp.rb +++ b/modules/exploits/windows/browser/adobe_flash_rtmp.rb @@ -46,6 +46,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0779' ], + [ 'OSVDB', '81656'], [ 'BID', '53395' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb12-09.html'], # Patch info [ 'URL', 'http://contagiodump.blogspot.com.es/2012/05/may-3-cve-2012-0779-world-uyghur.html' ], diff --git a/modules/exploits/windows/browser/adobe_flash_sps.rb b/modules/exploits/windows/browser/adobe_flash_sps.rb index 6d693e024f..b2d3ce686c 100644 --- a/modules/exploits/windows/browser/adobe_flash_sps.rb +++ b/modules/exploits/windows/browser/adobe_flash_sps.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-2140' ], + [ 'OSVDB', '74439'], [ 'BID', '49083' ], [ 'ZDI', '11-276' ], [ 'URL', 'http://www.kahusecurity.com/2011/cve-2011-2140-caught-in-the-wild/' ], diff --git a/modules/exploits/windows/browser/adobe_flashplayer_arrayindexing.rb b/modules/exploits/windows/browser/adobe_flashplayer_arrayindexing.rb index 5ca8e291df..3c0a8c62b0 100644 --- a/modules/exploits/windows/browser/adobe_flashplayer_arrayindexing.rb +++ b/modules/exploits/windows/browser/adobe_flashplayer_arrayindexing.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-2110'], + ['OSVDB', '73007'], ['BID', '48268'], ['URL', 'http://www.adobe.com/devnet/swf.html'], ['URL', 'http://www.adobe.com/support/security/bulletins/apsb11-18.html'], diff --git a/modules/exploits/windows/browser/adobe_flashplayer_avm.rb b/modules/exploits/windows/browser/adobe_flashplayer_avm.rb index f42f7d7697..b20663ea80 100644 --- a/modules/exploits/windows/browser/adobe_flashplayer_avm.rb +++ b/modules/exploits/windows/browser/adobe_flashplayer_avm.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-0609'], + ['OSVDB', '71254'], ['URL', 'http://bugix-security.blogspot.com/2011/03/cve-2011-0609-adobe-flash-player.html'], ['URL', 'http://www.adobe.com/devnet/swf.html'], ['URL', 'http://www.adobe.com/support/security/advisories/apsa11-01.html'], diff --git a/modules/exploits/windows/browser/adobe_flashplayer_flash10o.rb b/modules/exploits/windows/browser/adobe_flashplayer_flash10o.rb index 3ed5c2b952..cab570badc 100644 --- a/modules/exploits/windows/browser/adobe_flashplayer_flash10o.rb +++ b/modules/exploits/windows/browser/adobe_flashplayer_flash10o.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-0611' ], + [ 'OSVDB', '71686' ], [ 'BID', '47314' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb11-07.html' ], [ 'URL', 'http://blogs.technet.com/b/mmpc/archive/2011/04/12/analysis-of-the-cve-2011-0611-adobe-flash-player-vulnerability-exploitation.aspx' ], diff --git a/modules/exploits/windows/browser/adobe_flashplayer_newfunction.rb b/modules/exploits/windows/browser/adobe_flashplayer_newfunction.rb index b8b065813c..325a1669b1 100644 --- a/modules/exploits/windows/browser/adobe_flashplayer_newfunction.rb +++ b/modules/exploits/windows/browser/adobe_flashplayer_newfunction.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2010-1297'], + ['OSVDB', '65141'], ['BID', '40586'], ['URL', 'http://www.adobe.com/support/security/advisories/apsa10-01.html'], # For SWF->PDF embedding diff --git a/modules/exploits/windows/browser/adobe_flatedecode_predictor02.rb b/modules/exploits/windows/browser/adobe_flatedecode_predictor02.rb index 74999c72bd..c806c3cb97 100644 --- a/modules/exploits/windows/browser/adobe_flatedecode_predictor02.rb +++ b/modules/exploits/windows/browser/adobe_flatedecode_predictor02.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2009-3459' ], [ 'BID', '36600' ], + [ 'OSVDB', '58729' ], [ 'URL', 'http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb09-15.html' ] ], diff --git a/modules/exploits/windows/browser/adobe_geticon.rb b/modules/exploits/windows/browser/adobe_geticon.rb index 6a5fb13470..b0c0e7dffc 100644 --- a/modules/exploits/windows/browser/adobe_geticon.rb +++ b/modules/exploits/windows/browser/adobe_geticon.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-0927' ], + [ 'OSVDB', '53647' ], [ 'ZDI', '09-014' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb09-04.html'] ], diff --git a/modules/exploits/windows/browser/adobe_jbig2decode.rb b/modules/exploits/windows/browser/adobe_jbig2decode.rb index 4c16729480..8b26e8b882 100644 --- a/modules/exploits/windows/browser/adobe_jbig2decode.rb +++ b/modules/exploits/windows/browser/adobe_jbig2decode.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE' , '2009-0658' ], + [ 'OSVDB', '52073' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb09-04.html'] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/adobe_media_newplayer.rb b/modules/exploits/windows/browser/adobe_media_newplayer.rb index abb1ea525d..61ffba6cb5 100644 --- a/modules/exploits/windows/browser/adobe_media_newplayer.rb +++ b/modules/exploits/windows/browser/adobe_media_newplayer.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2009-4324' ], [ 'BID', '37331' ], + [ 'OSVDB', '60980' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb10-02.html' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/adobe_shockwave_rcsl_corruption.rb b/modules/exploits/windows/browser/adobe_shockwave_rcsl_corruption.rb index 48ec28a1af..d27e4c3fdd 100644 --- a/modules/exploits/windows/browser/adobe_shockwave_rcsl_corruption.rb +++ b/modules/exploits/windows/browser/adobe_shockwave_rcsl_corruption.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-3653'], + [ 'OSVDB', '68803'], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb10-25.html' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/adobe_toolbutton.rb b/modules/exploits/windows/browser/adobe_toolbutton.rb index 1a1aecb622..a417a07bf4 100644 --- a/modules/exploits/windows/browser/adobe_toolbutton.rb +++ b/modules/exploits/windows/browser/adobe_toolbutton.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-3346' ], + [ 'OSVDB', '96745' ], [ 'ZDI', '13-212' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb13-15.html' ], [ 'URL', 'http://www.fireeye.com/blog/technical/cyber-exploits/2013/11/ms-windows-local-privilege-escalation-zero-day-in-the-wild.html' ] diff --git a/modules/exploits/windows/browser/adobe_utilprintf.rb b/modules/exploits/windows/browser/adobe_utilprintf.rb index 0d995c4b06..03a8c41b0d 100644 --- a/modules/exploits/windows/browser/adobe_utilprintf.rb +++ b/modules/exploits/windows/browser/adobe_utilprintf.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-2992' ], + [ 'OSVDB', '49520' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/browser/aim_goaway.rb b/modules/exploits/windows/browser/aim_goaway.rb index 6b7290e942..e92dbac293 100644 --- a/modules/exploits/windows/browser/aim_goaway.rb +++ b/modules/exploits/windows/browser/aim_goaway.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-0636' ], + [ 'OSVDB', '8398' ], [ 'BID', '10889'], [ 'URL', 'http://www.idefense.com/application/poi/display?id=121&type=vulnerabilities' ], ], diff --git a/modules/exploits/windows/browser/aladdin_choosefilepath_bof.rb b/modules/exploits/windows/browser/aladdin_choosefilepath_bof.rb index 241b3563d1..ab8329aab8 100644 --- a/modules/exploits/windows/browser/aladdin_choosefilepath_bof.rb +++ b/modules/exploits/windows/browser/aladdin_choosefilepath_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '86723' ], [ 'EDB', '22258' ], [ 'EDB', '22301' ] ], diff --git a/modules/exploits/windows/browser/amaya_bdo.rb b/modules/exploits/windows/browser/amaya_bdo.rb index 158b73d27b..61d9d87c34 100644 --- a/modules/exploits/windows/browser/amaya_bdo.rb +++ b/modules/exploits/windows/browser/amaya_bdo.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-0323' ], + [ 'OSVDB', '55721' ], [ 'BID', '33046' ], [ 'BID', '33047' ] ], diff --git a/modules/exploits/windows/browser/aol_ampx_convertfile.rb b/modules/exploits/windows/browser/aol_ampx_convertfile.rb index b7625d7a10..41de2bcd83 100644 --- a/modules/exploits/windows/browser/aol_ampx_convertfile.rb +++ b/modules/exploits/windows/browser/aol_ampx_convertfile.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '54706' ], [ 'BID', '35028' ], [ 'EDB', '8733' ], ], diff --git a/modules/exploits/windows/browser/aol_icq_downloadagent.rb b/modules/exploits/windows/browser/aol_icq_downloadagent.rb index 613923927d..73c8fbc8df 100644 --- a/modules/exploits/windows/browser/aol_icq_downloadagent.rb +++ b/modules/exploits/windows/browser/aol_icq_downloadagent.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-5650' ], + [ 'OSVDB', '30220' ], [ 'BID', '20930' ], [ 'ZDI', '06-037' ], ], diff --git a/modules/exploits/windows/browser/apple_itunes_playlist.rb b/modules/exploits/windows/browser/apple_itunes_playlist.rb index 9c95b10652..d34d0986cc 100644 --- a/modules/exploits/windows/browser/apple_itunes_playlist.rb +++ b/modules/exploits/windows/browser/apple_itunes_playlist.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0043' ], + [ 'OSVDB', '12833' ], [ 'BID', '12238' ], ], diff --git a/modules/exploits/windows/browser/apple_quicktime_marshaled_punk.rb b/modules/exploits/windows/browser/apple_quicktime_marshaled_punk.rb index 06acf70868..7432c5f21f 100644 --- a/modules/exploits/windows/browser/apple_quicktime_marshaled_punk.rb +++ b/modules/exploits/windows/browser/apple_quicktime_marshaled_punk.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1818' ], + [ 'OSVDB', '67705'], [ 'URL', 'http://reversemode.com/index.php?option=com_content&task=view&id=69&Itemid=1' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/apple_quicktime_mime_type.rb b/modules/exploits/windows/browser/apple_quicktime_mime_type.rb index 3bf667bf45..da040e12fd 100644 --- a/modules/exploits/windows/browser/apple_quicktime_mime_type.rb +++ b/modules/exploits/windows/browser/apple_quicktime_mime_type.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-3753' ], + [ 'OSVDB', '87088'], [ 'BID', '56438' ], [ 'URL', 'http://support.apple.com/kb/HT5581' ], [ 'URL', 'http://asintsov.blogspot.com.es/2012/11/heapspray.html' ] diff --git a/modules/exploits/windows/browser/apple_quicktime_rdrf.rb b/modules/exploits/windows/browser/apple_quicktime_rdrf.rb index 0dbcca2a6a..c7f952df5b 100644 --- a/modules/exploits/windows/browser/apple_quicktime_rdrf.rb +++ b/modules/exploits/windows/browser/apple_quicktime_rdrf.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-1017' ], + [ 'OSVDB', '93625' ], [ 'BID', '60097' ], [ 'URL', 'http://support.apple.com/kb/HT5770' ], [ 'ZDI', '13-110' ] diff --git a/modules/exploits/windows/browser/apple_quicktime_rtsp.rb b/modules/exploits/windows/browser/apple_quicktime_rtsp.rb index 45e3b3330b..14d8274cce 100644 --- a/modules/exploits/windows/browser/apple_quicktime_rtsp.rb +++ b/modules/exploits/windows/browser/apple_quicktime_rtsp.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-0015' ], + [ 'OSVDB', '31023'], [ 'BID', '21829' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/apple_quicktime_smil_debug.rb b/modules/exploits/windows/browser/apple_quicktime_smil_debug.rb index dd1e6a3d62..0e8c2c5918 100644 --- a/modules/exploits/windows/browser/apple_quicktime_smil_debug.rb +++ b/modules/exploits/windows/browser/apple_quicktime_smil_debug.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1799' ], + [ 'OSVDB', '66636'], [ 'BID', '41962' ], [ 'URL', 'http://secunia.com/advisories/40729/' ], [ 'URL', 'http://support.apple.com/kb/HT4290' ] diff --git a/modules/exploits/windows/browser/apple_quicktime_texml_font_table.rb b/modules/exploits/windows/browser/apple_quicktime_texml_font_table.rb index e595a93e5c..ec9ff0db78 100644 --- a/modules/exploits/windows/browser/apple_quicktime_texml_font_table.rb +++ b/modules/exploits/windows/browser/apple_quicktime_texml_font_table.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '87087' ], [ 'CVE', '2012-3752' ], [ 'BID', '56557' ], [ 'URL', 'http://support.apple.com/kb/HT5581' ] diff --git a/modules/exploits/windows/browser/ask_shortformat.rb b/modules/exploits/windows/browser/ask_shortformat.rb index a2cd50f3ff..fa0467d743 100644 --- a/modules/exploits/windows/browser/ask_shortformat.rb +++ b/modules/exploits/windows/browser/ask_shortformat.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5107' ], + [ 'OSVDB', '37735' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/browser/asus_net4switch_ipswcom.rb b/modules/exploits/windows/browser/asus_net4switch_ipswcom.rb index 9f87af2684..19c103ab84 100644 --- a/modules/exploits/windows/browser/asus_net4switch_ipswcom.rb +++ b/modules/exploits/windows/browser/asus_net4switch_ipswcom.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-4924 ' ], + [ 'OSVDB', '79438' ], [ 'URL', 'http://dsecrg.com/pages/vul/show.php?id=417' ] ], 'Payload' => diff --git a/modules/exploits/windows/browser/athocgov_completeinstallation.rb b/modules/exploits/windows/browser/athocgov_completeinstallation.rb index 01ac08bcbd..6f09ebd1d5 100644 --- a/modules/exploits/windows/browser/athocgov_completeinstallation.rb +++ b/modules/exploits/windows/browser/athocgov_completeinstallation.rb @@ -21,6 +21,10 @@ class MetasploitModule < Msf::Exploit::Remote }, 'License' => MSF_LICENSE, 'Author' => [ 'MC' ], + 'References' => + [ + [ 'OSVDB', '94557' ] + ], 'DefaultOptions' => { 'EXITFUNC' => 'process', diff --git a/modules/exploits/windows/browser/autodesk_idrop.rb b/modules/exploits/windows/browser/autodesk_idrop.rb index d310e4ae75..2084de912a 100644 --- a/modules/exploits/windows/browser/autodesk_idrop.rb +++ b/modules/exploits/windows/browser/autodesk_idrop.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '53265' ], [ 'BID', '34352' ], [ 'EDB', '8560' ], [ 'URL', 'http://marc.info/?l=full-disclosure&m=123870112214736' ], diff --git a/modules/exploits/windows/browser/aventail_epi_activex.rb b/modules/exploits/windows/browser/aventail_epi_activex.rb index 95e06530c5..29a01fdafe 100644 --- a/modules/exploits/windows/browser/aventail_epi_activex.rb +++ b/modules/exploits/windows/browser/aventail_epi_activex.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '67286'], [ 'URL', 'http://sotiriu.de/adv/NSOADV-2010-005.txt' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/awingsoft_web3d_bof.rb b/modules/exploits/windows/browser/awingsoft_web3d_bof.rb index 12f6200aa3..e983150018 100644 --- a/modules/exploits/windows/browser/awingsoft_web3d_bof.rb +++ b/modules/exploits/windows/browser/awingsoft_web3d_bof.rb @@ -48,6 +48,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-4588' ], + [ 'OSVDB', '60017' ], [ 'EDB', '9116' ], [ 'URL', 'http://www.rec-sec.com/2009/07/28/awingsoft-web3d-buffer-overflow/' ] ], diff --git a/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb b/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb index e3c6e0e289..c268856ee4 100644 --- a/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb +++ b/modules/exploits/windows/browser/awingsoft_winds3d_sceneurl.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-4850' ], + [ 'OSVDB', '60049' ] ], 'Payload' => { diff --git a/modules/exploits/windows/browser/baofeng_storm_onbeforevideodownload.rb b/modules/exploits/windows/browser/baofeng_storm_onbeforevideodownload.rb index ac908017a8..bb736f1946 100644 --- a/modules/exploits/windows/browser/baofeng_storm_onbeforevideodownload.rb +++ b/modules/exploits/windows/browser/baofeng_storm_onbeforevideodownload.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-1612' ], + [ 'OSVDB', '54169' ], [ 'BID', '34789' ], [ 'EDB', '8579' ] ], diff --git a/modules/exploits/windows/browser/barcode_ax49.rb b/modules/exploits/windows/browser/barcode_ax49.rb index d2510765a9..e5fb4cc725 100644 --- a/modules/exploits/windows/browser/barcode_ax49.rb +++ b/modules/exploits/windows/browser/barcode_ax49.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'EDB', '4094' ], + [ 'OSVDB', '37482' ], [ 'BID', '24596' ], [ 'CVE', '2007-3435' ], ], diff --git a/modules/exploits/windows/browser/blackice_downloadimagefileurl.rb b/modules/exploits/windows/browser/blackice_downloadimagefileurl.rb index 89e569887d..f883eb72e4 100644 --- a/modules/exploits/windows/browser/blackice_downloadimagefileurl.rb +++ b/modules/exploits/windows/browser/blackice_downloadimagefileurl.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-2683'], + [ 'OSVDB', '46007'], [ 'BID', '29577'], [ 'EDB', '5750' ], ], diff --git a/modules/exploits/windows/browser/c6_messenger_downloaderactivex.rb b/modules/exploits/windows/browser/c6_messenger_downloaderactivex.rb index 013ec7255a..9936fc912d 100644 --- a/modules/exploits/windows/browser/c6_messenger_downloaderactivex.rb +++ b/modules/exploits/windows/browser/c6_messenger_downloaderactivex.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-2551' ], + [ 'OSVDB', '45960' ], [ 'BID', '29519' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/ca_brightstor_addcolumn.rb b/modules/exploits/windows/browser/ca_brightstor_addcolumn.rb index 69fde439b8..757ba12da7 100644 --- a/modules/exploits/windows/browser/ca_brightstor_addcolumn.rb +++ b/modules/exploits/windows/browser/ca_brightstor_addcolumn.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-1472' ], + [ 'OSVDB', '43214' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/browser/chilkat_crypt_writefile.rb b/modules/exploits/windows/browser/chilkat_crypt_writefile.rb index f6ffe7d390..8fe38efe5c 100644 --- a/modules/exploits/windows/browser/chilkat_crypt_writefile.rb +++ b/modules/exploits/windows/browser/chilkat_crypt_writefile.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-5002' ], + [ 'OSVDB', '49510' ], [ 'BID', '32073' ], [ 'EDB', '6963' ] ], diff --git a/modules/exploits/windows/browser/cisco_anyconnect_exec.rb b/modules/exploits/windows/browser/cisco_anyconnect_exec.rb index 1beab05ae3..55b5c6df4c 100644 --- a/modules/exploits/windows/browser/cisco_anyconnect_exec.rb +++ b/modules/exploits/windows/browser/cisco_anyconnect_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-2039' ], + [ 'OSVDB', '72714'], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=909' ], [ 'URL', 'http://www.cisco.com/en/US/products/products_security_advisory09186a0080b80123.shtml'], ], diff --git a/modules/exploits/windows/browser/cisco_playerpt_setsource.rb b/modules/exploits/windows/browser/cisco_playerpt_setsource.rb index 22580d7253..5b35ecdef3 100644 --- a/modules/exploits/windows/browser/cisco_playerpt_setsource.rb +++ b/modules/exploits/windows/browser/cisco_playerpt_setsource.rb @@ -42,6 +42,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '80297' ], [ 'EDB', '18641' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/cisco_playerpt_setsource_surl.rb b/modules/exploits/windows/browser/cisco_playerpt_setsource_surl.rb index f9db578c4e..199c27944b 100644 --- a/modules/exploits/windows/browser/cisco_playerpt_setsource_surl.rb +++ b/modules/exploits/windows/browser/cisco_playerpt_setsource_surl.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0284' ], + [ 'OSVDB', '84309'], [ 'BID', '54588' ], [ 'URL', 'http://secunia.com/secunia_research/2012-25/' ], diff --git a/modules/exploits/windows/browser/citrix_gateway_actx.rb b/modules/exploits/windows/browser/citrix_gateway_actx.rb index 9b4d1c7f73..58182c0a10 100644 --- a/modules/exploits/windows/browser/citrix_gateway_actx.rb +++ b/modules/exploits/windows/browser/citrix_gateway_actx.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-2882'], + [ 'OSVDB', '74191' ], [ 'URL', 'https://labs.idefense.com/verisign/intelligence/2009/vulnerabilities/display.php?id=929' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/clear_quest_cqole.rb b/modules/exploits/windows/browser/clear_quest_cqole.rb index f192426b31..affe99692b 100644 --- a/modules/exploits/windows/browser/clear_quest_cqole.rb +++ b/modules/exploits/windows/browser/clear_quest_cqole.rb @@ -39,6 +39,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2012-0708' ], [ 'BID', '53170' ], + [ 'OSVDB', '81443'], [ 'ZDI', '12-113' ], [ 'URL', 'http://www-304.ibm.com/support/docview.wss?uid=swg21591705' ], [ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2012/07/11/it-isnt-always-about-buffer-overflow' ] diff --git a/modules/exploits/windows/browser/communicrypt_mail_activex.rb b/modules/exploits/windows/browser/communicrypt_mail_activex.rb index a3b37e0e5b..d8f0fde955 100644 --- a/modules/exploits/windows/browser/communicrypt_mail_activex.rb +++ b/modules/exploits/windows/browser/communicrypt_mail_activex.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '64839' ], [ 'EDB', '12663' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/creative_software_cachefolder.rb b/modules/exploits/windows/browser/creative_software_cachefolder.rb index ee5ab8f341..f67dc5fa41 100644 --- a/modules/exploits/windows/browser/creative_software_cachefolder.rb +++ b/modules/exploits/windows/browser/creative_software_cachefolder.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-0955' ], + [ 'OSVDB', '45655' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/browser/crystal_reports_printcontrol.rb b/modules/exploits/windows/browser/crystal_reports_printcontrol.rb index 4624d3e718..44636c8495 100644 --- a/modules/exploits/windows/browser/crystal_reports_printcontrol.rb +++ b/modules/exploits/windows/browser/crystal_reports_printcontrol.rb @@ -45,6 +45,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-2590' ], + [ 'OSVDB', '69917' ], [ 'BID', '45387' ], [ 'EDB', '15733' ] ], diff --git a/modules/exploits/windows/browser/dell_webcam_crazytalk.rb b/modules/exploits/windows/browser/dell_webcam_crazytalk.rb index 33ec57d314..f70773b7a5 100644 --- a/modules/exploits/windows/browser/dell_webcam_crazytalk.rb +++ b/modules/exploits/windows/browser/dell_webcam_crazytalk.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'URL', 'http://www.dell.com/support/drivers/us/en/04/DriverDetails/DriverFileFormats?c=us&l=en&s=bsd&cs=04&DriverId=R230103' ], [ 'EDB', '18621' ], + [ 'OSVDB', '80205'] ], 'Payload' => { diff --git a/modules/exploits/windows/browser/dxstudio_player_exec.rb b/modules/exploits/windows/browser/dxstudio_player_exec.rb index 04e3fae8a8..fe938e1872 100644 --- a/modules/exploits/windows/browser/dxstudio_player_exec.rb +++ b/modules/exploits/windows/browser/dxstudio_player_exec.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2009-2011' ], [ 'BID', '35273' ], + [ 'OSVDB', '54969' ], [ 'EDB', '8922' ], [ 'URL', 'http://dxstudio.com/guide.aspx' ] ], diff --git a/modules/exploits/windows/browser/ea_checkrequirements.rb b/modules/exploits/windows/browser/ea_checkrequirements.rb index ea0c256644..89936e7a39 100644 --- a/modules/exploits/windows/browser/ea_checkrequirements.rb +++ b/modules/exploits/windows/browser/ea_checkrequirements.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-4466' ], + [ 'OSVDB', '37723'], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/browser/ebook_flipviewer_fviewerloading.rb b/modules/exploits/windows/browser/ebook_flipviewer_fviewerloading.rb index 996b016660..ab90c7164f 100644 --- a/modules/exploits/windows/browser/ebook_flipviewer_fviewerloading.rb +++ b/modules/exploits/windows/browser/ebook_flipviewer_fviewerloading.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-2919' ], + [ 'OSVDB', '37042' ], [ 'BID', '24328' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/enjoysapgui_comp_download.rb b/modules/exploits/windows/browser/enjoysapgui_comp_download.rb index a501c80884..0333976af5 100644 --- a/modules/exploits/windows/browser/enjoysapgui_comp_download.rb +++ b/modules/exploits/windows/browser/enjoysapgui_comp_download.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-4830'], + [ 'OSVDB', '53680'], [ 'URL', 'http://dsecrg.com/files/pub/pdf/HITB%20-%20Attacking%20SAP%20Users%20with%20Sapsploit.pdf' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/enjoysapgui_preparetoposthtml.rb b/modules/exploits/windows/browser/enjoysapgui_preparetoposthtml.rb index 79d0c56df2..2ee2ccff3b 100644 --- a/modules/exploits/windows/browser/enjoysapgui_preparetoposthtml.rb +++ b/modules/exploits/windows/browser/enjoysapgui_preparetoposthtml.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-3605' ], + [ 'OSVDB', '37690' ], [ 'BID', '24772' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/facebook_extractiptc.rb b/modules/exploits/windows/browser/facebook_extractiptc.rb index e0922e2bbb..571769f23d 100644 --- a/modules/exploits/windows/browser/facebook_extractiptc.rb +++ b/modules/exploits/windows/browser/facebook_extractiptc.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-5711' ], + [ 'OSVDB', '41073' ], [ 'BID', '27534' ], [ 'EDB', '5049' ] ], diff --git a/modules/exploits/windows/browser/foxit_reader_plugin_url_bof.rb b/modules/exploits/windows/browser/foxit_reader_plugin_url_bof.rb index c370e6c63a..5f083c52da 100644 --- a/modules/exploits/windows/browser/foxit_reader_plugin_url_bof.rb +++ b/modules/exploits/windows/browser/foxit_reader_plugin_url_bof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '89030' ], [ 'BID', '57174' ], [ 'EDB', '23944' ], [ 'URL', 'http://secunia.com/advisories/51733/' ] diff --git a/modules/exploits/windows/browser/getgodm_http_response_bof.rb b/modules/exploits/windows/browser/getgodm_http_response_bof.rb index de9de7084f..1adf60aa07 100644 --- a/modules/exploits/windows/browser/getgodm_http_response_bof.rb +++ b/modules/exploits/windows/browser/getgodm_http_response_bof.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'EDB', '32132' ], + [ 'OSVDB', '103910' ], [ 'CVE', '2014-2206' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/gom_openurl.rb b/modules/exploits/windows/browser/gom_openurl.rb index 6a06f1cb88..fe60d15fc8 100644 --- a/modules/exploits/windows/browser/gom_openurl.rb +++ b/modules/exploits/windows/browser/gom_openurl.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5779'], + [ 'OSVDB', '38282'], [ 'URL', 'http://secunia.com/advisories/27418/' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/greendam_url.rb b/modules/exploits/windows/browser/greendam_url.rb index 270e0d8f05..ee7e2634fe 100644 --- a/modules/exploits/windows/browser/greendam_url.rb +++ b/modules/exploits/windows/browser/greendam_url.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'Trancer ' ], 'References' => [ + ['OSVDB', '55126'], ['URL', 'http://www.cse.umich.edu/~jhalderm/pub/gd/'], # Analysis of the Green Dam Censorware System ['EDB', '8938'], # Original exploit by seer[N.N.U] ['URL', 'http://taossa.com/archive/bh08sotirovdowd.pdf'], # .NET DLL memory technique diff --git a/modules/exploits/windows/browser/honeywell_hscremotedeploy_exec.rb b/modules/exploits/windows/browser/honeywell_hscremotedeploy_exec.rb index 0da9501eae..34a7758163 100644 --- a/modules/exploits/windows/browser/honeywell_hscremotedeploy_exec.rb +++ b/modules/exploits/windows/browser/honeywell_hscremotedeploy_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-0108' ], + [ 'OSVDB', '90583' ], [ 'BID', '58134' ], [ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2013/03/11/cve-2013-0108-honeywell-ebi' ], [ 'URL', 'http://ics-cert.us-cert.gov/pdf/ICSA-13-053-02.pdf' ] diff --git a/modules/exploits/windows/browser/honeywell_tema_exec.rb b/modules/exploits/windows/browser/honeywell_tema_exec.rb index 16a30df8f9..4ce1c99493 100644 --- a/modules/exploits/windows/browser/honeywell_tema_exec.rb +++ b/modules/exploits/windows/browser/honeywell_tema_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '76681' ], [ 'BID', '50078' ], [ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-11-285-01.pdf' ] ], diff --git a/modules/exploits/windows/browser/hp_alm_xgo_setshapenodetype_exec.rb b/modules/exploits/windows/browser/hp_alm_xgo_setshapenodetype_exec.rb index 3856ac43be..efa03912ab 100644 --- a/modules/exploits/windows/browser/hp_alm_xgo_setshapenodetype_exec.rb +++ b/modules/exploits/windows/browser/hp_alm_xgo_setshapenodetype_exec.rb @@ -41,6 +41,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '85152' ], [ 'BID', '55272' ], [ 'ZDI', '12-170' ] ], diff --git a/modules/exploits/windows/browser/hp_easy_printer_care_xmlcachemgr.rb b/modules/exploits/windows/browser/hp_easy_printer_care_xmlcachemgr.rb index a5f32486c8..d6cbb5275a 100644 --- a/modules/exploits/windows/browser/hp_easy_printer_care_xmlcachemgr.rb +++ b/modules/exploits/windows/browser/hp_easy_printer_care_xmlcachemgr.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-4786' ], + [ 'OSVDB', '78306' ], [ 'BID', '51396' ], [ 'ZDI', '12-013' ], ], diff --git a/modules/exploits/windows/browser/hp_easy_printer_care_xmlsimpleaccessor.rb b/modules/exploits/windows/browser/hp_easy_printer_care_xmlsimpleaccessor.rb index eaf8cefbb0..9cb5e338c4 100644 --- a/modules/exploits/windows/browser/hp_easy_printer_care_xmlsimpleaccessor.rb +++ b/modules/exploits/windows/browser/hp_easy_printer_care_xmlsimpleaccessor.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-2404'], + [ 'OSVDB', '74510'], [ 'BID', '49100'], [ 'ZDI', '11-261' ], ], diff --git a/modules/exploits/windows/browser/hp_loadrunner_addfile.rb b/modules/exploits/windows/browser/hp_loadrunner_addfile.rb index be1ba9b053..82ed60807c 100644 --- a/modules/exploits/windows/browser/hp_loadrunner_addfile.rb +++ b/modules/exploits/windows/browser/hp_loadrunner_addfile.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-0492'], + [ 'OSVDB', '40762'], [ 'BID', '27456' ], [ 'EDB', '4987' ] ], diff --git a/modules/exploits/windows/browser/hp_loadrunner_addfolder.rb b/modules/exploits/windows/browser/hp_loadrunner_addfolder.rb index 1b060d3071..09b0439c0c 100644 --- a/modules/exploits/windows/browser/hp_loadrunner_addfolder.rb +++ b/modules/exploits/windows/browser/hp_loadrunner_addfolder.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-6530'], + [ 'OSVDB', '39901'], [ 'BID', '27025' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/hp_loadrunner_writefilebinary.rb b/modules/exploits/windows/browser/hp_loadrunner_writefilebinary.rb index 3c57945932..acff38f9ed 100644 --- a/modules/exploits/windows/browser/hp_loadrunner_writefilebinary.rb +++ b/modules/exploits/windows/browser/hp_loadrunner_writefilebinary.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-2370' ], + [ 'OSVDB', '95640' ], [ 'BID', '61441'], [ 'ZDI', '13-182' ], [ 'URL', 'https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03862772' ] diff --git a/modules/exploits/windows/browser/hp_loadrunner_writefilestring.rb b/modules/exploits/windows/browser/hp_loadrunner_writefilestring.rb index 6541cd65a4..6488beed3a 100644 --- a/modules/exploits/windows/browser/hp_loadrunner_writefilestring.rb +++ b/modules/exploits/windows/browser/hp_loadrunner_writefilestring.rb @@ -45,6 +45,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-4798' ], + [ 'OSVDB', '95642' ], [ 'BID', '61443'], [ 'ZDI', '13-207' ], [ 'URL', 'https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03862772' ] diff --git a/modules/exploits/windows/browser/hpmqc_progcolor.rb b/modules/exploits/windows/browser/hpmqc_progcolor.rb index 3c8ce85dd5..19f0929c35 100644 --- a/modules/exploits/windows/browser/hpmqc_progcolor.rb +++ b/modules/exploits/windows/browser/hpmqc_progcolor.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-1819' ], + [ 'OSVDB', '34317'], [ 'BID', '23239' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=497' ], ], diff --git a/modules/exploits/windows/browser/hyleos_chemviewx_activex.rb b/modules/exploits/windows/browser/hyleos_chemviewx_activex.rb index 69b2a6ddcf..873b2b876d 100644 --- a/modules/exploits/windows/browser/hyleos_chemviewx_activex.rb +++ b/modules/exploits/windows/browser/hyleos_chemviewx_activex.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0679' ], + [ 'OSVDB', '62276' ], [ 'URL', 'http://www.security-assessment.com/files/advisories/2010-02-11_ChemviewX_Activex.pdf' ], [ 'EDB', '11422' ] ], diff --git a/modules/exploits/windows/browser/ibm_spss_c1sizer.rb b/modules/exploits/windows/browser/ibm_spss_c1sizer.rb index 5a738f9144..76261ed22b 100644 --- a/modules/exploits/windows/browser/ibm_spss_c1sizer.rb +++ b/modules/exploits/windows/browser/ibm_spss_c1sizer.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-5946' ], + [ 'OSVDB', '92845' ], [ 'BID', '59559' ], [ 'URL', 'http://www-01.ibm.com/support/docview.wss?uid=swg21635476' ], [ 'ZDI', '13-100' ] diff --git a/modules/exploits/windows/browser/ibm_tivoli_pme_activex_bof.rb b/modules/exploits/windows/browser/ibm_tivoli_pme_activex_bof.rb index 4562da7cb6..1f261d420a 100644 --- a/modules/exploits/windows/browser/ibm_tivoli_pme_activex_bof.rb +++ b/modules/exploits/windows/browser/ibm_tivoli_pme_activex_bof.rb @@ -46,6 +46,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0198' ], + [ 'OSVDB', '79735' ], [ 'BID', '52252' ], [ 'ZDI', '12-040' ] ], diff --git a/modules/exploits/windows/browser/ibmegath_getxmlvalue.rb b/modules/exploits/windows/browser/ibmegath_getxmlvalue.rb index 16393908ff..49dc3318e4 100644 --- a/modules/exploits/windows/browser/ibmegath_getxmlvalue.rb +++ b/modules/exploits/windows/browser/ibmegath_getxmlvalue.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-0215' ], + [ 'OSVDB', '52958' ], [ 'BID', '34228' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/ibmlotusdomino_dwa_uploadmodule.rb b/modules/exploits/windows/browser/ibmlotusdomino_dwa_uploadmodule.rb index 4f0f3285b0..88ea81859f 100644 --- a/modules/exploits/windows/browser/ibmlotusdomino_dwa_uploadmodule.rb +++ b/modules/exploits/windows/browser/ibmlotusdomino_dwa_uploadmodule.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-4474' ], + [ 'OSVDB', '40954' ], [ 'BID', '26972' ], [ 'EDB', '4820' ] ], diff --git a/modules/exploits/windows/browser/ie_cbutton_uaf.rb b/modules/exploits/windows/browser/ie_cbutton_uaf.rb index 696ee0312d..e002ede87f 100644 --- a/modules/exploits/windows/browser/ie_cbutton_uaf.rb +++ b/modules/exploits/windows/browser/ie_cbutton_uaf.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-4792' ], + [ 'OSVDB', '88774' ], [ 'US-CERT-VU', '154201' ], [ 'BID', '57070' ], [ 'MSB', 'MS13-008' ], diff --git a/modules/exploits/windows/browser/ie_cgenericelement_uaf.rb b/modules/exploits/windows/browser/ie_cgenericelement_uaf.rb index 31a25aa44d..d00bae6af6 100644 --- a/modules/exploits/windows/browser/ie_cgenericelement_uaf.rb +++ b/modules/exploits/windows/browser/ie_cgenericelement_uaf.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-1347' ], + [ 'OSVDB', '92993' ], [ 'MSB', 'MS13-038' ], [ 'US-CERT-VU', '237655' ], [ 'URL', 'http://blogs.technet.com/b/msrc/archive/2013/05/03/microsoft-releases-security-advisory-2847140.aspx'], diff --git a/modules/exploits/windows/browser/ie_createobject.rb b/modules/exploits/windows/browser/ie_createobject.rb index d800d73b67..7481aebffb 100644 --- a/modules/exploits/windows/browser/ie_createobject.rb +++ b/modules/exploits/windows/browser/ie_createobject.rb @@ -61,9 +61,11 @@ class MetasploitModule < Msf::Exploit::Remote # MDAC [ 'MSB', 'MS06-014' ], [ 'CVE', '2006-0003' ], + [ 'OSVDB', '24517' ], # WMI Object Broker [ 'MSB', 'MS06-073' ], [ 'CVE', '2006-4704' ], + [ 'OSVDB', '30155' ], ], 'Payload' => { diff --git a/modules/exploits/windows/browser/ie_execcommand_uaf.rb b/modules/exploits/windows/browser/ie_execcommand_uaf.rb index 25deb0e77d..bad5533df1 100644 --- a/modules/exploits/windows/browser/ie_execcommand_uaf.rb +++ b/modules/exploits/windows/browser/ie_execcommand_uaf.rb @@ -47,6 +47,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-4969' ], + [ 'OSVDB', '85532' ], [ 'MSB', 'MS12-063' ], [ 'URL', 'http://technet.microsoft.com/en-us/security/advisory/2757760' ], [ 'URL', 'http://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over-yet/' ] diff --git a/modules/exploits/windows/browser/ie_iscomponentinstalled.rb b/modules/exploits/windows/browser/ie_iscomponentinstalled.rb index f9a9627ee7..1e498607a4 100644 --- a/modules/exploits/windows/browser/ie_iscomponentinstalled.rb +++ b/modules/exploits/windows/browser/ie_iscomponentinstalled.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-1016' ], + [ 'OSVDB', '31647' ], [ 'BID', '16870' ], ], 'Payload' => diff --git a/modules/exploits/windows/browser/ie_setmousecapture_uaf.rb b/modules/exploits/windows/browser/ie_setmousecapture_uaf.rb index da17f9f220..6c8d41af0e 100644 --- a/modules/exploits/windows/browser/ie_setmousecapture_uaf.rb +++ b/modules/exploits/windows/browser/ie_setmousecapture_uaf.rb @@ -45,6 +45,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-3893' ], + [ 'OSVDB', '97380' ], [ 'MSB', 'MS13-080' ], [ 'URL', 'http://technet.microsoft.com/en-us/security/advisory/2887505' ], [ 'URL', 'http://blogs.technet.com/b/srd/archive/2013/09/17/cve-2013-3893-fix-it-workaround-available.aspx' ], diff --git a/modules/exploits/windows/browser/imgeviewer_tifmergemultifiles.rb b/modules/exploits/windows/browser/imgeviewer_tifmergemultifiles.rb index 33e745a09c..26459acef3 100644 --- a/modules/exploits/windows/browser/imgeviewer_tifmergemultifiles.rb +++ b/modules/exploits/windows/browser/imgeviewer_tifmergemultifiles.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '78102' ], [ 'EDB', '15668' ], [ 'URL', 'http://secunia.com/advisories/42445/' ], [ 'URL', 'http://xforce.iss.net/xforce/xfdb/63666' ] diff --git a/modules/exploits/windows/browser/indusoft_issymbol_internationalseparator.rb b/modules/exploits/windows/browser/indusoft_issymbol_internationalseparator.rb index 631fb7d9c4..0a0583a308 100644 --- a/modules/exploits/windows/browser/indusoft_issymbol_internationalseparator.rb +++ b/modules/exploits/windows/browser/indusoft_issymbol_internationalseparator.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-0340' ], + [ 'OSVDB', '72865' ], [ 'BID', '47596' ], [ 'ZDI', '12-168' ], [ 'URL', 'http://secunia.com/secunia_research/2011-37/' ] diff --git a/modules/exploits/windows/browser/inotes_dwa85w_bof.rb b/modules/exploits/windows/browser/inotes_dwa85w_bof.rb index a2ffbf3ece..66e44e1579 100644 --- a/modules/exploits/windows/browser/inotes_dwa85w_bof.rb +++ b/modules/exploits/windows/browser/inotes_dwa85w_bof.rb @@ -48,6 +48,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-2175'], + [ 'OSVDB', '82755' ], [ 'BID', '53879' ], [ 'ZDI', '12-132' ], [ 'URL', 'http://www-304.ibm.com/support/docview.wss?uid=swg21596862' ] diff --git a/modules/exploits/windows/browser/intrust_annotatex_add.rb b/modules/exploits/windows/browser/intrust_annotatex_add.rb index ee7d5e9946..3f626ef961 100644 --- a/modules/exploits/windows/browser/intrust_annotatex_add.rb +++ b/modules/exploits/windows/browser/intrust_annotatex_add.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-5896'], + [ 'OSVDB', '80662'], [ 'BID', '52765'], [ 'EDB', '18674'] ], diff --git a/modules/exploits/windows/browser/java_basicservice_impl.rb b/modules/exploits/windows/browser/java_basicservice_impl.rb index 6f62f29c57..dce454f29d 100644 --- a/modules/exploits/windows/browser/java_basicservice_impl.rb +++ b/modules/exploits/windows/browser/java_basicservice_impl.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-3563' ], + [ 'OSVDB', '69043' ], [ 'URL', 'http://mk41ser.blogspot.com' ], ], 'Platform' => %w{ java win }, diff --git a/modules/exploits/windows/browser/java_cmm.rb b/modules/exploits/windows/browser/java_cmm.rb index 3208050731..dd6140d2f9 100644 --- a/modules/exploits/windows/browser/java_cmm.rb +++ b/modules/exploits/windows/browser/java_cmm.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-1493' ], + [ 'OSVDB', '90737' ], [ 'BID', '58238' ], [ 'URL', 'https://blogs.oracle.com/security/entry/security_alert_cve_2013_1493' ], [ 'URL', 'http://www.oracle.com/technetwork/topics/security/alert-cve-2013-1493-1915081.html' ], diff --git a/modules/exploits/windows/browser/java_codebase_trust.rb b/modules/exploits/windows/browser/java_codebase_trust.rb index c587d6f0ac..1d3e0e9eea 100644 --- a/modules/exploits/windows/browser/java_codebase_trust.rb +++ b/modules/exploits/windows/browser/java_codebase_trust.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-4452' ], + [ 'OSVDB', '71193' ], [ 'ZDI', '11-084' ], [ 'URL', 'http://fhoguin.com/2011/03/oracle-java-unsigned-applet-applet2classloader-remote-code-execution-vulnerability-zdi-11-084-explained/' ], [ 'URL', 'http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html' ] diff --git a/modules/exploits/windows/browser/java_docbase_bof.rb b/modules/exploits/windows/browser/java_docbase_bof.rb index 523ca954fe..c8a8cbcec7 100644 --- a/modules/exploits/windows/browser/java_docbase_bof.rb +++ b/modules/exploits/windows/browser/java_docbase_bof.rb @@ -46,6 +46,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-3552' ], + [ 'OSVDB', '68873' ], [ 'BID', '44023' ], [ 'URL', 'http://blog.harmonysecurity.com/2010/10/oracle-java-ie-browser-plugin-stack.html' ], [ 'ZDI', '10-206' ], diff --git a/modules/exploits/windows/browser/java_mixer_sequencer.rb b/modules/exploits/windows/browser/java_mixer_sequencer.rb index 9d8211bf26..5817b6720e 100644 --- a/modules/exploits/windows/browser/java_mixer_sequencer.rb +++ b/modules/exploits/windows/browser/java_mixer_sequencer.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0842' ], + [ 'OSVDB', '63493'], [ 'BID', '39077'], [ 'ZDI', '10-060' ], [ 'URL', 'http://vreugdenhilresearch.nl/java-midi-parse-vulnerabilities/'] diff --git a/modules/exploits/windows/browser/java_ws_arginject_altjvm.rb b/modules/exploits/windows/browser/java_ws_arginject_altjvm.rb index 74eecaa9d9..063a6aef3d 100644 --- a/modules/exploits/windows/browser/java_ws_arginject_altjvm.rb +++ b/modules/exploits/windows/browser/java_ws_arginject_altjvm.rb @@ -39,6 +39,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2010-0886' ], [ 'CVE', '2010-1423' ], + [ 'OSVDB', '63648' ], [ 'BID', '39346' ], [ 'URL', 'http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0122.html' ], [ 'URL', 'http://www.reversemode.com/index.php?option=com_content&task=view&id=67&Itemid=1' ] diff --git a/modules/exploits/windows/browser/java_ws_double_quote.rb b/modules/exploits/windows/browser/java_ws_double_quote.rb index 1a825164ee..87ac933b9f 100644 --- a/modules/exploits/windows/browser/java_ws_double_quote.rb +++ b/modules/exploits/windows/browser/java_ws_double_quote.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-1533' ], + [ 'OSVDB', '86348' ], [ 'BID' , '56046'], [ 'URL', 'http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html' ], [ 'URL', 'http://pastebin.com/eUucVage '] diff --git a/modules/exploits/windows/browser/java_ws_vmargs.rb b/modules/exploits/windows/browser/java_ws_vmargs.rb index f183a42e82..74323a296a 100644 --- a/modules/exploits/windows/browser/java_ws_vmargs.rb +++ b/modules/exploits/windows/browser/java_ws_vmargs.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0500' ], + [ 'OSVDB', '79227' ], [ 'BID', '52015' ], [ 'URL', 'http://seclists.org/fulldisclosure/2012/Feb/251' ], [ 'URL', 'http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html' ] diff --git a/modules/exploits/windows/browser/juniper_sslvpn_ive_setupdll.rb b/modules/exploits/windows/browser/juniper_sslvpn_ive_setupdll.rb index 4be7c6935c..12a30108ab 100644 --- a/modules/exploits/windows/browser/juniper_sslvpn_ive_setupdll.rb +++ b/modules/exploits/windows/browser/juniper_sslvpn_ive_setupdll.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-2086' ], + [ 'OSVDB', '25001' ], [ 'BID', '17712' ], [ 'URL', 'http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0743.html' ], ], diff --git a/modules/exploits/windows/browser/kazaa_altnet_heap.rb b/modules/exploits/windows/browser/kazaa_altnet_heap.rb index 2f000b93a2..04f1329b5c 100644 --- a/modules/exploits/windows/browser/kazaa_altnet_heap.rb +++ b/modules/exploits/windows/browser/kazaa_altnet_heap.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5217' ], + [ 'OSVDB', '37785' ], [ 'URL', 'http://secunia.com/advisories/26970/' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/keyhelp_launchtripane_exec.rb b/modules/exploits/windows/browser/keyhelp_launchtripane_exec.rb index 471463c28f..601a07fd74 100644 --- a/modules/exploits/windows/browser/keyhelp_launchtripane_exec.rb +++ b/modules/exploits/windows/browser/keyhelp_launchtripane_exec.rb @@ -53,6 +53,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-2516' ], + [ 'OSVDB', '83311' ], [ 'BID', '55265' ], [ 'ZDI', '12-169' ], [ 'URL', 'http://support.ge-ip.com/support/index?page=kbchannel&id=S:KB14863' ] diff --git a/modules/exploits/windows/browser/logitechvideocall_start.rb b/modules/exploits/windows/browser/logitechvideocall_start.rb index 52f28c8b81..96f993ef29 100644 --- a/modules/exploits/windows/browser/logitechvideocall_start.rb +++ b/modules/exploits/windows/browser/logitechvideocall_start.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-2918' ], + [ 'OSVDB', '36820'], [ 'BID', '24254' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/lpviewer_url.rb b/modules/exploits/windows/browser/lpviewer_url.rb index a3853c903d..9dd79abcbb 100644 --- a/modules/exploits/windows/browser/lpviewer_url.rb +++ b/modules/exploits/windows/browser/lpviewer_url.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-4384' ], + [ 'OSVDB', '48946' ], [ 'US-CERT-VU', '848873' ], [ 'BID', '31604' ], ], diff --git a/modules/exploits/windows/browser/macrovision_downloadandexecute.rb b/modules/exploits/windows/browser/macrovision_downloadandexecute.rb index 2de1169203..038cb41bda 100644 --- a/modules/exploits/windows/browser/macrovision_downloadandexecute.rb +++ b/modules/exploits/windows/browser/macrovision_downloadandexecute.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5660' ], + [ 'OSVDB', '38347' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/browser/macrovision_unsafe.rb b/modules/exploits/windows/browser/macrovision_unsafe.rb index 9834d080b2..c15b5dcd61 100644 --- a/modules/exploits/windows/browser/macrovision_unsafe.rb +++ b/modules/exploits/windows/browser/macrovision_unsafe.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5660' ], + [ 'OSVDB', '38347' ], [ 'BID', '26280' ], ], 'Payload' => diff --git a/modules/exploits/windows/browser/malwarebytes_update_exec.rb b/modules/exploits/windows/browser/malwarebytes_update_exec.rb index 04665c4947..7714407a8c 100644 --- a/modules/exploits/windows/browser/malwarebytes_update_exec.rb +++ b/modules/exploits/windows/browser/malwarebytes_update_exec.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2014-4936' ], + [' OSVDB', '116050'], [ 'URL', 'http://blog.0x3a.com/post/104954032239/cve-2014-4936-malwarebytes-anti-malware-and'] # Discoverer's blog ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/maxthon_history_xcs.rb b/modules/exploits/windows/browser/maxthon_history_xcs.rb index f37f84e94a..f501d3b651 100644 --- a/modules/exploits/windows/browser/maxthon_history_xcs.rb +++ b/modules/exploits/windows/browser/maxthon_history_xcs.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '88191'], ['EDB', '23225'], ['URL', 'http://blog.malerisch.net/2012/12/maxthon-cross-context-scripting-xcs-about-history-rce.html'] ], diff --git a/modules/exploits/windows/browser/mcafee_mcsubmgr_vsprintf.rb b/modules/exploits/windows/browser/mcafee_mcsubmgr_vsprintf.rb index a69616d57c..0bd3a05ebf 100644 --- a/modules/exploits/windows/browser/mcafee_mcsubmgr_vsprintf.rb +++ b/modules/exploits/windows/browser/mcafee_mcsubmgr_vsprintf.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-3961'], + [ 'OSVDB', '27698'], [ 'BID', '19265'] ], 'Payload' => diff --git a/modules/exploits/windows/browser/mcafee_mvt_exec.rb b/modules/exploits/windows/browser/mcafee_mvt_exec.rb index c833551b32..eca4fd4e7d 100644 --- a/modules/exploits/windows/browser/mcafee_mvt_exec.rb +++ b/modules/exploits/windows/browser/mcafee_mvt_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-4598' ], + [ 'OSVDB', '81657'], [ 'EDB', '18805' ], [ 'URL', 'https://kc.mcafee.com/corporate/index?page=content&id=SB10028' ] ], diff --git a/modules/exploits/windows/browser/mcafeevisualtrace_tracetarget.rb b/modules/exploits/windows/browser/mcafeevisualtrace_tracetarget.rb index 30209e68ae..9828cf2c15 100644 --- a/modules/exploits/windows/browser/mcafeevisualtrace_tracetarget.rb +++ b/modules/exploits/windows/browser/mcafeevisualtrace_tracetarget.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-6707'], + [ 'OSVDB', '32399'], [ 'URL', 'http://secunia.com/advisories/23463' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/mirc_irc_url.rb b/modules/exploits/windows/browser/mirc_irc_url.rb index 88f0776ba2..e8877e1ed5 100644 --- a/modules/exploits/windows/browser/mirc_irc_url.rb +++ b/modules/exploits/windows/browser/mirc_irc_url.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-1336'], + [ 'OSVDB', '2665'], [ 'BID', '8819' ], ], diff --git a/modules/exploits/windows/browser/mozilla_attribchildremoved.rb b/modules/exploits/windows/browser/mozilla_attribchildremoved.rb index fbe3a50228..e431231c46 100644 --- a/modules/exploits/windows/browser/mozilla_attribchildremoved.rb +++ b/modules/exploits/windows/browser/mozilla_attribchildremoved.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-3659' ], + [ 'OSVDB', '78736' ], [ 'ZDI', '12-110'], [ 'URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=708198' ] ], diff --git a/modules/exploits/windows/browser/mozilla_firefox_onreadystatechange.rb b/modules/exploits/windows/browser/mozilla_firefox_onreadystatechange.rb index 9bf92db700..635d5fc3be 100644 --- a/modules/exploits/windows/browser/mozilla_firefox_onreadystatechange.rb +++ b/modules/exploits/windows/browser/mozilla_firefox_onreadystatechange.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-1690' ], + [ 'OSVDB', '94584'], [ 'BID', '60778'], [ 'URL', 'https://www.mozilla.org/security/announce/2013/mfsa2013-53.html' ], [ 'URL', 'https://lists.torproject.org/pipermail/tor-announce/2013-August/000089.html' ], diff --git a/modules/exploits/windows/browser/mozilla_firefox_xmlserializer.rb b/modules/exploits/windows/browser/mozilla_firefox_xmlserializer.rb index ded779baff..3af07119d9 100644 --- a/modules/exploits/windows/browser/mozilla_firefox_xmlserializer.rb +++ b/modules/exploits/windows/browser/mozilla_firefox_xmlserializer.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-0753' ], + [ 'OSVDB', '89021'], [ 'BID', '57209'], [ 'ZDI', '13-006' ], [ 'URL', 'http://www.mozilla.org/security/announce/2013/mfsa2013-16.html' ], diff --git a/modules/exploits/windows/browser/mozilla_interleaved_write.rb b/modules/exploits/windows/browser/mozilla_interleaved_write.rb index 4d4b766d49..be9b94bf4a 100644 --- a/modules/exploits/windows/browser/mozilla_interleaved_write.rb +++ b/modules/exploits/windows/browser/mozilla_interleaved_write.rb @@ -41,6 +41,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2010-3765'], + ['OSVDB', '68905'], ['BID', '15352'], ['EDB', '15352'], ['URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=607222'], diff --git a/modules/exploits/windows/browser/mozilla_mchannel.rb b/modules/exploits/windows/browser/mozilla_mchannel.rb index ac59c48211..351ab5261d 100644 --- a/modules/exploits/windows/browser/mozilla_mchannel.rb +++ b/modules/exploits/windows/browser/mozilla_mchannel.rb @@ -41,6 +41,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-0065'], + ['OSVDB', '72085'], ['URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=634986'], ['URL', 'http://www.mozilla.org/security/announce/2011/mfsa2011-13.html'] ], diff --git a/modules/exploits/windows/browser/mozilla_nssvgvalue.rb b/modules/exploits/windows/browser/mozilla_nssvgvalue.rb index 395f8c6f76..6b09d042d0 100644 --- a/modules/exploits/windows/browser/mozilla_nssvgvalue.rb +++ b/modules/exploits/windows/browser/mozilla_nssvgvalue.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-3658' ], + [ 'OSVDB', '77953'], [ 'ZDI', '12-056' ], [ 'URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=708186' ] ], diff --git a/modules/exploits/windows/browser/mozilla_nstreerange.rb b/modules/exploits/windows/browser/mozilla_nstreerange.rb index 1227651fa3..46ba71e46e 100644 --- a/modules/exploits/windows/browser/mozilla_nstreerange.rb +++ b/modules/exploits/windows/browser/mozilla_nstreerange.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-0073'], + ['OSVDB', '72087'], ['BID', '47663'], ['ZDI', '11-157'], ['URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=630919'], diff --git a/modules/exploits/windows/browser/mozilla_reduceright.rb b/modules/exploits/windows/browser/mozilla_reduceright.rb index 0bc19dc5c0..2a78db1bb5 100644 --- a/modules/exploits/windows/browser/mozilla_reduceright.rb +++ b/modules/exploits/windows/browser/mozilla_reduceright.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-2371'], + ['OSVDB', '73184'], ['EDB', '17974'], ['URL', 'https://bugzilla.mozilla.org/show_bug.cgi?id=664009'] ], diff --git a/modules/exploits/windows/browser/ms03_020_ie_objecttype.rb b/modules/exploits/windows/browser/ms03_020_ie_objecttype.rb index 2388dd5c1c..afe4d9aa3e 100644 --- a/modules/exploits/windows/browser/ms03_020_ie_objecttype.rb +++ b/modules/exploits/windows/browser/ms03_020_ie_objecttype.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0344' ], + [ 'OSVDB', '2967' ], [ 'BID', '7806' ], [ 'MSB', 'MS03-020' ], ], diff --git a/modules/exploits/windows/browser/ms05_054_onload.rb b/modules/exploits/windows/browser/ms05_054_onload.rb index f48c002748..9027e3b800 100644 --- a/modules/exploits/windows/browser/ms05_054_onload.rb +++ b/modules/exploits/windows/browser/ms05_054_onload.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['MSB', 'MS05-054'], ['CVE', '2005-1790'], + ['OSVDB', '17094'], ['BID', '13799'], ['URL', 'http://www.cvedetails.com/cve/CVE-2005-1790'], ], diff --git a/modules/exploits/windows/browser/ms06_001_wmf_setabortproc.rb b/modules/exploits/windows/browser/ms06_001_wmf_setabortproc.rb index a71b9ca10a..56b3424194 100644 --- a/modules/exploits/windows/browser/ms06_001_wmf_setabortproc.rb +++ b/modules/exploits/windows/browser/ms06_001_wmf_setabortproc.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-4560'], + ['OSVDB', '21987'], ['MSB', 'MS06-001'], ['BID', '16074'], ['URL', 'http://www.microsoft.com/technet/security/advisory/912840.mspx'], diff --git a/modules/exploits/windows/browser/ms06_013_createtextrange.rb b/modules/exploits/windows/browser/ms06_013_createtextrange.rb index 829ac669f8..a2f3bf5b41 100644 --- a/modules/exploits/windows/browser/ms06_013_createtextrange.rb +++ b/modules/exploits/windows/browser/ms06_013_createtextrange.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-1359'], + ['OSVDB', '24050'], ['MSB', 'MS06-013'], ['BID', '17196'], ['US-CERT-VU', '876678'], diff --git a/modules/exploits/windows/browser/ms06_055_vml_method.rb b/modules/exploits/windows/browser/ms06_055_vml_method.rb index 6a1b5b48d0..ec0c79bc03 100644 --- a/modules/exploits/windows/browser/ms06_055_vml_method.rb +++ b/modules/exploits/windows/browser/ms06_055_vml_method.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-4868'], + ['OSVDB', '28946'], ['MSB', 'MS06-055'], ['BID', '20096'], ], diff --git a/modules/exploits/windows/browser/ms06_057_webview_setslice.rb b/modules/exploits/windows/browser/ms06_057_webview_setslice.rb index 92e2c0b990..958c1649d1 100644 --- a/modules/exploits/windows/browser/ms06_057_webview_setslice.rb +++ b/modules/exploits/windows/browser/ms06_057_webview_setslice.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-3730'], + [ 'OSVDB', '27110' ], [ 'MSB', 'MS06-057'], [ 'BID', '19030' ] ], diff --git a/modules/exploits/windows/browser/ms06_067_keyframe.rb b/modules/exploits/windows/browser/ms06_067_keyframe.rb index 7272cb68f6..fe0e20f400 100644 --- a/modules/exploits/windows/browser/ms06_067_keyframe.rb +++ b/modules/exploits/windows/browser/ms06_067_keyframe.rb @@ -47,6 +47,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-4777' ], + [ 'OSVDB', '28842' ], [ 'BID', '20047' ], [ 'MSB', 'MS06-067' ] ], diff --git a/modules/exploits/windows/browser/ms06_071_xml_core.rb b/modules/exploits/windows/browser/ms06_071_xml_core.rb index 39547ba8a9..533beb1042 100644 --- a/modules/exploits/windows/browser/ms06_071_xml_core.rb +++ b/modules/exploits/windows/browser/ms06_071_xml_core.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-5745' ], + ['OSVDB', '29425' ], ['MSB', 'MS06-071' ], ['BID', '20915' ], ], diff --git a/modules/exploits/windows/browser/ms07_017_ani_loadimage_chunksize.rb b/modules/exploits/windows/browser/ms07_017_ani_loadimage_chunksize.rb index 63daae882c..812cd9d774 100644 --- a/modules/exploits/windows/browser/ms07_017_ani_loadimage_chunksize.rb +++ b/modules/exploits/windows/browser/ms07_017_ani_loadimage_chunksize.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-0038'], + ['OSVDB', '33629'], ['BID', '23194'], ['MSB', 'MS07-017'], ['URL', 'http://www.microsoft.com/technet/security/advisory/935423.mspx'] diff --git a/modules/exploits/windows/browser/ms08_041_snapshotviewer.rb b/modules/exploits/windows/browser/ms08_041_snapshotviewer.rb index 56388a29dc..09f40510e4 100644 --- a/modules/exploits/windows/browser/ms08_041_snapshotviewer.rb +++ b/modules/exploits/windows/browser/ms08_041_snapshotviewer.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-2463' ], + [ 'OSVDB', '46749'], [ 'MSB', 'MS08-041' ], [ 'BID', '30114' ], ], diff --git a/modules/exploits/windows/browser/ms08_053_mediaencoder.rb b/modules/exploits/windows/browser/ms08_053_mediaencoder.rb index 2c52ab45e2..e069312a05 100644 --- a/modules/exploits/windows/browser/ms08_053_mediaencoder.rb +++ b/modules/exploits/windows/browser/ms08_053_mediaencoder.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-3008' ], + [ 'OSVDB', '47962' ], [ 'BID', '31065' ], [ 'MSB', 'MS08-053' ], ], diff --git a/modules/exploits/windows/browser/ms08_070_visual_studio_msmask.rb b/modules/exploits/windows/browser/ms08_070_visual_studio_msmask.rb index 4fb749d00b..bddfbd2985 100644 --- a/modules/exploits/windows/browser/ms08_070_visual_studio_msmask.rb +++ b/modules/exploits/windows/browser/ms08_070_visual_studio_msmask.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-3704' ], + [ 'OSVDB', '47475' ], [ 'BID', '30674' ], [ 'MSB', 'MS08-070' ] ], diff --git a/modules/exploits/windows/browser/ms08_078_xml_corruption.rb b/modules/exploits/windows/browser/ms08_078_xml_corruption.rb index dd7c52aeed..d1bb4018fe 100644 --- a/modules/exploits/windows/browser/ms08_078_xml_corruption.rb +++ b/modules/exploits/windows/browser/ms08_078_xml_corruption.rb @@ -42,6 +42,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2008-4844'], + ['OSVDB', '50622'], ['BID', '32721'], ['MSB', 'MS08-078'], ['URL', 'http://www.microsoft.com/technet/security/advisory/961051.mspx'], diff --git a/modules/exploits/windows/browser/ms09_002_memory_corruption.rb b/modules/exploits/windows/browser/ms09_002_memory_corruption.rb index 0883ef0fdb..fb953019b4 100644 --- a/modules/exploits/windows/browser/ms09_002_memory_corruption.rb +++ b/modules/exploits/windows/browser/ms09_002_memory_corruption.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-0075' ], + [ 'OSVDB', '51839' ], [ 'MSB', 'MS09-002' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/ms09_043_owc_htmlurl.rb b/modules/exploits/windows/browser/ms09_043_owc_htmlurl.rb index 3022aaffa7..5d223c0b62 100644 --- a/modules/exploits/windows/browser/ms09_043_owc_htmlurl.rb +++ b/modules/exploits/windows/browser/ms09_043_owc_htmlurl.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-1534' ], + [ 'OSVDB', '56916' ], [ 'BID', '35992' ], [ 'MSB', 'MS09-043' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=819' ] diff --git a/modules/exploits/windows/browser/ms09_043_owc_msdso.rb b/modules/exploits/windows/browser/ms09_043_owc_msdso.rb index 333d0b390d..8bef321090 100644 --- a/modules/exploits/windows/browser/ms09_043_owc_msdso.rb +++ b/modules/exploits/windows/browser/ms09_043_owc_msdso.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-1136' ], + [ 'OSVDB', '55806' ], [ 'MSB', 'MS09-043' ], [ 'URL', 'http://ahmed.obied.net/software/code/exploits/ie_owc.py' ], [ 'EDB', '9163' ], diff --git a/modules/exploits/windows/browser/ms09_072_style_object.rb b/modules/exploits/windows/browser/ms09_072_style_object.rb index eafb207bbf..db5edffd29 100644 --- a/modules/exploits/windows/browser/ms09_072_style_object.rb +++ b/modules/exploits/windows/browser/ms09_072_style_object.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['MSB', 'MS09-072'], ['CVE', '2009-3672'], + ['OSVDB', '50622'], ['BID', '37085'], ['URL', 'http://www.microsoft.com/technet/security/advisory/977981.mspx'], ['URL', 'http://taossa.com/archive/bh08sotirovdowd.pdf'], diff --git a/modules/exploits/windows/browser/ms10_002_aurora.rb b/modules/exploits/windows/browser/ms10_002_aurora.rb index 37b182fe16..41e2c4b8f7 100644 --- a/modules/exploits/windows/browser/ms10_002_aurora.rb +++ b/modules/exploits/windows/browser/ms10_002_aurora.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['MSB', 'MS10-002'], ['CVE', '2010-0249'], + ['OSVDB', '61697'], ['URL', 'http://www.microsoft.com/technet/security/advisory/979352.mspx'], ['URL', 'http://wepawet.iseclab.org/view.php?hash=1aea206aa64ebeabb07237f1e2230d0f&type=js'] diff --git a/modules/exploits/windows/browser/ms10_002_ie_object.rb b/modules/exploits/windows/browser/ms10_002_ie_object.rb index 01954dbcd0..c8c48f817f 100644 --- a/modules/exploits/windows/browser/ms10_002_ie_object.rb +++ b/modules/exploits/windows/browser/ms10_002_ie_object.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'MSB', 'MS10-002'], [ 'CVE', '2010-0248' ], + [ 'OSVDB', '61914'], [ 'URL', 'http://dvlabs.tippingpoint.com/blog/2012/03/15/pwn2own-2012-challenge-writeup' ], [ 'ZDI', '10-014'] ], diff --git a/modules/exploits/windows/browser/ms10_018_ie_behaviors.rb b/modules/exploits/windows/browser/ms10_018_ie_behaviors.rb index 44ffb47d3e..3bc77c655b 100644 --- a/modules/exploits/windows/browser/ms10_018_ie_behaviors.rb +++ b/modules/exploits/windows/browser/ms10_018_ie_behaviors.rb @@ -70,6 +70,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0806' ], + [ 'OSVDB', '62810' ], [ 'BID', '38615' ], [ 'URL', 'http://www.microsoft.com/technet/security/advisory/981374.mspx' ], [ 'URL', 'http://www.avertlabs.com/research/blog/index.php/2010/03/09/targeted-internet-explorer-0day-attack-announced-cve-2010-0806/' ], diff --git a/modules/exploits/windows/browser/ms10_018_ie_tabular_activex.rb b/modules/exploits/windows/browser/ms10_018_ie_tabular_activex.rb index f85089963b..205ab89161 100644 --- a/modules/exploits/windows/browser/ms10_018_ie_tabular_activex.rb +++ b/modules/exploits/windows/browser/ms10_018_ie_tabular_activex.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0805' ], + [ 'OSVDB', '63329' ], [ 'BID', '39025' ], [ 'ZDI', '10-034' ], [ 'MSB', 'MS10-018' ] diff --git a/modules/exploits/windows/browser/ms10_022_ie_vbscript_winhlp32.rb b/modules/exploits/windows/browser/ms10_022_ie_vbscript_winhlp32.rb index d9a96aea0b..097cae4618 100644 --- a/modules/exploits/windows/browser/ms10_022_ie_vbscript_winhlp32.rb +++ b/modules/exploits/windows/browser/ms10_022_ie_vbscript_winhlp32.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0483' ], + [ 'OSVDB', '62632' ], [ 'MSB', 'MS10-023' ], [ 'URL', 'http://www.microsoft.com/technet/security/advisory/981169.mspx' ], [ 'URL', 'http://blogs.technet.com/msrc/archive/2010/02/28/investigating-a-new-win32hlp-and-internet-explorer-issue.aspx' ], diff --git a/modules/exploits/windows/browser/ms10_026_avi_nsamplespersec.rb b/modules/exploits/windows/browser/ms10_026_avi_nsamplespersec.rb index 75f9ab8330..a0d8c78154 100644 --- a/modules/exploits/windows/browser/ms10_026_avi_nsamplespersec.rb +++ b/modules/exploits/windows/browser/ms10_026_avi_nsamplespersec.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2010-0480'], + ['OSVDB', '63749'], ['BID', '39303'], ['MSB', 'MS10-026'], ['URL', 'http://www.exploit-db.com/moaub-5-microsoft-mpeg-layer-3-audio-stack-based-overflow/'], diff --git a/modules/exploits/windows/browser/ms10_042_helpctr_xss_cmd_exec.rb b/modules/exploits/windows/browser/ms10_042_helpctr_xss_cmd_exec.rb index 12fd46cf89..d6f2f8e684 100644 --- a/modules/exploits/windows/browser/ms10_042_helpctr_xss_cmd_exec.rb +++ b/modules/exploits/windows/browser/ms10_042_helpctr_xss_cmd_exec.rb @@ -45,6 +45,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1885' ], + [ 'OSVDB', '65264' ], [ 'URL', 'http://www.microsoft.com/technet/security/advisory/2219475.mspx' ], [ 'MSB', 'MS10-042'] ], diff --git a/modules/exploits/windows/browser/ms10_046_shortcut_icon_dllloader.rb b/modules/exploits/windows/browser/ms10_046_shortcut_icon_dllloader.rb index 74f7bb1bed..5e71f5dabc 100644 --- a/modules/exploits/windows/browser/ms10_046_shortcut_icon_dllloader.rb +++ b/modules/exploits/windows/browser/ms10_046_shortcut_icon_dllloader.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2010-2568'], + ['OSVDB', '66387'], ['MSB', 'MS10-046'], ['URL', 'http://www.microsoft.com/technet/security/advisory/2286198.mspx'] ], diff --git a/modules/exploits/windows/browser/ms10_090_ie_css_clip.rb b/modules/exploits/windows/browser/ms10_090_ie_css_clip.rb index b0a694594d..fa32a72eb7 100644 --- a/modules/exploits/windows/browser/ms10_090_ie_css_clip.rb +++ b/modules/exploits/windows/browser/ms10_090_ie_css_clip.rb @@ -54,6 +54,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-3962' ], + [ 'OSVDB', '68987' ], [ 'BID', '44536' ], [ 'URL', 'http://www.microsoft.com/technet/security/advisory/2458511.mspx' ], [ 'EDB', '15421' ], diff --git a/modules/exploits/windows/browser/ms11_003_ie_css_import.rb b/modules/exploits/windows/browser/ms11_003_ie_css_import.rb index 00c0057f80..00a7558b92 100644 --- a/modules/exploits/windows/browser/ms11_003_ie_css_import.rb +++ b/modules/exploits/windows/browser/ms11_003_ie_css_import.rb @@ -45,6 +45,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-3971' ], + [ 'OSVDB', '69796' ], [ 'BID', '45246' ], [ 'URL', 'http://www.microsoft.com/technet/security/advisory/2488013.mspx' ], [ 'URL', 'http://www.wooyun.org/bugs/wooyun-2010-0885' ], diff --git a/modules/exploits/windows/browser/ms11_050_mshtml_cobjectelement.rb b/modules/exploits/windows/browser/ms11_050_mshtml_cobjectelement.rb index ef91ee40a7..8d6ebad0b1 100644 --- a/modules/exploits/windows/browser/ms11_050_mshtml_cobjectelement.rb +++ b/modules/exploits/windows/browser/ms11_050_mshtml_cobjectelement.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-1260'], + ['OSVDB', '72950'], ['MSB', 'MS11-050'], ['URL', 'http://d0cs4vage.blogspot.com/2011/06/insecticides-dont-kill-bugs-patch.html'] ], diff --git a/modules/exploits/windows/browser/ms11_081_option.rb b/modules/exploits/windows/browser/ms11_081_option.rb index a21c0b0873..b31eaf3ef2 100644 --- a/modules/exploits/windows/browser/ms11_081_option.rb +++ b/modules/exploits/windows/browser/ms11_081_option.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-1996' ], + [ 'OSVDB', '76208' ], [ 'MSB', 'MS11-081' ], [ 'URL', 'http://ifsec.blogspot.com/2011/10/internet-explorer-option-element-remote.html' ], [ 'URL', 'http://pastebin.com/YLH725Aj' ] diff --git a/modules/exploits/windows/browser/ms11_093_ole32.rb b/modules/exploits/windows/browser/ms11_093_ole32.rb index 0099353b18..b382a1498c 100644 --- a/modules/exploits/windows/browser/ms11_093_ole32.rb +++ b/modules/exploits/windows/browser/ms11_093_ole32.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'MSB', 'MS11-093'], [ 'CVE', '2011-3400' ], + [ 'OSVDB', '77663'], [ 'BID', '50977' ], [ 'URL', 'http://aluigi.org/adv/ole32_1-adv.txt' ], [ 'URL', 'http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=966' ] diff --git a/modules/exploits/windows/browser/ms12_004_midi.rb b/modules/exploits/windows/browser/ms12_004_midi.rb index f1d4314b5a..16cec1843d 100644 --- a/modules/exploits/windows/browser/ms12_004_midi.rb +++ b/modules/exploits/windows/browser/ms12_004_midi.rb @@ -47,6 +47,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'MSB', 'MS12-004'], [ 'CVE', '2012-0003' ], + [ 'OSVDB', '78210'], [ 'BID', '51292'] ], 'Payload' => diff --git a/modules/exploits/windows/browser/ms12_037_ie_colspan.rb b/modules/exploits/windows/browser/ms12_037_ie_colspan.rb index 36af6b3094..af516188b1 100644 --- a/modules/exploits/windows/browser/ms12_037_ie_colspan.rb +++ b/modules/exploits/windows/browser/ms12_037_ie_colspan.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-1876' ], + [ 'OSVDB', '82866'], [ 'BID', '53848' ], [ 'MSB', 'MS12-037' ] ], diff --git a/modules/exploits/windows/browser/ms12_037_same_id.rb b/modules/exploits/windows/browser/ms12_037_same_id.rb index 849893008b..ae82b71a96 100644 --- a/modules/exploits/windows/browser/ms12_037_same_id.rb +++ b/modules/exploits/windows/browser/ms12_037_same_id.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'MSB', 'MS12-037'], [ 'CVE', '2012-1875' ], + [ 'OSVDB', '82865'], [ 'URL', 'http://labs.alienvault.com/labs/index.php/2012/ongoing-attacks-exploiting-cve-2012-1875/'], [ 'URL', 'https://twitter.com/binjo/status/212795802974830592' ], # Exploit found in the wild [ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2012/06/18/metasploit-exploits-critical-microsoft-vulnerabilities'] diff --git a/modules/exploits/windows/browser/ms13_009_ie_slayoutrun_uaf.rb b/modules/exploits/windows/browser/ms13_009_ie_slayoutrun_uaf.rb index bc55f215e3..66098c6c37 100644 --- a/modules/exploits/windows/browser/ms13_009_ie_slayoutrun_uaf.rb +++ b/modules/exploits/windows/browser/ms13_009_ie_slayoutrun_uaf.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-0025' ], + [ 'OSVDB', '90122' ], [ 'MSB', 'MS13-009' ], [ 'URL', 'http://security-assessment.com/files/documents/advisory/ie_slayoutrun_uaf.pdf' ] ], diff --git a/modules/exploits/windows/browser/ms13_022_silverlight_script_object.rb b/modules/exploits/windows/browser/ms13_022_silverlight_script_object.rb index 62a4f4c32b..d766b0638d 100644 --- a/modules/exploits/windows/browser/ms13_022_silverlight_script_object.rb +++ b/modules/exploits/windows/browser/ms13_022_silverlight_script_object.rb @@ -41,6 +41,8 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2013-0074' ], [ 'CVE', '2013-3896' ], + [ 'OSVDB', '91147' ], + [ 'OSVDB', '98223' ], [ 'BID', '58327' ], [ 'BID', '62793' ], [ 'MSB', 'MS13-022' ], diff --git a/modules/exploits/windows/browser/ms13_037_svg_dashstyle.rb b/modules/exploits/windows/browser/ms13_037_svg_dashstyle.rb index b909b8242f..09200f72af 100644 --- a/modules/exploits/windows/browser/ms13_037_svg_dashstyle.rb +++ b/modules/exploits/windows/browser/ms13_037_svg_dashstyle.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-2551' ], + [ 'OSVDB', '91197' ], [ 'BID', '58570' ], [ 'MSB', 'MS13-037' ], [ 'URL', 'http://binvul.com/viewthread.php?tid=311' ] diff --git a/modules/exploits/windows/browser/ms13_055_canchor.rb b/modules/exploits/windows/browser/ms13_055_canchor.rb index a51878f1ca..55980c503d 100644 --- a/modules/exploits/windows/browser/ms13_055_canchor.rb +++ b/modules/exploits/windows/browser/ms13_055_canchor.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-3163' ], + [ 'OSVDB', '94981' ], [ 'MSB', 'MS13-055' ], [ 'URL', 'https://speakerd.s3.amazonaws.com/presentations/0df98910d26c0130e8927e81ab71b214/for-share.pdf' ] ], diff --git a/modules/exploits/windows/browser/ms13_059_cflatmarkuppointer.rb b/modules/exploits/windows/browser/ms13_059_cflatmarkuppointer.rb index ec61dc5d35..fc2563ea71 100644 --- a/modules/exploits/windows/browser/ms13_059_cflatmarkuppointer.rb +++ b/modules/exploits/windows/browser/ms13_059_cflatmarkuppointer.rb @@ -48,6 +48,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-3184' ], + [ 'OSVDB', '96182' ], [ 'MSB', 'MS13-059' ], [ 'BID', '61668' ], [ 'ZDI', '13-194' ], diff --git a/modules/exploits/windows/browser/ms13_069_caret.rb b/modules/exploits/windows/browser/ms13_069_caret.rb index 57ecc0d504..6178bc76a8 100644 --- a/modules/exploits/windows/browser/ms13_069_caret.rb +++ b/modules/exploits/windows/browser/ms13_069_caret.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-3205' ], + [ 'OSVDB', '97094' ], [ 'MSB', 'MS13-069' ], [ 'ZDI', '13-217' ] ], diff --git a/modules/exploits/windows/browser/ms13_080_cdisplaypointer.rb b/modules/exploits/windows/browser/ms13_080_cdisplaypointer.rb index 01e6d88cf1..6ee1ddd0da 100644 --- a/modules/exploits/windows/browser/ms13_080_cdisplaypointer.rb +++ b/modules/exploits/windows/browser/ms13_080_cdisplaypointer.rb @@ -55,6 +55,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-3897' ], + [ 'OSVDB', '98207' ], [ 'MSB', 'MS13-080' ], [ 'URL', 'http://blogs.technet.com/b/srd/archive/2013/10/08/ms13-080-addresses-two-vulnerabilities-under-limited-targeted-attacks.aspx' ], [ 'URL', 'http://jsunpack.jeek.org/?report=847afb154a4e876d61f93404842d9a1b93a774fb' ] diff --git a/modules/exploits/windows/browser/ms13_090_cardspacesigninhelper.rb b/modules/exploits/windows/browser/ms13_090_cardspacesigninhelper.rb index ca50a4ffa5..136025b1a0 100644 --- a/modules/exploits/windows/browser/ms13_090_cardspacesigninhelper.rb +++ b/modules/exploits/windows/browser/ms13_090_cardspacesigninhelper.rb @@ -50,6 +50,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-3918'], + [ 'OSVDB', '99555' ], [ 'BID', '63631' ], [ 'MSB', 'MS13-090' ], [ 'URL', 'http://blogs.technet.com/b/msrc/archive/2013/11/11/activex-control-issue-being-addressed-in-update-tuesday.aspx' ] diff --git a/modules/exploits/windows/browser/ms14_064_ole_code_execution.rb b/modules/exploits/windows/browser/ms14_064_ole_code_execution.rb index 680dd0312d..a539f7c1f8 100644 --- a/modules/exploits/windows/browser/ms14_064_ole_code_execution.rb +++ b/modules/exploits/windows/browser/ms14_064_ole_code_execution.rb @@ -41,6 +41,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2014-6332' ], [ 'MSB', 'MS14-064' ], + [ 'OSVDB', '114533' ], [ 'EDB', '35229' ], [ 'EDB', '35308' ], [ 'URL', 'http://securityintelligence.com/ibm-x-force-researcher-finds-significant-vulnerability-in-microsoft-windows' ], diff --git a/modules/exploits/windows/browser/msvidctl_mpeg2.rb b/modules/exploits/windows/browser/msvidctl_mpeg2.rb index 0d94faa959..8a2c327422 100644 --- a/modules/exploits/windows/browser/msvidctl_mpeg2.rb +++ b/modules/exploits/windows/browser/msvidctl_mpeg2.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-0015' ], + [ 'OSVDB', '55651' ], [ 'BID', '35558' ], [ 'MSB', 'MS09-032' ], [ 'MSB', 'MS09-037' ], diff --git a/modules/exploits/windows/browser/mswhale_checkforupdates.rb b/modules/exploits/windows/browser/mswhale_checkforupdates.rb index 5c03d5f1ba..09b8351635 100644 --- a/modules/exploits/windows/browser/mswhale_checkforupdates.rb +++ b/modules/exploits/windows/browser/mswhale_checkforupdates.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-2238' ], + [ 'OSVDB', '53933'], [ 'URL', 'http://technet.microsoft.com/en-us/library/dd282918.aspx' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/msxml_get_definition_code_exec.rb b/modules/exploits/windows/browser/msxml_get_definition_code_exec.rb index 5fcebefa9d..dac7e039f8 100644 --- a/modules/exploits/windows/browser/msxml_get_definition_code_exec.rb +++ b/modules/exploits/windows/browser/msxml_get_definition_code_exec.rb @@ -42,6 +42,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2012-1889' ], [ 'BID', '53934' ], + [ 'OSVDB', '82873'], [ 'MSB', 'MS12-043'], [ 'URL', 'http://technet.microsoft.com/en-us/security/advisory/2719615' ], [ 'URL', 'http://www.zdnet.com/blog/security/state-sponsored-attackers-using-ie-zero-day-to-hijack-gmail-accounts/12462' ], diff --git a/modules/exploits/windows/browser/nctaudiofile2_setformatlikesample.rb b/modules/exploits/windows/browser/nctaudiofile2_setformatlikesample.rb index cb5fee58e3..52f37d6fd8 100644 --- a/modules/exploits/windows/browser/nctaudiofile2_setformatlikesample.rb +++ b/modules/exploits/windows/browser/nctaudiofile2_setformatlikesample.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-0018' ], + [ 'OSVDB', '32032' ], [ 'BID', '22196' ], [ 'US-CERT-VU', '292713' ] ], diff --git a/modules/exploits/windows/browser/nis2004_antispam.rb b/modules/exploits/windows/browser/nis2004_antispam.rb index eff7d8fa36..35671acecc 100644 --- a/modules/exploits/windows/browser/nis2004_antispam.rb +++ b/modules/exploits/windows/browser/nis2004_antispam.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-0363' ], + [ 'OSVDB', '6249' ], [ 'BID', '9916' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/nis2004_get.rb b/modules/exploits/windows/browser/nis2004_get.rb index a15d8a6763..fb3fd45964 100644 --- a/modules/exploits/windows/browser/nis2004_get.rb +++ b/modules/exploits/windows/browser/nis2004_get.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-1689' ], + [ 'OSVDB', '36164'], [ 'URL', 'http://securityresponse.symantec.com/avcenter/security/Content/2007.05.16.html' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/notes_handler_cmdinject.rb b/modules/exploits/windows/browser/notes_handler_cmdinject.rb index 44b602c654..011b5f84d5 100644 --- a/modules/exploits/windows/browser/notes_handler_cmdinject.rb +++ b/modules/exploits/windows/browser/notes_handler_cmdinject.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-2174' ], + [ 'OSVDB', '83063' ], [ 'BID', '54070' ], [ 'ZDI', '12-154' ], [ 'URL', 'http://pwnanisec.blogspot.com/2012/10/exploiting-command-injection.html' ], diff --git a/modules/exploits/windows/browser/novell_groupwise_gwcls1_actvx.rb b/modules/exploits/windows/browser/novell_groupwise_gwcls1_actvx.rb index e707fed2e3..a61d88ca68 100644 --- a/modules/exploits/windows/browser/novell_groupwise_gwcls1_actvx.rb +++ b/modules/exploits/windows/browser/novell_groupwise_gwcls1_actvx.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0439' ], + [ 'OSVDB', '89700' ], [ 'BID' , '57658' ], [ 'ZDI', '13-008' ], [ 'URL', 'http://www.novell.com/support/kb/doc.php?id=7011688' ] diff --git a/modules/exploits/windows/browser/novelliprint_callbackurl.rb b/modules/exploits/windows/browser/novelliprint_callbackurl.rb index bc6d52ae9d..042abf46a7 100644 --- a/modules/exploits/windows/browser/novelliprint_callbackurl.rb +++ b/modules/exploits/windows/browser/novelliprint_callbackurl.rb @@ -22,6 +22,7 @@ # # References: # - CVE-2010-1527 +# - OSVDB 67411 # - http://secunia.com/secunia_research/2010-104/ - Original advisory by Carsten Eiram, Secunia Research # - http://www.exploit-db.com/exploits/15042/ - MOAUB #19 exploit # - http://www.exploit-db.com/moaub-19-novell-iprint-client-browser-plugin-call-back-url-stack-overflow/ - MOAUB #14 binary analysis @@ -52,6 +53,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1527' ], + [ 'OSVDB', '67411'], [ 'URL', 'http://secunia.com/secunia_research/2010-104/' ], # Carsten Eiram, Secunia Research [ 'EDB', '15042' ], # MOAUB #19 ], diff --git a/modules/exploits/windows/browser/novelliprint_datetime.rb b/modules/exploits/windows/browser/novelliprint_datetime.rb index 4f4d7a2d67..fb669b078b 100644 --- a/modules/exploits/windows/browser/novelliprint_datetime.rb +++ b/modules/exploits/windows/browser/novelliprint_datetime.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2009-1569' ], [ 'BID', '37242' ], + [ 'OSVDB', '60804' ], [ 'URL', 'http://secunia.com/advisories/35004/' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/novelliprint_executerequest.rb b/modules/exploits/windows/browser/novelliprint_executerequest.rb index acdcf2ef28..8cfc00ade1 100644 --- a/modules/exploits/windows/browser/novelliprint_executerequest.rb +++ b/modules/exploits/windows/browser/novelliprint_executerequest.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-0935' ], + [ 'OSVDB', '42063'], [ 'BID', '27939' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/novelliprint_executerequest_dbg.rb b/modules/exploits/windows/browser/novelliprint_executerequest_dbg.rb index fc936ab135..20a29ec374 100644 --- a/modules/exploits/windows/browser/novelliprint_executerequest_dbg.rb +++ b/modules/exploits/windows/browser/novelliprint_executerequest_dbg.rb @@ -22,6 +22,7 @@ # # References: # - CVE-2010-3106 +# - OSVDB 66960 # - http://dvlabs.tippingpoint.com/advisory/TPTI-10-06 - Original advisory by Aaron Portnoy, TippingPoint DVLabs # - http://www.exploit-db.com/exploits/15001/ - MOAUB #14 exploit # - http://www.exploit-db.com/moaub-14-novell-iprint-client-browser-plugin-executerequest-debug-parameter-stack-overflow/ - MOAUB #14 binary analysis @@ -51,6 +52,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-3106' ], + [ 'OSVDB', '66960'], [ 'URL', 'http://dvlabs.tippingpoint.com/advisory/TPTI-10-06' ], # Aaron Portnoy, TippingPoint DVLabs [ 'EDB', '15001' ], # MOAUB #14 ], diff --git a/modules/exploits/windows/browser/novelliprint_getdriversettings.rb b/modules/exploits/windows/browser/novelliprint_getdriversettings.rb index 7b9bed3786..c784347f9d 100644 --- a/modules/exploits/windows/browser/novelliprint_getdriversettings.rb +++ b/modules/exploits/windows/browser/novelliprint_getdriversettings.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-2908'], + [ 'OSVDB', '46194'], [ 'URL', 'http://secunia.com/advisories/30709/' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/novelliprint_getdriversettings_2.rb b/modules/exploits/windows/browser/novelliprint_getdriversettings_2.rb index 98da909e6d..6badf5ec16 100644 --- a/modules/exploits/windows/browser/novelliprint_getdriversettings_2.rb +++ b/modules/exploits/windows/browser/novelliprint_getdriversettings_2.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2010-4321' ], [ 'BID', '44966' ], + [ 'OSVDB', '69357' ], [ 'ZDI', '10-256' ], [ 'EDB', '16014' ], [ 'URL', 'http://www.novell.com/support/viewContent.do?externalId=7007234' ], diff --git a/modules/exploits/windows/browser/novelliprint_target_frame.rb b/modules/exploits/windows/browser/novelliprint_target_frame.rb index 267efdb562..34573d0248 100644 --- a/modules/exploits/windows/browser/novelliprint_target_frame.rb +++ b/modules/exploits/windows/browser/novelliprint_target_frame.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2009-1568' ], [ 'BID', '37242' ], + [ 'OSVDB', '60803' ], [ 'URL', 'http://secunia.com/advisories/37169/' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/ntr_activex_check_bof.rb b/modules/exploits/windows/browser/ntr_activex_check_bof.rb index 0d2471d099..611029ad99 100644 --- a/modules/exploits/windows/browser/ntr_activex_check_bof.rb +++ b/modules/exploits/windows/browser/ntr_activex_check_bof.rb @@ -44,6 +44,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0266' ], + [ 'OSVDB', '78252' ], [ 'BID', '51374' ], [ 'URL', 'http://secunia.com/secunia_research/2012-1/' ] ], diff --git a/modules/exploits/windows/browser/ntr_activex_stopmodule.rb b/modules/exploits/windows/browser/ntr_activex_stopmodule.rb index 6e2e4b588a..e943b11db0 100644 --- a/modules/exploits/windows/browser/ntr_activex_stopmodule.rb +++ b/modules/exploits/windows/browser/ntr_activex_stopmodule.rb @@ -41,6 +41,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0267' ], + [ 'OSVDB', '78253' ], [ 'BID', '51374' ], [ 'URL', 'http://secunia.com/secunia_research/2012-2/' ] ], diff --git a/modules/exploits/windows/browser/oracle_autovue_setmarkupmode.rb b/modules/exploits/windows/browser/oracle_autovue_setmarkupmode.rb index d8d1a4d850..f4cccba075 100644 --- a/modules/exploits/windows/browser/oracle_autovue_setmarkupmode.rb +++ b/modules/exploits/windows/browser/oracle_autovue_setmarkupmode.rb @@ -48,6 +48,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2012-0549' ], [ 'BID', '53077' ], + [ 'OSVDB', '81439' ], [ 'URL', 'http://dvlabs.tippingpoint.com/advisory/TPTI-12-05' ], [ 'URL', 'http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html' ], [ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2012/08/15/the-stack-cookies-bypass-on-cve-2012-0549' ] diff --git a/modules/exploits/windows/browser/oracle_dc_submittoexpress.rb b/modules/exploits/windows/browser/oracle_dc_submittoexpress.rb index dbaaf06008..a369d42b06 100644 --- a/modules/exploits/windows/browser/oracle_dc_submittoexpress.rb +++ b/modules/exploits/windows/browser/oracle_dc_submittoexpress.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-4607' ], + [ 'OSVDB', '38335' ], [ 'BID', '25467' ], [ 'US-CERT-VU', '281977' ], ], diff --git a/modules/exploits/windows/browser/oracle_webcenter_checkoutandopen.rb b/modules/exploits/windows/browser/oracle_webcenter_checkoutandopen.rb index f1e42f385b..9335d80815 100644 --- a/modules/exploits/windows/browser/oracle_webcenter_checkoutandopen.rb +++ b/modules/exploits/windows/browser/oracle_webcenter_checkoutandopen.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-1559' ], + [ 'OSVDB', '92386' ], [ 'BID', '59122' ], [ 'URL', 'http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html' ], [ 'ZDI', '13-094' ] diff --git a/modules/exploits/windows/browser/orbit_connecting.rb b/modules/exploits/windows/browser/orbit_connecting.rb index 7c435b0292..5ecae278aa 100644 --- a/modules/exploits/windows/browser/orbit_connecting.rb +++ b/modules/exploits/windows/browser/orbit_connecting.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-0187' ], + [ 'OSVDB', '52294' ], [ 'BID', '33894' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/ovftool_format_string.rb b/modules/exploits/windows/browser/ovftool_format_string.rb index fc06bac022..7184ac812a 100644 --- a/modules/exploits/windows/browser/ovftool_format_string.rb +++ b/modules/exploits/windows/browser/ovftool_format_string.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-3569' ], + [ 'OSVDB', '87117' ], [ 'BID', '56468' ], [ 'URL', 'http://www.vmware.com/security/advisories/VMSA-2012-0015.html' ] ], diff --git a/modules/exploits/windows/browser/pcvue_func.rb b/modules/exploits/windows/browser/pcvue_func.rb index 676b4b8c3e..d4018ccb1e 100644 --- a/modules/exploits/windows/browser/pcvue_func.rb +++ b/modules/exploits/windows/browser/pcvue_func.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-4044' ], + [ 'OSVDB', '77561' ], [ 'BID', '49795' ], [ 'URL', 'http://aluigi.altervista.org/adv/pcvue_1-adv.txt' ] ], diff --git a/modules/exploits/windows/browser/persits_xupload_traversal.rb b/modules/exploits/windows/browser/persits_xupload_traversal.rb index 4f63c297fc..3d508ab03b 100644 --- a/modules/exploits/windows/browser/persits_xupload_traversal.rb +++ b/modules/exploits/windows/browser/persits_xupload_traversal.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3693'], + [ 'OSVDB', '60001'] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/browser/quickr_qp2_bof.rb b/modules/exploits/windows/browser/quickr_qp2_bof.rb index fbaf5423d2..af452faef1 100644 --- a/modules/exploits/windows/browser/quickr_qp2_bof.rb +++ b/modules/exploits/windows/browser/quickr_qp2_bof.rb @@ -46,6 +46,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-2176' ], + [ 'OSVDB', '82166' ], [ 'BID', '53678'], [ 'ZDI', '12-134' ], [ 'URL', 'http://www-01.ibm.com/support/docview.wss?uid=swg21596191' ] diff --git a/modules/exploits/windows/browser/real_arcade_installerdlg.rb b/modules/exploits/windows/browser/real_arcade_installerdlg.rb index 870202d5b8..f24cab863b 100644 --- a/modules/exploits/windows/browser/real_arcade_installerdlg.rb +++ b/modules/exploits/windows/browser/real_arcade_installerdlg.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '71559' ], [ 'EDB', '17105' ] ], 'Payload' => diff --git a/modules/exploits/windows/browser/realplayer_cdda_uri.rb b/modules/exploits/windows/browser/realplayer_cdda_uri.rb index 0e14156502..049dfae49f 100644 --- a/modules/exploits/windows/browser/realplayer_cdda_uri.rb +++ b/modules/exploits/windows/browser/realplayer_cdda_uri.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-3747' ], + [ 'OSVDB', '68673'], [ 'BID', '44144' ], [ 'ZDI', '10-210'], [ 'URL', 'http://service.real.com/realplayer/security/10152010_player/en/'] diff --git a/modules/exploits/windows/browser/realplayer_console.rb b/modules/exploits/windows/browser/realplayer_console.rb index 2828b75dc4..5e8066f7bb 100644 --- a/modules/exploits/windows/browser/realplayer_console.rb +++ b/modules/exploits/windows/browser/realplayer_console.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-1309' ], + [ 'OSVDB', '42946' ], [ 'BID', '28157' ], [ 'URL', 'http://secunia.com/advisories/29315/' ], ], diff --git a/modules/exploits/windows/browser/realplayer_import.rb b/modules/exploits/windows/browser/realplayer_import.rb index f360dd8adb..8af7086610 100644 --- a/modules/exploits/windows/browser/realplayer_import.rb +++ b/modules/exploits/windows/browser/realplayer_import.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5601' ], + [ 'OSVDB', '41430' ], [ 'BID', '26130' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/realplayer_qcp.rb b/modules/exploits/windows/browser/realplayer_qcp.rb index 66b7469376..5b81c4d16d 100644 --- a/modules/exploits/windows/browser/realplayer_qcp.rb +++ b/modules/exploits/windows/browser/realplayer_qcp.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-2950'], + ['OSVDB', '74549'], ['BID', '49172'], # ZDI advisory ['ZDI', '11-265'], diff --git a/modules/exploits/windows/browser/realplayer_smil.rb b/modules/exploits/windows/browser/realplayer_smil.rb index e001805de7..2523e574e7 100644 --- a/modules/exploits/windows/browser/realplayer_smil.rb +++ b/modules/exploits/windows/browser/realplayer_smil.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0455' ], + [ 'OSVDB', '14305'], [ 'BID', '12698' ], ], diff --git a/modules/exploits/windows/browser/roxio_cineplayer.rb b/modules/exploits/windows/browser/roxio_cineplayer.rb index 1e9fe6e3aa..262b0480b4 100644 --- a/modules/exploits/windows/browser/roxio_cineplayer.rb +++ b/modules/exploits/windows/browser/roxio_cineplayer.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-1559' ], + [ 'OSVDB', '34779' ], [ 'BID', '23412' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/safari_xslt_output.rb b/modules/exploits/windows/browser/safari_xslt_output.rb index 7e9c3574aa..2397e4d9f4 100644 --- a/modules/exploits/windows/browser/safari_xslt_output.rb +++ b/modules/exploits/windows/browser/safari_xslt_output.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-1774'], + ['OSVDB', '74017'], ['URL', 'http://lists.apple.com/archives/Security-announce/2011/Jul/msg00002.html'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/samsung_neti_wiewer_backuptoavi_bof.rb b/modules/exploits/windows/browser/samsung_neti_wiewer_backuptoavi_bof.rb index e73b7f9796..057ff83b3c 100644 --- a/modules/exploits/windows/browser/samsung_neti_wiewer_backuptoavi_bof.rb +++ b/modules/exploits/windows/browser/samsung_neti_wiewer_backuptoavi_bof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-4333' ], + [ 'OSVDB', '81453'], [ 'BID', '53193'], [ 'URL', 'http://aluigi.altervista.org/adv/netiware_1-adv.txt' ] ], diff --git a/modules/exploits/windows/browser/sapgui_saveviewtosessionfile.rb b/modules/exploits/windows/browser/sapgui_saveviewtosessionfile.rb index 07d104c31c..b53b4c019d 100644 --- a/modules/exploits/windows/browser/sapgui_saveviewtosessionfile.rb +++ b/modules/exploits/windows/browser/sapgui_saveviewtosessionfile.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-4475' ], + [ 'OSVDB', '53066' ], [ 'US-CERT-VU','985449' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/siemens_solid_edge_selistctrlx.rb b/modules/exploits/windows/browser/siemens_solid_edge_selistctrlx.rb index 9b2104f5d0..73ca64f4bd 100644 --- a/modules/exploits/windows/browser/siemens_solid_edge_selistctrlx.rb +++ b/modules/exploits/windows/browser/siemens_solid_edge_selistctrlx.rb @@ -42,6 +42,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '93696' ], [ 'EDB', '25712' ] ], 'Payload' => diff --git a/modules/exploits/windows/browser/softartisans_getdrivename.rb b/modules/exploits/windows/browser/softartisans_getdrivename.rb index 46416addbc..7649666ea1 100644 --- a/modules/exploits/windows/browser/softartisans_getdrivename.rb +++ b/modules/exploits/windows/browser/softartisans_getdrivename.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-1682' ], + [ 'OSVDB', '47794' ], [ 'US-CERT-VU', '914785' ], [ 'BID', '30826' ], ], diff --git a/modules/exploits/windows/browser/sonicwall_addrouteentry.rb b/modules/exploits/windows/browser/sonicwall_addrouteentry.rb index df408bfe65..6244740d46 100644 --- a/modules/exploits/windows/browser/sonicwall_addrouteentry.rb +++ b/modules/exploits/windows/browser/sonicwall_addrouteentry.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5603'], + [ 'OSVDB', '39069'], [ 'URL', 'http://www.sec-consult.com/303.html' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/symantec_altirisdeployment_downloadandinstall.rb b/modules/exploits/windows/browser/symantec_altirisdeployment_downloadandinstall.rb index 2dd2c4aa12..f35dcf5e4e 100644 --- a/modules/exploits/windows/browser/symantec_altirisdeployment_downloadandinstall.rb +++ b/modules/exploits/windows/browser/symantec_altirisdeployment_downloadandinstall.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'BID', '36346' ], [ 'CVE', '2009-3028' ], + [ 'OSVDB', '57893' ] ], 'Payload' => { diff --git a/modules/exploits/windows/browser/symantec_altirisdeployment_runcmd.rb b/modules/exploits/windows/browser/symantec_altirisdeployment_runcmd.rb index 2448759386..b76478f196 100644 --- a/modules/exploits/windows/browser/symantec_altirisdeployment_runcmd.rb +++ b/modules/exploits/windows/browser/symantec_altirisdeployment_runcmd.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2009-3033' ], [ 'BID', '37092' ], + [ 'OSVDB', '60496' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/browser/symantec_appstream_unsafe.rb b/modules/exploits/windows/browser/symantec_appstream_unsafe.rb index 795f352fe3..75d5bcdeb2 100644 --- a/modules/exploits/windows/browser/symantec_appstream_unsafe.rb +++ b/modules/exploits/windows/browser/symantec_appstream_unsafe.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-4388' ], + [ 'OSVDB', '51410' ], ], 'Payload' => { diff --git a/modules/exploits/windows/browser/symantec_backupexec_pvcalendar.rb b/modules/exploits/windows/browser/symantec_backupexec_pvcalendar.rb index 23b0a1e0e4..eb84ff49fe 100644 --- a/modules/exploits/windows/browser/symantec_backupexec_pvcalendar.rb +++ b/modules/exploits/windows/browser/symantec_backupexec_pvcalendar.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-6016' ], + [ 'OSVDB', '42358'], [ 'BID', '26904' ], [ 'URL', 'http://secunia.com/advisories/27885/' ], ], diff --git a/modules/exploits/windows/browser/symantec_consoleutilities_browseandsavefile.rb b/modules/exploits/windows/browser/symantec_consoleutilities_browseandsavefile.rb index 80aeafb389..6ab6a8ac97 100644 --- a/modules/exploits/windows/browser/symantec_consoleutilities_browseandsavefile.rb +++ b/modules/exploits/windows/browser/symantec_consoleutilities_browseandsavefile.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3031'], + [ 'OSVDB', '59597'], [ 'BID', '36698'], [ 'URL', 'http://sotiriu.de/adv/NSOADV-2009-001.txt' ], [ 'URL', 'http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091102_00' ], diff --git a/modules/exploits/windows/browser/synactis_connecttosynactis_bof.rb b/modules/exploits/windows/browser/synactis_connecttosynactis_bof.rb index 51dd7e35a6..f950ccbaac 100644 --- a/modules/exploits/windows/browser/synactis_connecttosynactis_bof.rb +++ b/modules/exploits/windows/browser/synactis_connecttosynactis_bof.rb @@ -49,6 +49,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '93754' ], [ 'EDB', '25835' ] ], 'Platform' => 'win', diff --git a/modules/exploits/windows/browser/systemrequirementslab_unsafe.rb b/modules/exploits/windows/browser/systemrequirementslab_unsafe.rb index 3181f81e01..90f780c73f 100644 --- a/modules/exploits/windows/browser/systemrequirementslab_unsafe.rb +++ b/modules/exploits/windows/browser/systemrequirementslab_unsafe.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-4385' ], + [ 'OSVDB', '50122' ], [ 'US-CERT-VU', '166651' ], ], 'Payload' => diff --git a/modules/exploits/windows/browser/teechart_pro.rb b/modules/exploits/windows/browser/teechart_pro.rb index 1a7f7fc74c..4540017403 100644 --- a/modules/exploits/windows/browser/teechart_pro.rb +++ b/modules/exploits/windows/browser/teechart_pro.rb @@ -46,6 +46,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ #[ 'CVE', '?' ], + [ 'OSVDB', '74446'], [ 'URL', 'http://www.stratsec.net/Research/Advisories/TeeChart-Professional-Integer-Overflow'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/tom_sawyer_tsgetx71ex552.rb b/modules/exploits/windows/browser/tom_sawyer_tsgetx71ex552.rb index 0b7065539d..4544396f52 100644 --- a/modules/exploits/windows/browser/tom_sawyer_tsgetx71ex552.rb +++ b/modules/exploits/windows/browser/tom_sawyer_tsgetx71ex552.rb @@ -48,6 +48,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-2217' ], + [ 'OSVDB', '73211' ], [ 'BID', '48099' ], [ 'URL', 'http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=911' ] ], diff --git a/modules/exploits/windows/browser/trendmicro_extsetowner.rb b/modules/exploits/windows/browser/trendmicro_extsetowner.rb index b0bb8a689c..27990a4b47 100644 --- a/modules/exploits/windows/browser/trendmicro_extsetowner.rb +++ b/modules/exploits/windows/browser/trendmicro_extsetowner.rb @@ -21,6 +21,7 @@ # # References: # - CVE-2010-3189 +# - OSVDB 67561 # - http://www.zerodayinitiative.com/advisories/ZDI-10-165/ - Original advisory by Andrea Micalizzi aka rgod via Zero Day Initiative # - http://www.exploit-db.com/exploits/14878/ - MOAUB #03 exploit # - http://www.exploit-db.com/trend-micro-internet-security-pro-2010-activex-extsetowner-remote-code-execution/ - MOAUB #03 binary analysis @@ -51,6 +52,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-3189' ], + [ 'OSVDB', '67561'], [ 'ZDI', '10-165' ], # Andrea Micalizzi aka rgod via Zero Day Initiative [ 'EDB', '14878' ], # MOAUB #03 ], diff --git a/modules/exploits/windows/browser/trendmicro_officescan.rb b/modules/exploits/windows/browser/trendmicro_officescan.rb index 7f035d128b..ad5a5c58d1 100644 --- a/modules/exploits/windows/browser/trendmicro_officescan.rb +++ b/modules/exploits/windows/browser/trendmicro_officescan.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-0325' ], + [ 'OSVDB', '33040' ], [ 'BID', '22585' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/tumbleweed_filetransfer.rb b/modules/exploits/windows/browser/tumbleweed_filetransfer.rb index e04033c164..def0203920 100644 --- a/modules/exploits/windows/browser/tumbleweed_filetransfer.rb +++ b/modules/exploits/windows/browser/tumbleweed_filetransfer.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-1724' ], + [ 'OSVDB', '44252' ], [ 'URL', 'http://www.aushack.com/200708-tumbleweed.txt' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/ubisoft_uplay_cmd_exec.rb b/modules/exploits/windows/browser/ubisoft_uplay_cmd_exec.rb index 1df077f3f4..8d4387ffd8 100644 --- a/modules/exploits/windows/browser/ubisoft_uplay_cmd_exec.rb +++ b/modules/exploits/windows/browser/ubisoft_uplay_cmd_exec.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-4177' ], + [ 'OSVDB', '84402'], [ 'URL', 'http://seclists.org/fulldisclosure/2012/Jul/375'], [ 'URL', 'http://forums.ubi.com/showthread.php/699940-Uplay-PC-Patch-2-0-4-Security-fix' ] ], diff --git a/modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb b/modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb index 1173239b1b..3f80edb8c0 100644 --- a/modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb +++ b/modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-4876' ], + [ 'OSVDB', '80661' ], [ 'EDB', '18675' ] ], 'Payload' => diff --git a/modules/exploits/windows/browser/ultraoffice_httpupload.rb b/modules/exploits/windows/browser/ultraoffice_httpupload.rb index e9702c66fa..d7edd41d46 100644 --- a/modules/exploits/windows/browser/ultraoffice_httpupload.rb +++ b/modules/exploits/windows/browser/ultraoffice_httpupload.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-3878' ], + [ 'OSVDB', '47866' ], [ 'BID', '30861' ], [ 'EDB', '6318' ] ], diff --git a/modules/exploits/windows/browser/verypdf_pdfview.rb b/modules/exploits/windows/browser/verypdf_pdfview.rb index 86ffc1c1be..a3fc6e77cf 100644 --- a/modules/exploits/windows/browser/verypdf_pdfview.rb +++ b/modules/exploits/windows/browser/verypdf_pdfview.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-5492'], + [ 'OSVDB', '49871'], [ 'BID','32313' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/viscom_movieplayer_drawtext.rb b/modules/exploits/windows/browser/viscom_movieplayer_drawtext.rb index 848585cbf3..aafaccaa1b 100644 --- a/modules/exploits/windows/browser/viscom_movieplayer_drawtext.rb +++ b/modules/exploits/windows/browser/viscom_movieplayer_drawtext.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0356' ], + [ 'OSVDB', '61634' ], [ 'EDB', '12320' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/vlc_amv.rb b/modules/exploits/windows/browser/vlc_amv.rb index 1ab00a2867..e414e6fa6f 100644 --- a/modules/exploits/windows/browser/vlc_amv.rb +++ b/modules/exploits/windows/browser/vlc_amv.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2010-3275'], + ['OSVDB', '71277'], ['URL', 'http://www.coresecurity.com/content/vlc-vulnerabilities-amv-nsv-files'], # Fix commit diff ['URL', 'http://git.videolan.org/?p=vlc/vlc-1.1.git;a=commitdiff;h=fe44129dc6509b3347113ab0e1a0524af1e0dd11'] diff --git a/modules/exploits/windows/browser/vlc_mms_bof.rb b/modules/exploits/windows/browser/vlc_mms_bof.rb index 7791465fcf..2e33ace44f 100644 --- a/modules/exploits/windows/browser/vlc_mms_bof.rb +++ b/modules/exploits/windows/browser/vlc_mms_bof.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-1775'], + ['OSVDB', '80188'], ['URL', 'http://www.videolan.org/security/sa1201.html'], # Fix commit diff ['URL', 'http://git.videolan.org/?p=vlc/vlc-2.0.git;a=commit;h=11a95cce96fffdbaba1be6034d7b42721667821c'] diff --git a/modules/exploits/windows/browser/webex_ucf_newobject.rb b/modules/exploits/windows/browser/webex_ucf_newobject.rb index 9b204021b4..6e337c99a7 100644 --- a/modules/exploits/windows/browser/webex_ucf_newobject.rb +++ b/modules/exploits/windows/browser/webex_ucf_newobject.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-3558' ], + [ 'OSVDB', '47344' ], [ 'BID', '30578' ], [ 'EDB', '6220' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=849' ], diff --git a/modules/exploits/windows/browser/wellintech_kingscada_kxclientdownload.rb b/modules/exploits/windows/browser/wellintech_kingscada_kxclientdownload.rb index c38036eef0..ea7cda3260 100644 --- a/modules/exploits/windows/browser/wellintech_kingscada_kxclientdownload.rb +++ b/modules/exploits/windows/browser/wellintech_kingscada_kxclientdownload.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2013-2827'], + ['OSVDB', '102135'], ['BID', '64941'], ['ZDI', '14-011'], ['URL', 'http://ics-cert.us-cert.gov/advisories/ICSA-13-344-01'] diff --git a/modules/exploits/windows/browser/winamp_playlist_unc.rb b/modules/exploits/windows/browser/winamp_playlist_unc.rb index fb1f0c9ff7..865b6b05f8 100644 --- a/modules/exploits/windows/browser/winamp_playlist_unc.rb +++ b/modules/exploits/windows/browser/winamp_playlist_unc.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-0476'], + ['OSVDB', '22789'], ['BID', '16410'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/winamp_ultravox.rb b/modules/exploits/windows/browser/winamp_ultravox.rb index cb73c43f68..ffd09d661d 100644 --- a/modules/exploits/windows/browser/winamp_ultravox.rb +++ b/modules/exploits/windows/browser/winamp_ultravox.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-0065' ], + [ 'OSVDB', '41707' ], [ 'BID', '27344' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/windvd7_applicationtype.rb b/modules/exploits/windows/browser/windvd7_applicationtype.rb index 7e727ab887..362458f78b 100644 --- a/modules/exploits/windows/browser/windvd7_applicationtype.rb +++ b/modules/exploits/windows/browser/windvd7_applicationtype.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-0348' ], + [ 'OSVDB', '34315' ], [ 'BID', '23071' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/winzip_fileview.rb b/modules/exploits/windows/browser/winzip_fileview.rb index 8e3ab1e2fc..9ceeca87a3 100644 --- a/modules/exploits/windows/browser/winzip_fileview.rb +++ b/modules/exploits/windows/browser/winzip_fileview.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE','2006-5198' ], + [ 'OSVDB', '30433' ], [ 'BID','21060' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/browser/wmi_admintools.rb b/modules/exploits/windows/browser/wmi_admintools.rb index a2caedbd73..e73dab9d78 100644 --- a/modules/exploits/windows/browser/wmi_admintools.rb +++ b/modules/exploits/windows/browser/wmi_admintools.rb @@ -42,6 +42,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'WooYun', 'MC', 'jduck' ], 'References' => [ + [ 'OSVDB', '69942'], [ 'CVE', '2010-3973' ], [ 'BID', '45546' ], [ 'URL', 'http://wooyun.org/bug.php?action=view&id=1006' ], diff --git a/modules/exploits/windows/browser/xmplay_asx.rb b/modules/exploits/windows/browser/xmplay_asx.rb index 85dd3416e6..151f2e87c7 100644 --- a/modules/exploits/windows/browser/xmplay_asx.rb +++ b/modules/exploits/windows/browser/xmplay_asx.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-6063'], + [ 'OSVDB', '30537'], [ 'BID', '21206'], [ 'URL', 'http://secunia.com/advisories/22999/' ], ], diff --git a/modules/exploits/windows/browser/yahoomessenger_fvcom.rb b/modules/exploits/windows/browser/yahoomessenger_fvcom.rb index 1f4edc1e4a..64fa89bcaa 100644 --- a/modules/exploits/windows/browser/yahoomessenger_fvcom.rb +++ b/modules/exploits/windows/browser/yahoomessenger_fvcom.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-4515' ], + [ 'OSVDB', '37739' ], [ 'BID', '25494' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=591' ], ], diff --git a/modules/exploits/windows/browser/yahoomessenger_server.rb b/modules/exploits/windows/browser/yahoomessenger_server.rb index 902d1f49a8..b50153df05 100644 --- a/modules/exploits/windows/browser/yahoomessenger_server.rb +++ b/modules/exploits/windows/browser/yahoomessenger_server.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-3147' ], + [ 'OSVDB', '37082' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/browser/zenturiprogramchecker_unsafe.rb b/modules/exploits/windows/browser/zenturiprogramchecker_unsafe.rb index d94d694d27..c337ced797 100644 --- a/modules/exploits/windows/browser/zenturiprogramchecker_unsafe.rb +++ b/modules/exploits/windows/browser/zenturiprogramchecker_unsafe.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-2987' ], + [ 'OSVDB', '36715' ], [ 'BID', '24217' ], ], 'Payload' => diff --git a/modules/exploits/windows/browser/zenworks_helplauncher_exec.rb b/modules/exploits/windows/browser/zenworks_helplauncher_exec.rb index 4a0f62fd60..3a30a85b77 100644 --- a/modules/exploits/windows/browser/zenworks_helplauncher_exec.rb +++ b/modules/exploits/windows/browser/zenworks_helplauncher_exec.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-2657' ], + [ 'OSVDB', '76700'], [ 'BID', '50274' ], [ 'ZDI', '11-318' ], [ 'URL', 'http://www.novell.com/support/viewContent.do?externalId=7009570&sliceId=1' ], diff --git a/modules/exploits/windows/dcerpc/ms03_026_dcom.rb b/modules/exploits/windows/dcerpc/ms03_026_dcom.rb index 20f73bf4d9..6f70408261 100644 --- a/modules/exploits/windows/dcerpc/ms03_026_dcom.rb +++ b/modules/exploits/windows/dcerpc/ms03_026_dcom.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0352' ], + [ 'OSVDB', '2100' ], [ 'MSB', 'MS03-026' ], [ 'BID', '8205' ], ], diff --git a/modules/exploits/windows/dcerpc/ms05_017_msmq.rb b/modules/exploits/windows/dcerpc/ms05_017_msmq.rb index 10de8529b8..b2850c5420 100644 --- a/modules/exploits/windows/dcerpc/ms05_017_msmq.rb +++ b/modules/exploits/windows/dcerpc/ms05_017_msmq.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0059'], + [ 'OSVDB', '15458'], [ 'MSB', 'MS05-017'], [ 'BID', '13112'], ], diff --git a/modules/exploits/windows/dcerpc/ms07_029_msdns_zonename.rb b/modules/exploits/windows/dcerpc/ms07_029_msdns_zonename.rb index ec0fffcd42..2cd0def19c 100644 --- a/modules/exploits/windows/dcerpc/ms07_029_msdns_zonename.rb +++ b/modules/exploits/windows/dcerpc/ms07_029_msdns_zonename.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-1748'], + ['OSVDB', '34100'], ['MSB', 'MS07-029'], ['URL', 'http://www.microsoft.com/technet/security/advisory/935964.mspx'] ], diff --git a/modules/exploits/windows/dcerpc/ms07_065_msmq.rb b/modules/exploits/windows/dcerpc/ms07_065_msmq.rb index 85e9158a97..a6ec6d8d85 100644 --- a/modules/exploits/windows/dcerpc/ms07_065_msmq.rb +++ b/modules/exploits/windows/dcerpc/ms07_065_msmq.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-3039'], + [ 'OSVDB', '39123'], [ 'MSB', 'MS07-065'], ], 'Privileged' => true, diff --git a/modules/exploits/windows/email/ms07_017_ani_loadimage_chunksize.rb b/modules/exploits/windows/email/ms07_017_ani_loadimage_chunksize.rb index 2e3e2e2e55..2af7cccba2 100644 --- a/modules/exploits/windows/email/ms07_017_ani_loadimage_chunksize.rb +++ b/modules/exploits/windows/email/ms07_017_ani_loadimage_chunksize.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote ['MSB', 'MS07-017'], ['CVE', '2007-0038'], ['CVE', '2007-1765'], + ['OSVDB', '33629'], ['BID', '23194'], ['URL', 'http://www.microsoft.com/technet/security/advisory/935423.mspx'] ], diff --git a/modules/exploits/windows/email/ms10_045_outlook_ref_only.rb b/modules/exploits/windows/email/ms10_045_outlook_ref_only.rb index 51507e723f..8fe0d02d1d 100644 --- a/modules/exploits/windows/email/ms10_045_outlook_ref_only.rb +++ b/modules/exploits/windows/email/ms10_045_outlook_ref_only.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['MSB', 'MS10-045'], ['CVE', '2010-0266'], + ['OSVDB', '66296'], ['BID', '41446'], ['URL', 'http://www.akitasecurity.nl/advisory.php?id=AK20091001'], ], diff --git a/modules/exploits/windows/email/ms10_045_outlook_ref_resolve.rb b/modules/exploits/windows/email/ms10_045_outlook_ref_resolve.rb index 156af56c4b..de613c1c99 100644 --- a/modules/exploits/windows/email/ms10_045_outlook_ref_resolve.rb +++ b/modules/exploits/windows/email/ms10_045_outlook_ref_resolve.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['MSB', 'MS10-045'], ['CVE', '2010-0266'], + ['OSVDB', '66296'], ['BID', '41446'], ['URL', 'http://www.akitasecurity.nl/advisory.php?id=AK20091001'], ], diff --git a/modules/exploits/windows/emc/alphastor_agent.rb b/modules/exploits/windows/emc/alphastor_agent.rb index c18df7f7eb..7839770d97 100644 --- a/modules/exploits/windows/emc/alphastor_agent.rb +++ b/modules/exploits/windows/emc/alphastor_agent.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-2158' ], + [ 'OSVDB', '45714' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=702' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/emc/networker_format_string.rb b/modules/exploits/windows/emc/networker_format_string.rb index 408a9e73a2..8c96c8ebe2 100644 --- a/modules/exploits/windows/emc/networker_format_string.rb +++ b/modules/exploits/windows/emc/networker_format_string.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-2288' ], + [ 'OSVDB', '85116' ], [ 'BID', '55330' ], [ 'URL', 'http://aluigi.altervista.org/misc/aluigi0216_story.txt' ] ], diff --git a/modules/exploits/windows/emc/replication_manager_exec.rb b/modules/exploits/windows/emc/replication_manager_exec.rb index a58db12aa8..a75d439009 100644 --- a/modules/exploits/windows/emc/replication_manager_exec.rb +++ b/modules/exploits/windows/emc/replication_manager_exec.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-0647' ], + [ 'OSVDB', '70853' ], [ 'BID', '46235' ], [ 'URL', 'http://www.securityfocus.com/archive/1/516260' ], [ 'ZDI', '11-061' ] diff --git a/modules/exploits/windows/fileformat/a_pdf_wav_to_mp3.rb b/modules/exploits/windows/fileformat/a_pdf_wav_to_mp3.rb index 35e33c4926..3adf2f2f65 100644 --- a/modules/exploits/windows/fileformat/a_pdf_wav_to_mp3.rb +++ b/modules/exploits/windows/fileformat/a_pdf_wav_to_mp3.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '67241' ], [ 'EDB', '14676' ], [ 'EDB', '14681' ] ], diff --git a/modules/exploits/windows/fileformat/abbs_amp_lst.rb b/modules/exploits/windows/fileformat/abbs_amp_lst.rb index 8b17ec86ed..3b4ad817a3 100644 --- a/modules/exploits/windows/fileformat/abbs_amp_lst.rb +++ b/modules/exploits/windows/fileformat/abbs_amp_lst.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '75096' ], [ 'EDB', '25204' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/acdsee_fotoslate_string.rb b/modules/exploits/windows/fileformat/acdsee_fotoslate_string.rb index 803a29ad53..8fb6d3e430 100644 --- a/modules/exploits/windows/fileformat/acdsee_fotoslate_string.rb +++ b/modules/exploits/windows/fileformat/acdsee_fotoslate_string.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-2595' ], + [ 'OSVDB', '75425' ], [ 'BID', '49558' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/acdsee_xpm.rb b/modules/exploits/windows/fileformat/acdsee_xpm.rb index 26ac2a6ea6..e9df444bb5 100644 --- a/modules/exploits/windows/fileformat/acdsee_xpm.rb +++ b/modules/exploits/windows/fileformat/acdsee_xpm.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-2193' ], + [ 'OSVDB', '35236' ], [ 'BID', '23620' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/actfax_import_users_bof.rb b/modules/exploits/windows/fileformat/actfax_import_users_bof.rb index 8465b8935f..7e7812e50e 100644 --- a/modules/exploits/windows/fileformat/actfax_import_users_bof.rb +++ b/modules/exploits/windows/fileformat/actfax_import_users_bof.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '85175' ], [ 'EDB', '20915' ], [ 'URL', 'http://www.pwnag3.com/2012/08/actfax-local-privilege-escalation.html' ] ], diff --git a/modules/exploits/windows/fileformat/activepdf_webgrabber.rb b/modules/exploits/windows/fileformat/activepdf_webgrabber.rb index 63f9a7fc56..7c625798f0 100644 --- a/modules/exploits/windows/fileformat/activepdf_webgrabber.rb +++ b/modules/exploits/windows/fileformat/activepdf_webgrabber.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'MC' ], 'References' => [ + [ 'OSVDB', '64579'], [ 'URL', 'http://www.activepdf.com/products/serverproducts/webgrabber/' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/adobe_collectemailinfo.rb b/modules/exploits/windows/fileformat/adobe_collectemailinfo.rb index cbb4e1e38b..8e05a4b086 100644 --- a/modules/exploits/windows/fileformat/adobe_collectemailinfo.rb +++ b/modules/exploits/windows/fileformat/adobe_collectemailinfo.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5659' ], + [ 'OSVDB', '41495' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/fileformat/adobe_cooltype_sing.rb b/modules/exploits/windows/fileformat/adobe_cooltype_sing.rb index b61e45cacf..b552117821 100644 --- a/modules/exploits/windows/fileformat/adobe_cooltype_sing.rb +++ b/modules/exploits/windows/fileformat/adobe_cooltype_sing.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-2883' ], + [ 'OSVDB', '67849'], [ 'URL', 'http://contagiodump.blogspot.com/2010/09/cve-david-leadbetters-one-point-lesson.html' ], [ 'URL', 'http://www.adobe.com/support/security/advisories/apsa10-02.html' ] ], diff --git a/modules/exploits/windows/fileformat/adobe_flashplayer_button.rb b/modules/exploits/windows/fileformat/adobe_flashplayer_button.rb index a3c294ea5d..6bc77221ec 100644 --- a/modules/exploits/windows/fileformat/adobe_flashplayer_button.rb +++ b/modules/exploits/windows/fileformat/adobe_flashplayer_button.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2010-3654'], + ['OSVDB', '68932'], ['BID', '44504'], ['URL', 'http://www.adobe.com/support/security/advisories/apsa10-05.html'], ['URL', 'http://blog.fortinet.com/fuzz-my-life-flash-player-zero-day-vulnerability-cve-2010-3654/'], #PoC diff --git a/modules/exploits/windows/fileformat/adobe_flashplayer_newfunction.rb b/modules/exploits/windows/fileformat/adobe_flashplayer_newfunction.rb index faf0227375..5e519cd03f 100644 --- a/modules/exploits/windows/fileformat/adobe_flashplayer_newfunction.rb +++ b/modules/exploits/windows/fileformat/adobe_flashplayer_newfunction.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2010-1297'], + ['OSVDB', '65141'], ['BID', '40586'], ['URL', 'http://www.adobe.com/support/security/advisories/apsa10-01.html'], # For SWF->PDF embedding diff --git a/modules/exploits/windows/fileformat/adobe_flatedecode_predictor02.rb b/modules/exploits/windows/fileformat/adobe_flatedecode_predictor02.rb index f34b2d92bd..0ad971fa75 100644 --- a/modules/exploits/windows/fileformat/adobe_flatedecode_predictor02.rb +++ b/modules/exploits/windows/fileformat/adobe_flatedecode_predictor02.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2009-3459' ], [ 'BID', '36600' ], + [ 'OSVDB', '58729' ], [ 'URL', 'http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb09-15.html' ] ], diff --git a/modules/exploits/windows/fileformat/adobe_geticon.rb b/modules/exploits/windows/fileformat/adobe_geticon.rb index 5b31792a1c..cb4a602a6f 100644 --- a/modules/exploits/windows/fileformat/adobe_geticon.rb +++ b/modules/exploits/windows/fileformat/adobe_geticon.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-0927' ], + [ 'OSVDB', '53647' ], [ 'ZDI', '09-014' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/adobe_illustrator_v14_eps.rb b/modules/exploits/windows/fileformat/adobe_illustrator_v14_eps.rb index d8d587902e..0f7e4e0a76 100644 --- a/modules/exploits/windows/fileformat/adobe_illustrator_v14_eps.rb +++ b/modules/exploits/windows/fileformat/adobe_illustrator_v14_eps.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2009-4195' ], [ 'BID', '37192' ], + [ 'OSVDB', '60632' ], [ 'EDB', '10281' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/adobe_jbig2decode.rb b/modules/exploits/windows/fileformat/adobe_jbig2decode.rb index 034fa8d31f..9cd953b2de 100644 --- a/modules/exploits/windows/fileformat/adobe_jbig2decode.rb +++ b/modules/exploits/windows/fileformat/adobe_jbig2decode.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE' , '2009-0658' ], + [ 'OSVDB', '52073' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/fileformat/adobe_libtiff.rb b/modules/exploits/windows/fileformat/adobe_libtiff.rb index fc47e81a76..d7a76340f7 100644 --- a/modules/exploits/windows/fileformat/adobe_libtiff.rb +++ b/modules/exploits/windows/fileformat/adobe_libtiff.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2010-0188' ], [ 'BID', '38195' ], + [ 'OSVDB', '62526' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb10-07.html' ], [ 'URL', 'http://secunia.com/blog/76/' ], [ 'URL', 'http://bugix-security.blogspot.com/2010/03/adobe-pdf-libtiff-working-exploitcve.html' ] diff --git a/modules/exploits/windows/fileformat/adobe_media_newplayer.rb b/modules/exploits/windows/fileformat/adobe_media_newplayer.rb index f200258447..c11e6b9043 100644 --- a/modules/exploits/windows/fileformat/adobe_media_newplayer.rb +++ b/modules/exploits/windows/fileformat/adobe_media_newplayer.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2009-4324' ], [ 'BID', '37331' ], + [ 'OSVDB', '60980' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe.rb b/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe.rb index a625c37fec..30aa1cec60 100644 --- a/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe.rb +++ b/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1240' ], + [ 'OSVDB', '63667' ], [ 'URL', 'http://blog.didierstevens.com/2010/04/06/update-escape-from-pdf/' ], [ 'URL', 'http://blog.didierstevens.com/2010/03/31/escape-from-foxit-reader/' ], [ 'URL', 'http://blog.didierstevens.com/2010/03/29/escape-from-pdf/' ], diff --git a/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe_nojs.rb b/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe_nojs.rb index da5713a8b2..369443f74e 100644 --- a/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe_nojs.rb +++ b/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe_nojs.rb @@ -39,6 +39,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1240' ], + [ 'OSVDB', '63667' ], [ 'URL', 'http://blog.didierstevens.com/2010/04/06/update-escape-from-pdf/' ], [ 'URL', 'http://blog.didierstevens.com/2010/03/31/escape-from-foxit-reader/' ], [ 'URL', 'http://blog.didierstevens.com/2010/03/29/escape-from-pdf/' ], diff --git a/modules/exploits/windows/fileformat/adobe_reader_u3d.rb b/modules/exploits/windows/fileformat/adobe_reader_u3d.rb index 2373270a6a..bcb30ff04d 100644 --- a/modules/exploits/windows/fileformat/adobe_reader_u3d.rb +++ b/modules/exploits/windows/fileformat/adobe_reader_u3d.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-2462' ], + [ 'OSVDB', '77529' ], [ 'BID', '50922' ], [ 'URL', 'http://www.adobe.com/support/security/advisories/apsa11-04.html' ], [ 'URL', 'http://blog.9bplus.com/analyzing-cve-2011-2462' ], diff --git a/modules/exploits/windows/fileformat/adobe_toolbutton.rb b/modules/exploits/windows/fileformat/adobe_toolbutton.rb index 385deeb6bc..0a3e8b3a95 100644 --- a/modules/exploits/windows/fileformat/adobe_toolbutton.rb +++ b/modules/exploits/windows/fileformat/adobe_toolbutton.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-3346' ], + [ 'OSVDB', '96745' ], [ 'ZDI', '13-212' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb13-15.html' ], [ 'URL', 'http://www.fireeye.com/blog/technical/cyber-exploits/2013/11/ms-windows-local-privilege-escalation-zero-day-in-the-wild.html' ] diff --git a/modules/exploits/windows/fileformat/adobe_u3d_meshdecl.rb b/modules/exploits/windows/fileformat/adobe_u3d_meshdecl.rb index 995802e9d3..265eb15565 100644 --- a/modules/exploits/windows/fileformat/adobe_u3d_meshdecl.rb +++ b/modules/exploits/windows/fileformat/adobe_u3d_meshdecl.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3953' ], + [ 'OSVDB', '61690' ], [ 'URL', 'http://www.adobe.com/support/security/bulletins/apsb10-02.html' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/adobe_utilprintf.rb b/modules/exploits/windows/fileformat/adobe_utilprintf.rb index 7fed5c0402..307fefe4e6 100644 --- a/modules/exploits/windows/fileformat/adobe_utilprintf.rb +++ b/modules/exploits/windows/fileformat/adobe_utilprintf.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-2992' ], + [ 'OSVDB', '49520' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/fileformat/allplayer_m3u_bof.rb b/modules/exploits/windows/fileformat/allplayer_m3u_bof.rb index 04d2742478..9321d5dbc4 100644 --- a/modules/exploits/windows/fileformat/allplayer_m3u_bof.rb +++ b/modules/exploits/windows/fileformat/allplayer_m3u_bof.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote [ 'EDB', '29549' ], [ 'EDB', '29798' ], [ 'EDB', '32041' ], + [ 'OSVDB', '98283' ], [ 'URL', 'http://www.allplayer.org/' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/altap_salamander_pdb.rb b/modules/exploits/windows/fileformat/altap_salamander_pdb.rb index 0d84c346c7..0862629e6e 100644 --- a/modules/exploits/windows/fileformat/altap_salamander_pdb.rb +++ b/modules/exploits/windows/fileformat/altap_salamander_pdb.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2007-3314' ], [ 'BID', '24557' ], + [ 'OSVDB', '37579' ], [ 'URL', 'http://vuln.sg/salamander25-en.html' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/aol_desktop_linktag.rb b/modules/exploits/windows/fileformat/aol_desktop_linktag.rb index 25a12be2a4..b64b1dba03 100644 --- a/modules/exploits/windows/fileformat/aol_desktop_linktag.rb +++ b/modules/exploits/windows/fileformat/aol_desktop_linktag.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '70741'], [ 'EDB', '16085' ], ], 'Payload' => diff --git a/modules/exploits/windows/fileformat/aol_phobos_bof.rb b/modules/exploits/windows/fileformat/aol_phobos_bof.rb index 37dedc4bd4..fd2dddf5f8 100644 --- a/modules/exploits/windows/fileformat/aol_phobos_bof.rb +++ b/modules/exploits/windows/fileformat/aol_phobos_bof.rb @@ -51,6 +51,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '61964'], [ 'EDB', '11204' ], [ 'URL', 'http://www.rec-sec.com/2010/01/25/aol-playlist-class-buffer-overflow/' ], ], diff --git a/modules/exploits/windows/fileformat/apple_quicktime_pnsize.rb b/modules/exploits/windows/fileformat/apple_quicktime_pnsize.rb index bc1c8f05d9..e656115c4d 100644 --- a/modules/exploits/windows/fileformat/apple_quicktime_pnsize.rb +++ b/modules/exploits/windows/fileformat/apple_quicktime_pnsize.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-0257' ], + [ 'OSVDB', '74687' ], [ 'EDB', '17777' ], [ 'BID', '49144' ] ], diff --git a/modules/exploits/windows/fileformat/apple_quicktime_rdrf.rb b/modules/exploits/windows/fileformat/apple_quicktime_rdrf.rb index 1dc008ca2d..f52c94d008 100644 --- a/modules/exploits/windows/fileformat/apple_quicktime_rdrf.rb +++ b/modules/exploits/windows/fileformat/apple_quicktime_rdrf.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-1017' ], + [ 'OSVDB', '93625' ], [ 'BID', '60097' ], [ 'URL', 'http://support.apple.com/kb/HT5770' ], [ 'ZDI', '13-110' ] diff --git a/modules/exploits/windows/fileformat/apple_quicktime_texml.rb b/modules/exploits/windows/fileformat/apple_quicktime_texml.rb index 57ae0c3674..f8f8cb9c45 100644 --- a/modules/exploits/windows/fileformat/apple_quicktime_texml.rb +++ b/modules/exploits/windows/fileformat/apple_quicktime_texml.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '81934' ], [ 'CVE', '2012-0663' ], [ 'BID', '53571' ], [ 'ZDI', '12-107' ], diff --git a/modules/exploits/windows/fileformat/audio_coder_m3u.rb b/modules/exploits/windows/fileformat/audio_coder_m3u.rb index d56430319a..b46808db8f 100644 --- a/modules/exploits/windows/fileformat/audio_coder_m3u.rb +++ b/modules/exploits/windows/fileformat/audio_coder_m3u.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '92939' ], [ 'EDB', '25141' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/audio_wkstn_pls.rb b/modules/exploits/windows/fileformat/audio_wkstn_pls.rb index 1c86916cb0..74d8300822 100644 --- a/modules/exploits/windows/fileformat/audio_wkstn_pls.rb +++ b/modules/exploits/windows/fileformat/audio_wkstn_pls.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-0476' ], + [ 'OSVDB', '55424' ], [ 'EDB', '10353' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/audiotran_pls.rb b/modules/exploits/windows/fileformat/audiotran_pls.rb index a5cf39fc7a..43aa6646dc 100644 --- a/modules/exploits/windows/fileformat/audiotran_pls.rb +++ b/modules/exploits/windows/fileformat/audiotran_pls.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-0476'], + [ 'OSVDB', '55424'], [ 'EDB', '11079' ], ], 'Payload' => diff --git a/modules/exploits/windows/fileformat/aviosoft_plf_buf.rb b/modules/exploits/windows/fileformat/aviosoft_plf_buf.rb index cf7aa6f115..41f0c09caa 100644 --- a/modules/exploits/windows/fileformat/aviosoft_plf_buf.rb +++ b/modules/exploits/windows/fileformat/aviosoft_plf_buf.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '77043'], ['EDB', '18096'], ], 'Payload' => diff --git a/modules/exploits/windows/fileformat/bacnet_csv.rb b/modules/exploits/windows/fileformat/bacnet_csv.rb index fa7f60b58c..35d8e5431d 100644 --- a/modules/exploits/windows/fileformat/bacnet_csv.rb +++ b/modules/exploits/windows/fileformat/bacnet_csv.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'Jeremy Brown', 'MC' ], 'References' => [ + [ 'OSVDB', '68096'], [ 'BID', '43289' ], [ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-10-264-01.pdf' ], ], diff --git a/modules/exploits/windows/fileformat/beetel_netconfig_ini_bof.rb b/modules/exploits/windows/fileformat/beetel_netconfig_ini_bof.rb index 3889008f73..27865cb896 100644 --- a/modules/exploits/windows/fileformat/beetel_netconfig_ini_bof.rb +++ b/modules/exploits/windows/fileformat/beetel_netconfig_ini_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit ], 'References' => [ + [ "OSVDB", "98714" ], [ "EDB", "28969" ] ], 'Payload' => diff --git a/modules/exploits/windows/fileformat/blazedvd_hdtv_bof.rb b/modules/exploits/windows/fileformat/blazedvd_hdtv_bof.rb index 797b6f847f..44b52c9745 100644 --- a/modules/exploits/windows/fileformat/blazedvd_hdtv_bof.rb +++ b/modules/exploits/windows/fileformat/blazedvd_hdtv_bof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '80896'], ['EDB', '18693'], ['EDB', '22931'] ], diff --git a/modules/exploits/windows/fileformat/blazedvd_plf.rb b/modules/exploits/windows/fileformat/blazedvd_plf.rb index 657bb06e7e..1496c6bb45 100644 --- a/modules/exploits/windows/fileformat/blazedvd_plf.rb +++ b/modules/exploits/windows/fileformat/blazedvd_plf.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE' , '2006-6199' ], [ 'EDB', '32737' ], + [ 'OSVDB', '30770' ], [ 'BID', '35918' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/bpftp_client_bps_bof.rb b/modules/exploits/windows/fileformat/bpftp_client_bps_bof.rb index e0ee6d0d99..4d501e88fc 100644 --- a/modules/exploits/windows/fileformat/bpftp_client_bps_bof.rb +++ b/modules/exploits/windows/fileformat/bpftp_client_bps_bof.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote [ 'EDB', '34162' ], [ 'EDB', '34540' ], [ 'EDB', '35449' ], + [ 'OSVDB', '109547' ], [ 'CVE', '2014-2973' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/bsplayer_m3u.rb b/modules/exploits/windows/fileformat/bsplayer_m3u.rb index 1e859ef09b..a651c57417 100644 --- a/modules/exploits/windows/fileformat/bsplayer_m3u.rb +++ b/modules/exploits/windows/fileformat/bsplayer_m3u.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '82528' ], [ 'EDB', '15934' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/ca_cab.rb b/modules/exploits/windows/fileformat/ca_cab.rb index 7b210f320b..9fd6e8977a 100644 --- a/modules/exploits/windows/fileformat/ca_cab.rb +++ b/modules/exploits/windows/fileformat/ca_cab.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-2864' ], + [ 'OSVDB', '35245'], [ 'BID', '24330' ], [ 'ZDI', '07-035' ], ], diff --git a/modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb b/modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb index 1fc3b1f299..7b13a94448 100644 --- a/modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb +++ b/modules/exploits/windows/fileformat/cain_abel_4918_rdp.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-5405' ], + [ 'OSVDB', '50342' ], [ 'EDB', '7329' ], [ 'BID', '32543' ] ], diff --git a/modules/exploits/windows/fileformat/ccmplayer_m3u_bof.rb b/modules/exploits/windows/fileformat/ccmplayer_m3u_bof.rb index 52b4149263..23a4802477 100644 --- a/modules/exploits/windows/fileformat/ccmplayer_m3u_bof.rb +++ b/modules/exploits/windows/fileformat/ccmplayer_m3u_bof.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => ['Rh0'], # discovery and metasploit module 'References' => [ + ['OSVDB', '77453'], ['EDB', '18178'] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/chasys_draw_ies_bmp_bof.rb b/modules/exploits/windows/fileformat/chasys_draw_ies_bmp_bof.rb index 391a323462..6a250a4be3 100644 --- a/modules/exploits/windows/fileformat/chasys_draw_ies_bmp_bof.rb +++ b/modules/exploits/windows/fileformat/chasys_draw_ies_bmp_bof.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-3928' ], + [ 'OSVDB', '95689' ], [ 'BID', '61463' ], [ 'URL', 'http://secunia.com/advisories/53773/' ], [ 'URL', 'http://longinox.blogspot.com/2013/08/explot-stack-based-overflow-bypassing.html' ] diff --git a/modules/exploits/windows/fileformat/coolpdf_image_stream_bof.rb b/modules/exploits/windows/fileformat/coolpdf_image_stream_bof.rb index bab09946cf..dc224d9809 100644 --- a/modules/exploits/windows/fileformat/coolpdf_image_stream_bof.rb +++ b/modules/exploits/windows/fileformat/coolpdf_image_stream_bof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-4914' ], + [ 'OSVDB', '89349' ], [ 'EDB', '24463' ], [ 'URL', 'http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=70&Itemid=70' ] ], diff --git a/modules/exploits/windows/fileformat/corelpdf_fusion_bof.rb b/modules/exploits/windows/fileformat/corelpdf_fusion_bof.rb index 847ddf40e1..6097c8fb34 100644 --- a/modules/exploits/windows/fileformat/corelpdf_fusion_bof.rb +++ b/modules/exploits/windows/fileformat/corelpdf_fusion_bof.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-3248' ], + [ 'OSVDB', '94933' ], [ 'BID', '61010' ], [ 'URL', 'http://secunia.com/advisories/52707/' ] ], diff --git a/modules/exploits/windows/fileformat/csound_getnum_bof.rb b/modules/exploits/windows/fileformat/csound_getnum_bof.rb index 62546dd291..50aaa3d7ed 100644 --- a/modules/exploits/windows/fileformat/csound_getnum_bof.rb +++ b/modules/exploits/windows/fileformat/csound_getnum_bof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0270' ], + [ 'OSVDB', '79491' ], [ 'BID', '52144' ], [ 'URL', 'http://secunia.com/secunia_research/2012-3/' ], [ 'URL', 'http://csound.git.sourceforge.net/git/gitweb.cgi?p=csound/csound5.git;a=commit;h=7d617a9551fb6c552ba16874b71266fcd90f3a6f'] diff --git a/modules/exploits/windows/fileformat/cutezip_bof.rb b/modules/exploits/windows/fileformat/cutezip_bof.rb index 10c446b627..4cdb568852 100644 --- a/modules/exploits/windows/fileformat/cutezip_bof.rb +++ b/modules/exploits/windows/fileformat/cutezip_bof.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '85709' ], [ 'EDB', '16162' ], [ 'BID', '46375' ] ], diff --git a/modules/exploits/windows/fileformat/cyberlink_p2g_bof.rb b/modules/exploits/windows/fileformat/cyberlink_p2g_bof.rb index fea52d482f..4e643c9134 100644 --- a/modules/exploits/windows/fileformat/cyberlink_p2g_bof.rb +++ b/modules/exploits/windows/fileformat/cyberlink_p2g_bof.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['BID', '50997'], + ['OSVDB', '77600'], ['EDB', '18220'], ['US-CERT-VU', '158003'] ], diff --git a/modules/exploits/windows/fileformat/cytel_studio_cy3.rb b/modules/exploits/windows/fileformat/cytel_studio_cy3.rb index 4bf2c4a5ac..27a7399113 100644 --- a/modules/exploits/windows/fileformat/cytel_studio_cy3.rb +++ b/modules/exploits/windows/fileformat/cytel_studio_cy3.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '75991' ], [ 'BID', '49924' ], [ 'URL', 'http://aluigi.altervista.org/adv/cytel_1-adv.txt' ], ], diff --git a/modules/exploits/windows/fileformat/deepburner_path.rb b/modules/exploits/windows/fileformat/deepburner_path.rb index a6df9aaf40..81e7b4eb61 100644 --- a/modules/exploits/windows/fileformat/deepburner_path.rb +++ b/modules/exploits/windows/fileformat/deepburner_path.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'BID', '21657' ], + [ 'OSVDB', '32356' ], [ 'CVE', '2006-6665' ], [ 'EDB', '2950' ], [ 'EDB', '8335' ], diff --git a/modules/exploits/windows/fileformat/destinymediaplayer16.rb b/modules/exploits/windows/fileformat/destinymediaplayer16.rb index 0c8623d392..e28c56775c 100644 --- a/modules/exploits/windows/fileformat/destinymediaplayer16.rb +++ b/modules/exploits/windows/fileformat/destinymediaplayer16.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3429' ], + [ 'OSVDB', '53249' ], [ 'EDB', '7651' ], [ 'BID', '33091' ] ], diff --git a/modules/exploits/windows/fileformat/digital_music_pad_pls.rb b/modules/exploits/windows/fileformat/digital_music_pad_pls.rb index e46133fa60..5b4ab37f1d 100644 --- a/modules/exploits/windows/fileformat/digital_music_pad_pls.rb +++ b/modules/exploits/windows/fileformat/digital_music_pad_pls.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '68178' ], [ 'URL', 'http://secunia.com/advisories/41519/' ], [ 'EDB', '15134' ], ], diff --git a/modules/exploits/windows/fileformat/djstudio_pls_bof.rb b/modules/exploits/windows/fileformat/djstudio_pls_bof.rb index 5a10874e9c..a23ea2c2ba 100644 --- a/modules/exploits/windows/fileformat/djstudio_pls_bof.rb +++ b/modules/exploits/windows/fileformat/djstudio_pls_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-4656'], + [ 'OSVDB', '58159'], [ 'EDB', '10827' ] ], 'Payload' => diff --git a/modules/exploits/windows/fileformat/djvu_imageurl.rb b/modules/exploits/windows/fileformat/djvu_imageurl.rb index 28bbb7bbd5..bb7f07e4d6 100644 --- a/modules/exploits/windows/fileformat/djvu_imageurl.rb +++ b/modules/exploits/windows/fileformat/djvu_imageurl.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-4922' ], + [ 'OSVDB', '49592' ], [ 'BID', '31987' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/dvdx_plf_bof.rb b/modules/exploits/windows/fileformat/dvdx_plf_bof.rb index 15044284e2..abf972e0bd 100644 --- a/modules/exploits/windows/fileformat/dvdx_plf_bof.rb +++ b/modules/exploits/windows/fileformat/dvdx_plf_bof.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-3068' ], + [ 'OSVDB', '36956' ], [ 'BID', '24278' ], [ 'EDB', '17745' ], ], diff --git a/modules/exploits/windows/fileformat/easycdda_pls_bof.rb b/modules/exploits/windows/fileformat/easycdda_pls_bof.rb index 154d671bfe..cb3d17c4bf 100644 --- a/modules/exploits/windows/fileformat/easycdda_pls_bof.rb +++ b/modules/exploits/windows/fileformat/easycdda_pls_bof.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'BID', '40631' ], [ 'EDB', '13761' ], + [ 'OSVDB', '65256' ], [ 'CVE', '2010-2343' ], [ 'URL', 'http://www.corelan.be:8800/advisories.php?id=CORELAN-10-048' ] ], diff --git a/modules/exploits/windows/fileformat/emc_appextender_keyworks.rb b/modules/exploits/windows/fileformat/emc_appextender_keyworks.rb index e2c1efd408..9ebe304e14 100644 --- a/modules/exploits/windows/fileformat/emc_appextender_keyworks.rb +++ b/modules/exploits/windows/fileformat/emc_appextender_keyworks.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'MC' ], 'References' => [ + [ 'OSVDB', '58423'], [ 'BID', '36546' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/erdas_er_viewer_bof.rb b/modules/exploits/windows/fileformat/erdas_er_viewer_bof.rb index 3b9e647efa..3922c36d9f 100644 --- a/modules/exploits/windows/fileformat/erdas_er_viewer_bof.rb +++ b/modules/exploits/windows/fileformat/erdas_er_viewer_bof.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-0726' ], + [ 'OSVDB', '92694' ], [ 'BID', '59379' ], [ 'URL', 'http://secunia.com/advisories/51725/' ] ], diff --git a/modules/exploits/windows/fileformat/erdas_er_viewer_rf_report_error.rb b/modules/exploits/windows/fileformat/erdas_er_viewer_rf_report_error.rb index 1c1fc5d570..42a7a7b919 100644 --- a/modules/exploits/windows/fileformat/erdas_er_viewer_rf_report_error.rb +++ b/modules/exploits/windows/fileformat/erdas_er_viewer_rf_report_error.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-3482' ], + [ 'OSVDB', '93650' ], [ 'URL', 'http://secunia.com/advisories/53620/' ] ], 'Payload' => diff --git a/modules/exploits/windows/fileformat/esignal_styletemplate_bof.rb b/modules/exploits/windows/fileformat/esignal_styletemplate_bof.rb index 389839704d..e7c7606b63 100644 --- a/modules/exploits/windows/fileformat/esignal_styletemplate_bof.rb +++ b/modules/exploits/windows/fileformat/esignal_styletemplate_bof.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-3494' ], + [ 'OSVDB', '75456' ], [ 'BID', '49600' ], [ 'URL', 'http://aluigi.altervista.org/adv/esignal_1-adv.txt' ], [ 'EDB', '17837' ] diff --git a/modules/exploits/windows/fileformat/etrust_pestscan.rb b/modules/exploits/windows/fileformat/etrust_pestscan.rb index bb377a4626..f54e0fb9fb 100644 --- a/modules/exploits/windows/fileformat/etrust_pestscan.rb +++ b/modules/exploits/windows/fileformat/etrust_pestscan.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-4225' ], + [ 'OSVDB', '60862'] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/fileformat/ezip_wizard_bof.rb b/modules/exploits/windows/fileformat/ezip_wizard_bof.rb index 8bdcb8c5a5..8d41735dfb 100644 --- a/modules/exploits/windows/fileformat/ezip_wizard_bof.rb +++ b/modules/exploits/windows/fileformat/ezip_wizard_bof.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-1028' ], + [ 'OSVDB', '52815' ], [ 'BID', '34044' ], [ 'URL', 'http://www.edisys.com/' ], [ 'EDB', '8180' ], diff --git a/modules/exploits/windows/fileformat/fatplayer_wav.rb b/modules/exploits/windows/fileformat/fatplayer_wav.rb index 38df01a0a4..cf4f18cd37 100644 --- a/modules/exploits/windows/fileformat/fatplayer_wav.rb +++ b/modules/exploits/windows/fileformat/fatplayer_wav.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-4962'], + [ 'OSVDB', '57343'], [ 'EDB', '15279' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/fdm_torrent.rb b/modules/exploits/windows/fileformat/fdm_torrent.rb index e9f1009266..835441a161 100644 --- a/modules/exploits/windows/fileformat/fdm_torrent.rb +++ b/modules/exploits/windows/fileformat/fdm_torrent.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-0184' ], + [ 'OSVDB', '54033' ], [ 'BID', '33555' ], [ 'URL', 'http://freedownload.svn.sourceforge.net/viewvc/freedownload/FDM/vmsBtDownloadManager.cpp?r1=11&r2=18' ], [ 'URL', 'http://freedownload.svn.sourceforge.net/viewvc/freedownload/FDM/Bittorrent/fdmbtsupp/vmsBtFileImpl.cpp?r1=9&r2=18' ], diff --git a/modules/exploits/windows/fileformat/feeddemon_opml.rb b/modules/exploits/windows/fileformat/feeddemon_opml.rb index f50e2ba765..e19d9777bf 100644 --- a/modules/exploits/windows/fileformat/feeddemon_opml.rb +++ b/modules/exploits/windows/fileformat/feeddemon_opml.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-0546' ], + [ 'OSVDB', '51753' ], [ 'BID', '33630' ], [ 'EDB', '7995' ], [ 'EDB', '8010' ], diff --git a/modules/exploits/windows/fileformat/foxit_reader_filewrite.rb b/modules/exploits/windows/fileformat/foxit_reader_filewrite.rb index 274e0f32fe..db56b8840e 100644 --- a/modules/exploits/windows/fileformat/foxit_reader_filewrite.rb +++ b/modules/exploits/windows/fileformat/foxit_reader_filewrite.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '71104' ], [ 'URL', 'http://scarybeastsecurity.blogspot.com/2011/03/dangerous-file-write-bug-in-foxit-pdf.html' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/foxit_reader_launch.rb b/modules/exploits/windows/fileformat/foxit_reader_launch.rb index a93d40161c..512ca932fd 100644 --- a/modules/exploits/windows/fileformat/foxit_reader_launch.rb +++ b/modules/exploits/windows/fileformat/foxit_reader_launch.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE' , '2009-0837' ], + [ 'OSVDB', '55614' ], [ 'BID', '34035'], [ 'URL', 'http://www.coresecurity.com/content/foxit-reader-vulnerabilities'] ], diff --git a/modules/exploits/windows/fileformat/foxit_title_bof.rb b/modules/exploits/windows/fileformat/foxit_title_bof.rb index cd46df58d7..9c9f4b3566 100644 --- a/modules/exploits/windows/fileformat/foxit_title_bof.rb +++ b/modules/exploits/windows/fileformat/foxit_title_bof.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ #[ 'CVE', '' ], + [ 'OSVDB', '68648' ], [ 'EDB', '15532' ], [ 'URL', 'http://www.corelan.be:8800/index.php/2010/11/13/offensive-security-exploit-weekend/' ] ], diff --git a/modules/exploits/windows/fileformat/free_mp3_ripper_wav.rb b/modules/exploits/windows/fileformat/free_mp3_ripper_wav.rb index c151e9f94c..7dd33fd5e9 100644 --- a/modules/exploits/windows/fileformat/free_mp3_ripper_wav.rb +++ b/modules/exploits/windows/fileformat/free_mp3_ripper_wav.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '63349' ], [ 'EDB', '11975' ], #Initial disclosure [ 'EDB', '17727' ] #This exploit is based on this poc ], diff --git a/modules/exploits/windows/fileformat/galan_fileformat_bof.rb b/modules/exploits/windows/fileformat/galan_fileformat_bof.rb index 28c747fbc7..1049ee46b0 100644 --- a/modules/exploits/windows/fileformat/galan_fileformat_bof.rb +++ b/modules/exploits/windows/fileformat/galan_fileformat_bof.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '60897' ], [ 'EDB', '10339' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/gsm_sim.rb b/modules/exploits/windows/fileformat/gsm_sim.rb index ce9c7b019e..0fd7b4a82e 100644 --- a/modules/exploits/windows/fileformat/gsm_sim.rb +++ b/modules/exploits/windows/fileformat/gsm_sim.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '81161' ], [ 'EDB', '14258' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/gta_samp.rb b/modules/exploits/windows/fileformat/gta_samp.rb index de656126fe..99bfd109cf 100644 --- a/modules/exploits/windows/fileformat/gta_samp.rb +++ b/modules/exploits/windows/fileformat/gta_samp.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '83433' ], [ 'EDB', '17893' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/hhw_hhp_compiledfile_bof.rb b/modules/exploits/windows/fileformat/hhw_hhp_compiledfile_bof.rb index ed5247606b..96e6b9cb59 100644 --- a/modules/exploits/windows/fileformat/hhw_hhp_compiledfile_bof.rb +++ b/modules/exploits/windows/fileformat/hhw_hhp_compiledfile_bof.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-0564'], + [ 'OSVDB', '22941'], [ 'EDB', '1488' ], [ 'EDB', '1490' ], ], diff --git a/modules/exploits/windows/fileformat/hhw_hhp_contentfile_bof.rb b/modules/exploits/windows/fileformat/hhw_hhp_contentfile_bof.rb index 1ff6ae6dc3..3eaa4f66bf 100644 --- a/modules/exploits/windows/fileformat/hhw_hhp_contentfile_bof.rb +++ b/modules/exploits/windows/fileformat/hhw_hhp_contentfile_bof.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-0564' ], + [ 'OSVDB', '22941' ], [ 'EDB', '1470' ], [ 'EDB', '1495' ], ], diff --git a/modules/exploits/windows/fileformat/hhw_hhp_indexfile_bof.rb b/modules/exploits/windows/fileformat/hhw_hhp_indexfile_bof.rb index fd6bfab37a..90d48de952 100644 --- a/modules/exploits/windows/fileformat/hhw_hhp_indexfile_bof.rb +++ b/modules/exploits/windows/fileformat/hhw_hhp_indexfile_bof.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2009-0133' ], [ 'BID', '33189' ], + [ 'OSVDB', '22941' ], [ 'EDB', '10323' ], [ 'EDB', '10335' ], ], diff --git a/modules/exploits/windows/fileformat/ht_mp3player_ht3_bof.rb b/modules/exploits/windows/fileformat/ht_mp3player_ht3_bof.rb index 630f52a302..2d4cb835fd 100644 --- a/modules/exploits/windows/fileformat/ht_mp3player_ht3_bof.rb +++ b/modules/exploits/windows/fileformat/ht_mp3player_ht3_bof.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-2485' ], + [ 'OSVDB', '55449' ], [ 'EDB', '9034' ], [ 'EDB', '9038' ] ], diff --git a/modules/exploits/windows/fileformat/ibm_forms_viewer_fontname.rb b/modules/exploits/windows/fileformat/ibm_forms_viewer_fontname.rb index 3c980a811a..8ee1a341ad 100644 --- a/modules/exploits/windows/fileformat/ibm_forms_viewer_fontname.rb +++ b/modules/exploits/windows/fileformat/ibm_forms_viewer_fontname.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-5447' ], + [ 'OSVDB', '100732' ], [ 'ZDI', '13-274' ], [ 'URL', 'http://www-01.ibm.com/support/docview.wss?uid=swg21657500' ], ], diff --git a/modules/exploits/windows/fileformat/ibm_pcm_ws.rb b/modules/exploits/windows/fileformat/ibm_pcm_ws.rb index e404a4ab28..6905619ea8 100644 --- a/modules/exploits/windows/fileformat/ibm_pcm_ws.rb +++ b/modules/exploits/windows/fileformat/ibm_pcm_ws.rb @@ -69,6 +69,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-0201'], + ['OSVDB', '79657'], ['URL', 'https://www-304.ibm.com/support/docview.wss?uid=swg21586166'] ], 'DisclosureDate' => "Feb 28 2012", diff --git a/modules/exploits/windows/fileformat/icofx_bof.rb b/modules/exploits/windows/fileformat/icofx_bof.rb index ddb439e2e1..4d4902d9a8 100644 --- a/modules/exploits/windows/fileformat/icofx_bof.rb +++ b/modules/exploits/windows/fileformat/icofx_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-4988' ], + [ 'OSVDB', '100826' ], [ 'BID', '64221' ], [ 'EDB', '30208'], [ 'URL', 'http://www.coresecurity.com/advisories/icofx-buffer-overflow-vulnerability' ] diff --git a/modules/exploits/windows/fileformat/ideal_migration_ipj.rb b/modules/exploits/windows/fileformat/ideal_migration_ipj.rb index c061508c44..302377f25f 100644 --- a/modules/exploits/windows/fileformat/ideal_migration_ipj.rb +++ b/modules/exploits/windows/fileformat/ideal_migration_ipj.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-4265' ], + [ 'OSVDB', '60681' ], [ 'EDB', '10319' ], [ 'EDB', '12403' ], [ 'EDB', '12404' ], diff --git a/modules/exploits/windows/fileformat/iftp_schedule_bof.rb b/modules/exploits/windows/fileformat/iftp_schedule_bof.rb index dbce0edcdf..335af1186d 100644 --- a/modules/exploits/windows/fileformat/iftp_schedule_bof.rb +++ b/modules/exploits/windows/fileformat/iftp_schedule_bof.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'EDB', '35177' ], + [ 'OSVDB', '114279' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/fileformat/irfanview_jpeg2000_bof.rb b/modules/exploits/windows/fileformat/irfanview_jpeg2000_bof.rb index 6e063ab7be..4ef262a804 100644 --- a/modules/exploits/windows/fileformat/irfanview_jpeg2000_bof.rb +++ b/modules/exploits/windows/fileformat/irfanview_jpeg2000_bof.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0897' ], + [ 'OSVDB', '78333'], [ 'BID', '51426' ], [ 'URL', 'http://www.greyhathacker.net/?p=525' ], ], diff --git a/modules/exploits/windows/fileformat/ispvm_xcf_ispxcf.rb b/modules/exploits/windows/fileformat/ispvm_xcf_ispxcf.rb index 27885b52d3..846839bfb1 100644 --- a/modules/exploits/windows/fileformat/ispvm_xcf_ispxcf.rb +++ b/modules/exploits/windows/fileformat/ispvm_xcf_ispxcf.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '82000'], ['BID', '53562'], ['URL', 'http://secunia.com/advisories/48740/'] ], diff --git a/modules/exploits/windows/fileformat/kingview_kingmess_kvl.rb b/modules/exploits/windows/fileformat/kingview_kingmess_kvl.rb index 6895541e3d..844674afc7 100644 --- a/modules/exploits/windows/fileformat/kingview_kingmess_kvl.rb +++ b/modules/exploits/windows/fileformat/kingview_kingmess_kvl.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-4711'], + ['OSVDB', '89690'], ['BID', '57909'], ['URL', 'http://ics-cert.us-cert.gov/pdf/ICSA-13-043-02.pdf'] ], diff --git a/modules/exploits/windows/fileformat/lattice_pac_bof.rb b/modules/exploits/windows/fileformat/lattice_pac_bof.rb index 6372c9bf04..5f3157ad99 100644 --- a/modules/exploits/windows/fileformat/lattice_pac_bof.rb +++ b/modules/exploits/windows/fileformat/lattice_pac_bof.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-2915'], + ['OSVDB', '82001'], ['EDB', '19006'], ['BID', '53566'], ['URL', 'http://secunia.com/advisories/48741'] diff --git a/modules/exploits/windows/fileformat/lotusnotes_lzh.rb b/modules/exploits/windows/fileformat/lotusnotes_lzh.rb index 8143bf8e8d..6b492c5605 100644 --- a/modules/exploits/windows/fileformat/lotusnotes_lzh.rb +++ b/modules/exploits/windows/fileformat/lotusnotes_lzh.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-1213'], + ['OSVDB', '72706'], ['BID', '48018'], ['URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=904'], ['URL', 'http://www.ibm.com/support/docview.wss?uid=swg21500034'], diff --git a/modules/exploits/windows/fileformat/magix_musikmaker_16_mmm.rb b/modules/exploits/windows/fileformat/magix_musikmaker_16_mmm.rb index 7ebf8b0fbb..969b09a005 100644 --- a/modules/exploits/windows/fileformat/magix_musikmaker_16_mmm.rb +++ b/modules/exploits/windows/fileformat/magix_musikmaker_16_mmm.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '72063'], [ 'URL', 'http://www.corelan.be/advisories.php?id=CORELAN-11-002' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/mcafee_hercules_deletesnapshot.rb b/modules/exploits/windows/fileformat/mcafee_hercules_deletesnapshot.rb index 84b95bcbb7..82e78e7f6c 100644 --- a/modules/exploits/windows/fileformat/mcafee_hercules_deletesnapshot.rb +++ b/modules/exploits/windows/fileformat/mcafee_hercules_deletesnapshot.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'MC' ], 'References' => [ + [ 'OSVDB', '94540' ], [ 'EDB', '16639' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/mcafee_showreport_exec.rb b/modules/exploits/windows/fileformat/mcafee_showreport_exec.rb index 0355c9f595..ef37f52edf 100644 --- a/modules/exploits/windows/fileformat/mcafee_showreport_exec.rb +++ b/modules/exploits/windows/fileformat/mcafee_showreport_exec.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '78310'], ['BID', '51397'], ['ZDI', '12-012'], ], diff --git a/modules/exploits/windows/fileformat/mediacoder_m3u.rb b/modules/exploits/windows/fileformat/mediacoder_m3u.rb index c2c890ba44..63947ef024 100644 --- a/modules/exploits/windows/fileformat/mediacoder_m3u.rb +++ b/modules/exploits/windows/fileformat/mediacoder_m3u.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '94522' ], [ 'EDB', '26403' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/mediajukebox.rb b/modules/exploits/windows/fileformat/mediajukebox.rb index 66191b4d09..a3b275d5b2 100644 --- a/modules/exploits/windows/fileformat/mediajukebox.rb +++ b/modules/exploits/windows/fileformat/mediajukebox.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '55924' ], [ 'CVE', '2009-2650'] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/microp_mppl.rb b/modules/exploits/windows/fileformat/microp_mppl.rb index 65d66f1be4..c8fc52c28c 100644 --- a/modules/exploits/windows/fileformat/microp_mppl.rb +++ b/modules/exploits/windows/fileformat/microp_mppl.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'James Fitts ' ], 'References' => [ + [ 'OSVDB', '73627'], [ 'EDB', '14720' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/millenium_mp3_pls.rb b/modules/exploits/windows/fileformat/millenium_mp3_pls.rb index 9b3a2ebd89..1df34cf54e 100644 --- a/modules/exploits/windows/fileformat/millenium_mp3_pls.rb +++ b/modules/exploits/windows/fileformat/millenium_mp3_pls.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'Molotov ', 'dookie', 'jduck' ], 'References' => [ + [ 'OSVDB', '56574' ], [ 'EDB', '9618' ], [ 'EDB', '10240' ], ], diff --git a/modules/exploits/windows/fileformat/mini_stream_pls_bof.rb b/modules/exploits/windows/fileformat/mini_stream_pls_bof.rb index 9d4a367f13..c6ce8282a9 100644 --- a/modules/exploits/windows/fileformat/mini_stream_pls_bof.rb +++ b/modules/exploits/windows/fileformat/mini_stream_pls_bof.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '78078' ], [ 'EDB', '14373' ], [ 'BID', '34514' ] ], diff --git a/modules/exploits/windows/fileformat/mjm_coreplayer2011_s3m.rb b/modules/exploits/windows/fileformat/mjm_coreplayer2011_s3m.rb index 974a9e4bfb..08d32e4615 100644 --- a/modules/exploits/windows/fileformat/mjm_coreplayer2011_s3m.rb +++ b/modules/exploits/windows/fileformat/mjm_coreplayer2011_s3m.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '72101'], [ 'URL', 'http://www.corelan.be/advisories.php?id=CORELAN-11-004' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/mjm_quickplayer_s3m.rb b/modules/exploits/windows/fileformat/mjm_quickplayer_s3m.rb index aa8ddd2dfd..b5290628b1 100644 --- a/modules/exploits/windows/fileformat/mjm_quickplayer_s3m.rb +++ b/modules/exploits/windows/fileformat/mjm_quickplayer_s3m.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '72102'], [ 'URL', 'http://www.corelan.be/advisories.php?id=CORELAN-11-003' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/moxa_mediadbplayback.rb b/modules/exploits/windows/fileformat/moxa_mediadbplayback.rb index 687ee10331..abca8b0b9a 100644 --- a/modules/exploits/windows/fileformat/moxa_mediadbplayback.rb +++ b/modules/exploits/windows/fileformat/moxa_mediadbplayback.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-4742' ], + [ 'OSVDB', '68986'], [ 'URL', 'http://www.moxa.com' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/mplayer_sami_bof.rb b/modules/exploits/windows/fileformat/mplayer_sami_bof.rb index cbdae23136..2227ed7907 100644 --- a/modules/exploits/windows/fileformat/mplayer_sami_bof.rb +++ b/modules/exploits/windows/fileformat/mplayer_sami_bof.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'BID', '49149' ], + [ 'OSVDB', '74604' ], [ 'URL', 'http://labs.mwrinfosecurity.com/files/Advisories/mwri_mplayer-sami-subtitles_2011-08-12.pdf' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/ms09_067_excel_featheader.rb b/modules/exploits/windows/fileformat/ms09_067_excel_featheader.rb index 3f8886833e..8e0efe9bee 100644 --- a/modules/exploits/windows/fileformat/ms09_067_excel_featheader.rb +++ b/modules/exploits/windows/fileformat/ms09_067_excel_featheader.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE','2009-3129' ], + [ 'OSVDB', '59860' ], [ 'MSB', 'MS09-067' ], [ 'BID', '36945' ], [ 'ZDI', '09-083' ], diff --git a/modules/exploits/windows/fileformat/ms10_004_textbytesatom.rb b/modules/exploits/windows/fileformat/ms10_004_textbytesatom.rb index dd54be0b1d..ac9a801ea0 100644 --- a/modules/exploits/windows/fileformat/ms10_004_textbytesatom.rb +++ b/modules/exploits/windows/fileformat/ms10_004_textbytesatom.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0033' ], + [ 'OSVDB', '62241' ], [ 'MSB', 'MS10-004' ], [ 'ZDI', '10-017' ] ], diff --git a/modules/exploits/windows/fileformat/ms10_038_excel_obj_bof.rb b/modules/exploits/windows/fileformat/ms10_038_excel_obj_bof.rb index 2330999ea0..54346b5033 100644 --- a/modules/exploits/windows/fileformat/ms10_038_excel_obj_bof.rb +++ b/modules/exploits/windows/fileformat/ms10_038_excel_obj_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2010-0822'], + ['OSVDB', '65236'], ['BID', '40520'], ['MSB', 'MS10-038'], ['URL', 'http://www.exploit-db.com/moaub-24-microsoft-excel-obj-record-stack-overflow/'] diff --git a/modules/exploits/windows/fileformat/ms10_087_rtf_pfragments_bof.rb b/modules/exploits/windows/fileformat/ms10_087_rtf_pfragments_bof.rb index cc659a61cd..cf2cc7d1fd 100644 --- a/modules/exploits/windows/fileformat/ms10_087_rtf_pfragments_bof.rb +++ b/modules/exploits/windows/fileformat/ms10_087_rtf_pfragments_bof.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-3333' ], + [ 'OSVDB', '69085' ], [ 'MSB', 'MS10-087' ], [ 'BID', '44652' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=880' ] diff --git a/modules/exploits/windows/fileformat/ms11_006_createsizeddibsection.rb b/modules/exploits/windows/fileformat/ms11_006_createsizeddibsection.rb index 6889abfd55..24283fda76 100644 --- a/modules/exploits/windows/fileformat/ms11_006_createsizeddibsection.rb +++ b/modules/exploits/windows/fileformat/ms11_006_createsizeddibsection.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-3970' ], + [ 'OSVDB', '70263' ], [ 'MSB', 'MS11-006' ], [ 'BID', '45662' ], [ 'URL', 'http://www.microsoft.com/technet/security/advisory/2490606.mspx' ] diff --git a/modules/exploits/windows/fileformat/ms11_021_xlb_bof.rb b/modules/exploits/windows/fileformat/ms11_021_xlb_bof.rb index 3b0fb5ca64..485b6ba9d9 100644 --- a/modules/exploits/windows/fileformat/ms11_021_xlb_bof.rb +++ b/modules/exploits/windows/fileformat/ms11_021_xlb_bof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-0105'], + ['OSVDB', '71765'], ['MSB', 'MS11-021'], ['ZDI', '11-121'] ], diff --git a/modules/exploits/windows/fileformat/ms12_005.rb b/modules/exploits/windows/fileformat/ms12_005.rb index 08146f7061..6495b396d2 100644 --- a/modules/exploits/windows/fileformat/ms12_005.rb +++ b/modules/exploits/windows/fileformat/ms12_005.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-0013'], + ['OSVDB', '78207'], ['MSB', 'MS12-005'], ['BID', '51284'], ['URL', 'http://support.microsoft.com/default.aspx?scid=kb;EN-US;2584146'], diff --git a/modules/exploits/windows/fileformat/ms12_027_mscomctl_bof.rb b/modules/exploits/windows/fileformat/ms12_027_mscomctl_bof.rb index 1095de29b6..1548ef7a32 100644 --- a/modules/exploits/windows/fileformat/ms12_027_mscomctl_bof.rb +++ b/modules/exploits/windows/fileformat/ms12_027_mscomctl_bof.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0158' ], + [ 'OSVDB', '81125' ], [ 'BID', '52911' ], [ 'MSB', 'MS12-027' ], [ 'URL', 'http://contagiodump.blogspot.com.es/2012/04/cve2012-0158-south-china-sea-insider.html' ] diff --git a/modules/exploits/windows/fileformat/ms13_071_theme.rb b/modules/exploits/windows/fileformat/ms13_071_theme.rb index 6b18581fb8..f2d966c158 100644 --- a/modules/exploits/windows/fileformat/ms13_071_theme.rb +++ b/modules/exploits/windows/fileformat/ms13_071_theme.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2013-0810'], + ['OSVDB', '97136'], ['MSB', 'MS13-071'], ['BID', '62176'], ['URL', 'http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1040'], diff --git a/modules/exploits/windows/fileformat/ms14_060_sandworm.rb b/modules/exploits/windows/fileformat/ms14_060_sandworm.rb index ea68ec2ee3..c68ecb9be7 100644 --- a/modules/exploits/windows/fileformat/ms14_060_sandworm.rb +++ b/modules/exploits/windows/fileformat/ms14_060_sandworm.rb @@ -57,6 +57,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2014-4114'], + ['OSVDB', '113140'], ['MSB', 'MS14-060'], ['BID', '70419'], ['URL' , 'http://www.isightpartners.com/2014/10/cve-2014-4114/'], diff --git a/modules/exploits/windows/fileformat/ms_visual_basic_vbp.rb b/modules/exploits/windows/fileformat/ms_visual_basic_vbp.rb index fe257ea937..d6f086132f 100644 --- a/modules/exploits/windows/fileformat/ms_visual_basic_vbp.rb +++ b/modules/exploits/windows/fileformat/ms_visual_basic_vbp.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-4776' ], + [ 'OSVDB', '36936' ], [ 'BID', '25629' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/mswin_tiff_overflow.rb b/modules/exploits/windows/fileformat/mswin_tiff_overflow.rb index 511cf20f14..772cf9a59f 100644 --- a/modules/exploits/windows/fileformat/mswin_tiff_overflow.rb +++ b/modules/exploits/windows/fileformat/mswin_tiff_overflow.rb @@ -62,6 +62,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2013-3906' ], [ 'MSB', 'MS13-096' ], + [ 'OSVDB', '99376' ], [ 'URL', 'http://technet.microsoft.com/en-us/security/advisory/2896666' ], [ 'URL', 'http://blogs.technet.com/b/srd/archive/2013/11/05/cve-2013-3906-a-graphics-vulnerability-exploited-through-word-documents.aspx' ] ], diff --git a/modules/exploits/windows/fileformat/msworks_wkspictureinterface.rb b/modules/exploits/windows/fileformat/msworks_wkspictureinterface.rb index c319cc5f77..33887dd6e5 100644 --- a/modules/exploits/windows/fileformat/msworks_wkspictureinterface.rb +++ b/modules/exploits/windows/fileformat/msworks_wkspictureinterface.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE','2008-1898' ], + [ 'OSVDB', '44458'], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/fileformat/mymp3player_m3u.rb b/modules/exploits/windows/fileformat/mymp3player_m3u.rb index e1729e2ae5..e73e8a6b3a 100644 --- a/modules/exploits/windows/fileformat/mymp3player_m3u.rb +++ b/modules/exploits/windows/fileformat/mymp3player_m3u.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '64580'], [ 'EDB', '11791' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/netop.rb b/modules/exploits/windows/fileformat/netop.rb index 0453a91f10..f89cbd3663 100644 --- a/modules/exploits/windows/fileformat/netop.rb +++ b/modules/exploits/windows/fileformat/netop.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '72291' ], [ 'EDB', '17223' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/nuance_pdf_launch_overflow.rb b/modules/exploits/windows/fileformat/nuance_pdf_launch_overflow.rb index f8ccce0e24..fa46dcbcae 100644 --- a/modules/exploits/windows/fileformat/nuance_pdf_launch_overflow.rb +++ b/modules/exploits/windows/fileformat/nuance_pdf_launch_overflow.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '68514'], [ 'URL', 'http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-062-stack-buffer-overflow-in-nuance-pdf-reader-v6-0/' ] ], 'Payload' => diff --git a/modules/exploits/windows/fileformat/openoffice_ole.rb b/modules/exploits/windows/fileformat/openoffice_ole.rb index c2828b07ff..85aaa1f5b8 100644 --- a/modules/exploits/windows/fileformat/openoffice_ole.rb +++ b/modules/exploits/windows/fileformat/openoffice_ole.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2008-0320'], + ['OSVDB', '44472'], ['BID', '28819'], ['EDB', '5584'], ['URL', 'http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=694'] diff --git a/modules/exploits/windows/fileformat/orbit_download_failed_bof.rb b/modules/exploits/windows/fileformat/orbit_download_failed_bof.rb index 8cbe738f20..17350e5db9 100644 --- a/modules/exploits/windows/fileformat/orbit_download_failed_bof.rb +++ b/modules/exploits/windows/fileformat/orbit_download_failed_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'BID', '28541' ], + [ 'OSVDB', '44036' ], [ 'CVE', '2008-1602' ], [ 'URL', 'http://www.coresecurity.com/content/orbit-downloader' ], ], diff --git a/modules/exploits/windows/fileformat/orbital_viewer_orb.rb b/modules/exploits/windows/fileformat/orbital_viewer_orb.rb index 8dd8c169e8..ba23f01b14 100644 --- a/modules/exploits/windows/fileformat/orbital_viewer_orb.rb +++ b/modules/exploits/windows/fileformat/orbital_viewer_orb.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'BID', '38436' ], + [ 'OSVDB', '62580' ], [ 'CVE', '2010-0688' ], [ 'URL', 'http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-011-orbital-viewer-orb-buffer-overflow/' ], [ 'EDB', '11581' ] diff --git a/modules/exploits/windows/fileformat/ovf_format_string.rb b/modules/exploits/windows/fileformat/ovf_format_string.rb index e6cc1347e3..d17be93da7 100644 --- a/modules/exploits/windows/fileformat/ovf_format_string.rb +++ b/modules/exploits/windows/fileformat/ovf_format_string.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-3569' ], + [ 'OSVDB', '87117' ], [ 'BID', '56468' ], [ 'URL', 'http://www.vmware.com/security/advisories/VMSA-2012-0015.html' ] ], diff --git a/modules/exploits/windows/fileformat/proshow_cellimage_bof.rb b/modules/exploits/windows/fileformat/proshow_cellimage_bof.rb index 046e5f8fee..0c1416eb54 100644 --- a/modules/exploits/windows/fileformat/proshow_cellimage_bof.rb +++ b/modules/exploits/windows/fileformat/proshow_cellimage_bof.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3214' ], + [ 'OSVDB', '57226' ], [ 'EDB', '9483' ], [ 'EDB', '9519' ], ], diff --git a/modules/exploits/windows/fileformat/proshow_load_bof.rb b/modules/exploits/windows/fileformat/proshow_load_bof.rb index 3b2febb99f..39a26a3059 100644 --- a/modules/exploits/windows/fileformat/proshow_load_bof.rb +++ b/modules/exploits/windows/fileformat/proshow_load_bof.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '83745' ], [ 'EDB', '19563' ], [ 'EDB', '20036' ], [ 'URL', 'http://security.inshell.net/advisory/30' ] diff --git a/modules/exploits/windows/fileformat/publishit_pui.rb b/modules/exploits/windows/fileformat/publishit_pui.rb index 3e678733f2..a77cd17b8e 100644 --- a/modules/exploits/windows/fileformat/publishit_pui.rb +++ b/modules/exploits/windows/fileformat/publishit_pui.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '102911' ], [ 'CVE', '2014-0980' ], [ 'EDB', '31461' ] ], diff --git a/modules/exploits/windows/fileformat/real_networks_netzip_bof.rb b/modules/exploits/windows/fileformat/real_networks_netzip_bof.rb index 8ffcffeb54..f39244cd4e 100644 --- a/modules/exploits/windows/fileformat/real_networks_netzip_bof.rb +++ b/modules/exploits/windows/fileformat/real_networks_netzip_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '83436' ], [ 'EDB', '16083' ], [ 'BID', '46059' ], [ 'URL', 'http://proforma.real.com' ] diff --git a/modules/exploits/windows/fileformat/real_player_url_property_bof.rb b/modules/exploits/windows/fileformat/real_player_url_property_bof.rb index f95e49f4fc..04f4942631 100644 --- a/modules/exploits/windows/fileformat/real_player_url_property_bof.rb +++ b/modules/exploits/windows/fileformat/real_player_url_property_bof.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-5691' ], + [ 'OSVDB', '88486' ], [ 'BID', '56956' ], [ 'URL', 'http://service.real.com/realplayer/security/12142012_player/en/' ] ], diff --git a/modules/exploits/windows/fileformat/realplayer_ver_attribute_bof.rb b/modules/exploits/windows/fileformat/realplayer_ver_attribute_bof.rb index 70b2aafb0f..03a9a8ad81 100644 --- a/modules/exploits/windows/fileformat/realplayer_ver_attribute_bof.rb +++ b/modules/exploits/windows/fileformat/realplayer_ver_attribute_bof.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'BID', '64695' ], [ 'EDB', '30468' ], + [ 'OSVDB', '101356' ], [ 'CVE', '2013-7260' ], [ 'US-CERT-VU', '698278' ], [ 'URL', 'http://service.real.com/realplayer/security/12202013_player/en/' ] diff --git a/modules/exploits/windows/fileformat/safenet_softremote_groupname.rb b/modules/exploits/windows/fileformat/safenet_softremote_groupname.rb index b9b900314c..65584db42e 100644 --- a/modules/exploits/windows/fileformat/safenet_softremote_groupname.rb +++ b/modules/exploits/windows/fileformat/safenet_softremote_groupname.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3861' ], + [ 'OSVDB', '59660'], [ 'URL', 'http://www.senseofsecurity.com.au/advisories/SOS-09-008' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/sascam_get.rb b/modules/exploits/windows/fileformat/sascam_get.rb index 79d7e7698a..49acb4a06d 100644 --- a/modules/exploits/windows/fileformat/sascam_get.rb +++ b/modules/exploits/windows/fileformat/sascam_get.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-6898' ], + [ 'OSVDB', '55945'], [ 'BID','33053' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/scadaphone_zip.rb b/modules/exploits/windows/fileformat/scadaphone_zip.rb index ebff8b375e..037ec684f9 100644 --- a/modules/exploits/windows/fileformat/scadaphone_zip.rb +++ b/modules/exploits/windows/fileformat/scadaphone_zip.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-4535' ], + [ 'OSVDB', '75375' ], [ 'URL', 'http://www.scadatec.com/' ], [ 'EDB', '17817' ], ], diff --git a/modules/exploits/windows/fileformat/shadow_stream_recorder_bof.rb b/modules/exploits/windows/fileformat/shadow_stream_recorder_bof.rb index 3f1ca432c1..cb0f20199f 100644 --- a/modules/exploits/windows/fileformat/shadow_stream_recorder_bof.rb +++ b/modules/exploits/windows/fileformat/shadow_stream_recorder_bof.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '81487' ], [ 'EDB', '11957' ], [ 'BID', '34864' ] ], diff --git a/modules/exploits/windows/fileformat/somplplayer_m3u.rb b/modules/exploits/windows/fileformat/somplplayer_m3u.rb index fb3f46e84c..7f243b7e07 100644 --- a/modules/exploits/windows/fileformat/somplplayer_m3u.rb +++ b/modules/exploits/windows/fileformat/somplplayer_m3u.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '64368' ], [ 'EDB', '11219' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/subtitle_processor_m3u_bof.rb b/modules/exploits/windows/fileformat/subtitle_processor_m3u_bof.rb index e6a6670393..b005e87ed9 100644 --- a/modules/exploits/windows/fileformat/subtitle_processor_m3u_bof.rb +++ b/modules/exploits/windows/fileformat/subtitle_processor_m3u_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '72050' ], [ 'EDB', '17217' ], [ 'URL', 'http://sourceforge.net/projects/subtitleproc/' ] ], diff --git a/modules/exploits/windows/fileformat/tfm_mmplayer_m3u_ppl_bof.rb b/modules/exploits/windows/fileformat/tfm_mmplayer_m3u_ppl_bof.rb index 0d7fab5709..189433c05f 100644 --- a/modules/exploits/windows/fileformat/tfm_mmplayer_m3u_ppl_bof.rb +++ b/modules/exploits/windows/fileformat/tfm_mmplayer_m3u_ppl_bof.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '80532' ], [ 'BID', '52698' ], [ 'EDB', '18656' ], # .m3u [ 'EDB', '18657' ] # .ppl diff --git a/modules/exploits/windows/fileformat/total_video_player_ini_bof.rb b/modules/exploits/windows/fileformat/total_video_player_ini_bof.rb index 612a41cc72..1e6c0503bf 100644 --- a/modules/exploits/windows/fileformat/total_video_player_ini_bof.rb +++ b/modules/exploits/windows/fileformat/total_video_player_ini_bof.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '100619' ], [ 'EDB', '29799' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/tugzip.rb b/modules/exploits/windows/fileformat/tugzip.rb index b110908670..4d12cb0ead 100644 --- a/modules/exploits/windows/fileformat/tugzip.rb +++ b/modules/exploits/windows/fileformat/tugzip.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '49371' ], [ 'CVE', '2008-4779' ], [ 'BID', '31913' ], [ 'EDB', '12008' ] diff --git a/modules/exploits/windows/fileformat/ultraiso_ccd.rb b/modules/exploits/windows/fileformat/ultraiso_ccd.rb index c3b625d121..2861864028 100644 --- a/modules/exploits/windows/fileformat/ultraiso_ccd.rb +++ b/modules/exploits/windows/fileformat/ultraiso_ccd.rb @@ -30,9 +30,12 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-1260' ], + [ 'OSVDB', '53275' ], [ 'BID', '34363' ], # NOTE: The following BID is a duplicate of BID 34363 [ 'BID', '38613' ], + # NOTE: The following OSVDB entry seems invalid, the IMG file doesn't appear to trigger any vulnerability. + # [ 'OS-VDB', '53425' ], [ 'EDB', '8343' ] ], 'Payload' => diff --git a/modules/exploits/windows/fileformat/ultraiso_cue.rb b/modules/exploits/windows/fileformat/ultraiso_cue.rb index d37555f685..2124a0580c 100644 --- a/modules/exploits/windows/fileformat/ultraiso_cue.rb +++ b/modules/exploits/windows/fileformat/ultraiso_cue.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-2888' ], + [ 'OSVDB', '36570' ], [ 'BID', '24140' ], [ 'EDB', '3978' ] ], diff --git a/modules/exploits/windows/fileformat/ursoft_w32dasm.rb b/modules/exploits/windows/fileformat/ursoft_w32dasm.rb index bc5fa927e6..9517eaab91 100644 --- a/modules/exploits/windows/fileformat/ursoft_w32dasm.rb +++ b/modules/exploits/windows/fileformat/ursoft_w32dasm.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0308' ], + [ 'OSVDB', '13169' ], [ 'BID', '12352' ], [ 'URL', 'http://aluigi.altervista.org/adv/w32dasmbof-adv.txt' ], ], diff --git a/modules/exploits/windows/fileformat/varicad_dwb.rb b/modules/exploits/windows/fileformat/varicad_dwb.rb index dc630f0168..538b44d520 100644 --- a/modules/exploits/windows/fileformat/varicad_dwb.rb +++ b/modules/exploits/windows/fileformat/varicad_dwb.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '63067' ], [ 'BID', '38815' ], [ 'EDB', '11789' ] ], diff --git a/modules/exploits/windows/fileformat/videocharge_studio.rb b/modules/exploits/windows/fileformat/videocharge_studio.rb index 946c2bd869..3ad0c240f7 100644 --- a/modules/exploits/windows/fileformat/videocharge_studio.rb +++ b/modules/exploits/windows/fileformat/videocharge_studio.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '69616' ], [ 'EBD', '29234' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/videolan_tivo.rb b/modules/exploits/windows/fileformat/videolan_tivo.rb index 94aa468f3d..a7670ff4e0 100644 --- a/modules/exploits/windows/fileformat/videolan_tivo.rb +++ b/modules/exploits/windows/fileformat/videolan_tivo.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-4654' ], + [ 'OSVDB', '49181' ], [ 'BID', '31813' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/videospirit_visprj.rb b/modules/exploits/windows/fileformat/videospirit_visprj.rb index f796d12f77..6c8280bc0a 100644 --- a/modules/exploits/windows/fileformat/videospirit_visprj.rb +++ b/modules/exploits/windows/fileformat/videospirit_visprj.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2011-0499'], [ 'CVE', '2011-0500'], + [ 'OSVDB', '70619'], [ 'URL', 'http://www.corelan.be/advisories.php?id=CORELAN-11-001' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/visio_dxf_bof.rb b/modules/exploits/windows/fileformat/visio_dxf_bof.rb index dbbd66ed1e..ad4e9a8306 100644 --- a/modules/exploits/windows/fileformat/visio_dxf_bof.rb +++ b/modules/exploits/windows/fileformat/visio_dxf_bof.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE','2010-1681' ], + [ 'OSVDB', '64446' ], [ 'BID', '39836' ], [ 'URL', 'http://www.coresecurity.com/content/ms-visio-dxf-buffer-overflow' ], [ 'URL', 'http://www.exploit-db.com/moaub-8-microsoft-office-visio-dxf-file-stack-overflow/' ], diff --git a/modules/exploits/windows/fileformat/visiwave_vwr_type.rb b/modules/exploits/windows/fileformat/visiwave_vwr_type.rb index 7e048a16d9..92af418f47 100644 --- a/modules/exploits/windows/fileformat/visiwave_vwr_type.rb +++ b/modules/exploits/windows/fileformat/visiwave_vwr_type.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-2386' ], + [ 'OSVDB', '72464'], [ 'URL', 'http://www.visiwave.com/blog/index.php?/archives/4-Version-2.1.9-Released.html' ], [ 'URL', 'http://www.stratsec.net/Research/Advisories/VisiWave-Site-Survey-Report-Trusted-Pointer-%28SS-20'], ], diff --git a/modules/exploits/windows/fileformat/vlc_modplug_s3m.rb b/modules/exploits/windows/fileformat/vlc_modplug_s3m.rb index 9c0f75898a..cc8c810bb0 100644 --- a/modules/exploits/windows/fileformat/vlc_modplug_s3m.rb +++ b/modules/exploits/windows/fileformat/vlc_modplug_s3m.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-1574' ], + [ 'OSVDB', '72143' ], #[ 'BID', 'xxx' ], [ 'URL', 'http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commitdiff;h=aecef259828a89bb00c2e6f78e89de7363b2237b' ], [ 'URL', 'http://seclists.org/fulldisclosure/2011/Apr/113' ] diff --git a/modules/exploits/windows/fileformat/vlc_realtext.rb b/modules/exploits/windows/fileformat/vlc_realtext.rb index 7d818cfe17..9efaf4aa67 100644 --- a/modules/exploits/windows/fileformat/vlc_realtext.rb +++ b/modules/exploits/windows/fileformat/vlc_realtext.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '49809' ], [ 'CVE', '2008-5036' ], [ 'BID', '32125' ], [ 'URL', 'http://www.trapkit.de/advisories/TKADV2008-011.txt' ], diff --git a/modules/exploits/windows/fileformat/vlc_smb_uri.rb b/modules/exploits/windows/fileformat/vlc_smb_uri.rb index 3cf782bcc5..a2e8842571 100644 --- a/modules/exploits/windows/fileformat/vlc_smb_uri.rb +++ b/modules/exploits/windows/fileformat/vlc_smb_uri.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'BID', '35500' ], + [ 'OSVDB', '55509' ], [ 'CVE', '2009-2484' ], [ 'URL', 'http://git.videolan.org/?p=vlc.git;a=commit;h=e60a9038b13b5eb805a76755efc5c6d5e080180f' ], [ 'EDB', '9029' ] diff --git a/modules/exploits/windows/fileformat/vlc_webm.rb b/modules/exploits/windows/fileformat/vlc_webm.rb index ee4af96d26..381d95bef2 100644 --- a/modules/exploits/windows/fileformat/vlc_webm.rb +++ b/modules/exploits/windows/fileformat/vlc_webm.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'Dan Rosenberg' ], 'References' => [ + [ 'OSVDB', '70698' ], [ 'CVE', '2011-0531' ], [ 'BID', '46060' ], [ 'URL', 'http://git.videolan.org/?p=vlc.git&a=commitdiff&h=59491dcedffbf97612d2c572943b56ee4289dd07&hp=f085cfc1c95b922e3c750ee93ec58c3f2d5f7456' ], diff --git a/modules/exploits/windows/fileformat/vuplayer_cue.rb b/modules/exploits/windows/fileformat/vuplayer_cue.rb index afff026545..a4c85b7258 100644 --- a/modules/exploits/windows/fileformat/vuplayer_cue.rb +++ b/modules/exploits/windows/fileformat/vuplayer_cue.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ 'MC' ], 'References' => [ + [ 'OSVDB', '64581'], [ 'BID', '33960' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/vuplayer_m3u.rb b/modules/exploits/windows/fileformat/vuplayer_m3u.rb index 04c8260e80..d903b448c3 100644 --- a/modules/exploits/windows/fileformat/vuplayer_m3u.rb +++ b/modules/exploits/windows/fileformat/vuplayer_m3u.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-6251' ], + [ 'OSVDB', '31710' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/fileformat/watermark_master.rb b/modules/exploits/windows/fileformat/watermark_master.rb index 580a85d4dd..85a01388d8 100644 --- a/modules/exploits/windows/fileformat/watermark_master.rb +++ b/modules/exploits/windows/fileformat/watermark_master.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '99226' ], [ 'CVE', '2013-6935'], [ 'EBD', '29327' ] ], diff --git a/modules/exploits/windows/fileformat/winamp_maki_bof.rb b/modules/exploits/windows/fileformat/winamp_maki_bof.rb index 0efa716ec4..4a9d750ab8 100644 --- a/modules/exploits/windows/fileformat/winamp_maki_bof.rb +++ b/modules/exploits/windows/fileformat/winamp_maki_bof.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-1831'], + [ 'OSVDB', '54902'], [ 'BID', '35052'], [ 'EDB', '8783'], [ 'EDB', '8772'], diff --git a/modules/exploits/windows/fileformat/winrar_name_spoofing.rb b/modules/exploits/windows/fileformat/winrar_name_spoofing.rb index b323637e1c..451b5cdff1 100644 --- a/modules/exploits/windows/fileformat/winrar_name_spoofing.rb +++ b/modules/exploits/windows/fileformat/winrar_name_spoofing.rb @@ -26,11 +26,12 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'Author' => [ - 'chr1x', + 'chr1x', # Vulnerability discoverer according to OSVDB 'juan vazquez' # Metasploit module ], 'References' => [ + [ 'OSVDB', '62610' ], [ 'BID', '66383' ], [ 'URL', 'http://securityaffairs.co/wordpress/23623/hacking/winrar-zero-day.html'], [ 'URL', 'http://an7isec.blogspot.co.il/'] diff --git a/modules/exploits/windows/fileformat/wireshark_packet_dect.rb b/modules/exploits/windows/fileformat/wireshark_packet_dect.rb index 4448a44283..c9bc390b9c 100644 --- a/modules/exploits/windows/fileformat/wireshark_packet_dect.rb +++ b/modules/exploits/windows/fileformat/wireshark_packet_dect.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-1591'], + [ 'OSVDB', '71848'], [ 'URL', 'https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5838' ], [ 'URL', 'https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5836' ], [ 'EDB', '17185' ], diff --git a/modules/exploits/windows/fileformat/wm_downloader_m3u.rb b/modules/exploits/windows/fileformat/wm_downloader_m3u.rb index 61a4e5623e..c30ee3fbb9 100644 --- a/modules/exploits/windows/fileformat/wm_downloader_m3u.rb +++ b/modules/exploits/windows/fileformat/wm_downloader_m3u.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '66911'], [ 'EDB', '14497' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/xenorate_xpl_bof.rb b/modules/exploits/windows/fileformat/xenorate_xpl_bof.rb index 9893503a28..85090b33ae 100644 --- a/modules/exploits/windows/fileformat/xenorate_xpl_bof.rb +++ b/modules/exploits/windows/fileformat/xenorate_xpl_bof.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '57162' ], [ 'EDB', '10371' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/fileformat/xion_m3u_sehbof.rb b/modules/exploits/windows/fileformat/xion_m3u_sehbof.rb index 09e8a74f6d..461b7f28bc 100644 --- a/modules/exploits/windows/fileformat/xion_m3u_sehbof.rb +++ b/modules/exploits/windows/fileformat/xion_m3u_sehbof.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ #[ 'CVE', '' ], + [ 'OSVDB', '66912'], [ 'EDB', '14517' ], [ 'EDB', '14633' ], [ 'EDB', '15598' ] diff --git a/modules/exploits/windows/fileformat/zinfaudioplayer221_pls.rb b/modules/exploits/windows/fileformat/zinfaudioplayer221_pls.rb index d6a87c5189..c2d91d9795 100644 --- a/modules/exploits/windows/fileformat/zinfaudioplayer221_pls.rb +++ b/modules/exploits/windows/fileformat/zinfaudioplayer221_pls.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-0964' ], + [ 'OSVDB', '10416' ], [ 'EDB', '7888' ], [ 'BID', '11248' ], ], diff --git a/modules/exploits/windows/firewall/blackice_pam_icq.rb b/modules/exploits/windows/firewall/blackice_pam_icq.rb index 6f3cb5a1fa..af6d02d283 100644 --- a/modules/exploits/windows/firewall/blackice_pam_icq.rb +++ b/modules/exploits/windows/firewall/blackice_pam_icq.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2004-0362'], + ['OSVDB', '4355'], ['URL', 'http://www.eeye.com/html/Research/Advisories/AD20040318.html'] ], 'Payload' => diff --git a/modules/exploits/windows/firewall/kerio_auth.rb b/modules/exploits/windows/firewall/kerio_auth.rb index cba55b47c3..3bcb0cf970 100644 --- a/modules/exploits/windows/firewall/kerio_auth.rb +++ b/modules/exploits/windows/firewall/kerio_auth.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2003-0220'], + ['OSVDB', '6294'], ['BID', '7180'] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/32bitftp_list_reply.rb b/modules/exploits/windows/ftp/32bitftp_list_reply.rb index 33f548419b..72d911d5a4 100644 --- a/modules/exploits/windows/ftp/32bitftp_list_reply.rb +++ b/modules/exploits/windows/ftp/32bitftp_list_reply.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '68703' ], [ 'URL', 'http://www.corelan.be:8800/index.php/2010/10/12/death-of-an-ftp-client/' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/3cdaemon_ftp_user.rb b/modules/exploits/windows/ftp/3cdaemon_ftp_user.rb index 9019afbf5e..f4e9760d84 100644 --- a/modules/exploits/windows/ftp/3cdaemon_ftp_user.rb +++ b/modules/exploits/windows/ftp/3cdaemon_ftp_user.rb @@ -29,6 +29,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0277'], + [ 'OSVDB', '12810'], + [ 'OSVDB', '12811'], [ 'BID', '12155'] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/aasync_list_reply.rb b/modules/exploits/windows/ftp/aasync_list_reply.rb index 7dd5601953..266e3fc0fa 100644 --- a/modules/exploits/windows/ftp/aasync_list_reply.rb +++ b/modules/exploits/windows/ftp/aasync_list_reply.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '68701' ], [ 'EDB', '16738' ], [ 'URL', 'http://www.corelan.be:8800/index.php/2010/10/12/death-of-an-ftp-client/' ] ], diff --git a/modules/exploits/windows/ftp/ability_server_stor.rb b/modules/exploits/windows/ftp/ability_server_stor.rb index 613db2a9aa..13a3d851d9 100644 --- a/modules/exploits/windows/ftp/ability_server_stor.rb +++ b/modules/exploits/windows/ftp/ability_server_stor.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1626' ], + [ 'OSVDB', '11030'], [ 'EDB', '588'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/absolute_ftp_list_bof.rb b/modules/exploits/windows/ftp/absolute_ftp_list_bof.rb index 0b3f16c48c..7eb93075e6 100644 --- a/modules/exploits/windows/ftp/absolute_ftp_list_bof.rb +++ b/modules/exploits/windows/ftp/absolute_ftp_list_bof.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-5164' ], + [ 'OSVDB', '77105' ], [ 'EDB', '18102' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/cesarftp_mkd.rb b/modules/exploits/windows/ftp/cesarftp_mkd.rb index 9da3cfeff2..68622d600e 100644 --- a/modules/exploits/windows/ftp/cesarftp_mkd.rb +++ b/modules/exploits/windows/ftp/cesarftp_mkd.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-2961'], + [ 'OSVDB', '26364'], [ 'BID', '18586'], [ 'URL', 'http://secunia.com/advisories/20574/' ], ], diff --git a/modules/exploits/windows/ftp/comsnd_ftpd_fmtstr.rb b/modules/exploits/windows/ftp/comsnd_ftpd_fmtstr.rb index 0a3860e224..207d0f486d 100644 --- a/modules/exploits/windows/ftp/comsnd_ftpd_fmtstr.rb +++ b/modules/exploits/windows/ftp/comsnd_ftpd_fmtstr.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ # When a DoS is NOT a DoS + [ 'OSVDB', '82798'], [ 'EDB', '19024'] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/dreamftp_format.rb b/modules/exploits/windows/ftp/dreamftp_format.rb index 97d36b0506..e0a1ab643f 100644 --- a/modules/exploits/windows/ftp/dreamftp_format.rb +++ b/modules/exploits/windows/ftp/dreamftp_format.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-2074'], + [ 'OSVDB', '4986'], [ 'BID', '9800'], [ 'EDB', '823'] ], diff --git a/modules/exploits/windows/ftp/easyfilesharing_pass.rb b/modules/exploits/windows/ftp/easyfilesharing_pass.rb index 42c059b574..1e4f688b9b 100644 --- a/modules/exploits/windows/ftp/easyfilesharing_pass.rb +++ b/modules/exploits/windows/ftp/easyfilesharing_pass.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-3952' ], + [ 'OSVDB', '27646' ], [ 'BID', '19243' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/ftp/easyftp_cwd_fixret.rb b/modules/exploits/windows/ftp/easyftp_cwd_fixret.rb index f976d1ed64..2ced587670 100644 --- a/modules/exploits/windows/ftp/easyftp_cwd_fixret.rb +++ b/modules/exploits/windows/ftp/easyftp_cwd_fixret.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '62134' ], [ 'BID', '38262' ], [ 'URL', 'http://paulmakowski.wordpress.com/2010/02/28/increasing-payload-size-w-return-address-overwrite/' ], [ 'URL', 'http://paulmakowski.wordpress.com/2010/04/19/metasploit-plugin-for-easyftp-server-exploit' ], diff --git a/modules/exploits/windows/ftp/easyftp_list_fixret.rb b/modules/exploits/windows/ftp/easyftp_list_fixret.rb index 2558f77b07..67dce18c44 100644 --- a/modules/exploits/windows/ftp/easyftp_list_fixret.rb +++ b/modules/exploits/windows/ftp/easyftp_list_fixret.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '62134' ], [ 'EDB', '14400' ], [ 'EDB', '14451' ] ], diff --git a/modules/exploits/windows/ftp/easyftp_mkd_fixret.rb b/modules/exploits/windows/ftp/easyftp_mkd_fixret.rb index 1da17acbc9..fef06a6196 100644 --- a/modules/exploits/windows/ftp/easyftp_mkd_fixret.rb +++ b/modules/exploits/windows/ftp/easyftp_mkd_fixret.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '62134' ], [ 'EDB', '12044' ], [ 'EDB', '14399' ] ], diff --git a/modules/exploits/windows/ftp/filecopa_list_overflow.rb b/modules/exploits/windows/ftp/filecopa_list_overflow.rb index 2720c64153..dbbe479d36 100644 --- a/modules/exploits/windows/ftp/filecopa_list_overflow.rb +++ b/modules/exploits/windows/ftp/filecopa_list_overflow.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-3726' ], + [ 'OSVDB', '27389' ], [ 'BID', '19065' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/ftp/filewrangler_list_reply.rb b/modules/exploits/windows/ftp/filewrangler_list_reply.rb index 3799546b62..763701eddd 100644 --- a/modules/exploits/windows/ftp/filewrangler_list_reply.rb +++ b/modules/exploits/windows/ftp/filewrangler_list_reply.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '94555' ], [ 'URL', 'http://www.corelan.be:8800/index.php/2010/10/12/death-of-an-ftp-client/' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/freefloatftp_user.rb b/modules/exploits/windows/ftp/freefloatftp_user.rb index 105ea08aff..1a21d31d2b 100644 --- a/modules/exploits/windows/ftp/freefloatftp_user.rb +++ b/modules/exploits/windows/ftp/freefloatftp_user.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '69621'], [ 'EDB', '23243'] ], 'Privileged' => false, diff --git a/modules/exploits/windows/ftp/freefloatftp_wbem.rb b/modules/exploits/windows/ftp/freefloatftp_wbem.rb index 39445d67cb..31e7f97f65 100644 --- a/modules/exploits/windows/ftp/freefloatftp_wbem.rb +++ b/modules/exploits/windows/ftp/freefloatftp_wbem.rb @@ -32,6 +32,8 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '88302'], + ['OSVDB', '88303'] ], 'Platform' => 'win', 'Targets' => diff --git a/modules/exploits/windows/ftp/freeftpd_pass.rb b/modules/exploits/windows/ftp/freeftpd_pass.rb index 818acd5fed..15638bd5ee 100644 --- a/modules/exploits/windows/ftp/freeftpd_pass.rb +++ b/modules/exploits/windows/ftp/freeftpd_pass.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '96517'], ['EDB', '27747'], ['BID', '61905'] ], diff --git a/modules/exploits/windows/ftp/freeftpd_user.rb b/modules/exploits/windows/ftp/freeftpd_user.rb index 8b634c2fa9..dfd218bd16 100644 --- a/modules/exploits/windows/ftp/freeftpd_user.rb +++ b/modules/exploits/windows/ftp/freeftpd_user.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-3683'], + [ 'OSVDB', '20909'], [ 'BID', '15457'] ], 'Privileged' => false, diff --git a/modules/exploits/windows/ftp/ftpgetter_pwd_reply.rb b/modules/exploits/windows/ftp/ftpgetter_pwd_reply.rb index 0be58d0deb..4a3f5c083e 100644 --- a/modules/exploits/windows/ftp/ftpgetter_pwd_reply.rb +++ b/modules/exploits/windows/ftp/ftpgetter_pwd_reply.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '68638'], [ 'URL', 'http://www.corelan.be:8800/index.php/2010/10/12/death-of-an-ftp-client/' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/ftppad_list_reply.rb b/modules/exploits/windows/ftp/ftppad_list_reply.rb index f3e3c96926..51f8a6e1bd 100644 --- a/modules/exploits/windows/ftp/ftppad_list_reply.rb +++ b/modules/exploits/windows/ftp/ftppad_list_reply.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '68714' ], [ 'URL', 'http://www.corelan.be:8800/index.php/2010/10/12/death-of-an-ftp-client/' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/ftpshell51_pwd_reply.rb b/modules/exploits/windows/ftp/ftpshell51_pwd_reply.rb index 975012c950..31744286f0 100644 --- a/modules/exploits/windows/ftp/ftpshell51_pwd_reply.rb +++ b/modules/exploits/windows/ftp/ftpshell51_pwd_reply.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '68639'], [ 'URL', 'http://www.corelan.be:8800/index.php/2010/10/12/death-of-an-ftp-client/' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/gekkomgr_list_reply.rb b/modules/exploits/windows/ftp/gekkomgr_list_reply.rb index 44062a776e..43328997c2 100644 --- a/modules/exploits/windows/ftp/gekkomgr_list_reply.rb +++ b/modules/exploits/windows/ftp/gekkomgr_list_reply.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '68641'], [ 'URL', 'http://www.corelan.be:8800/index.php/2010/10/12/death-of-an-ftp-client/' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/globalscapeftp_input.rb b/modules/exploits/windows/ftp/globalscapeftp_input.rb index a020dd7f4e..57bb580aac 100644 --- a/modules/exploits/windows/ftp/globalscapeftp_input.rb +++ b/modules/exploits/windows/ftp/globalscapeftp_input.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-1415'], + [ 'OSVDB', '16049'], [ 'BID', '13454'], [ 'URL', 'http://archives.neohapsis.com/archives/fulldisclosure/2005-04/0674.html'], ], diff --git a/modules/exploits/windows/ftp/goldenftp_pass_bof.rb b/modules/exploits/windows/ftp/goldenftp_pass_bof.rb index c7b7d8bbcf..390c85c097 100644 --- a/modules/exploits/windows/ftp/goldenftp_pass_bof.rb +++ b/modules/exploits/windows/ftp/goldenftp_pass_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-6576'], + [ 'OSVDB', '35951'], [ 'BID', '45957'], [ 'EDB', '16036'], ], diff --git a/modules/exploits/windows/ftp/httpdx_tolog_format.rb b/modules/exploits/windows/ftp/httpdx_tolog_format.rb index 4ae339376c..4afa3776fd 100644 --- a/modules/exploits/windows/ftp/httpdx_tolog_format.rb +++ b/modules/exploits/windows/ftp/httpdx_tolog_format.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-4769' ], + [ 'OSVDB', '60181' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/ftp/leapftp_list_reply.rb b/modules/exploits/windows/ftp/leapftp_list_reply.rb index d23f78bc94..824d7e0e35 100644 --- a/modules/exploits/windows/ftp/leapftp_list_reply.rb +++ b/modules/exploits/windows/ftp/leapftp_list_reply.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '68640'], [ 'URL', 'http://www.corelan.be:8800/index.php/2010/10/12/death-of-an-ftp-client/' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/leapftp_pasv_reply.rb b/modules/exploits/windows/ftp/leapftp_pasv_reply.rb index d2d2783773..a0be93b3b8 100644 --- a/modules/exploits/windows/ftp/leapftp_pasv_reply.rb +++ b/modules/exploits/windows/ftp/leapftp_pasv_reply.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0558' ], + [ 'OSVDB', '4587' ], [ 'BID', '7860' ], [ 'EDB', '54' ] ], diff --git a/modules/exploits/windows/ftp/ms09_053_ftpd_nlst.rb b/modules/exploits/windows/ftp/ms09_053_ftpd_nlst.rb index 3424444924..a9cf6d302a 100644 --- a/modules/exploits/windows/ftp/ms09_053_ftpd_nlst.rb +++ b/modules/exploits/windows/ftp/ms09_053_ftpd_nlst.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote [ ['EDB', '9541'], ['CVE', '2009-3023'], + ['OSVDB', '57589'], ['BID', '36189'], ['MSB', 'MS09-053'], ], diff --git a/modules/exploits/windows/ftp/netterm_netftpd_user.rb b/modules/exploits/windows/ftp/netterm_netftpd_user.rb index 4f083f73fc..df8a083f4a 100644 --- a/modules/exploits/windows/ftp/netterm_netftpd_user.rb +++ b/modules/exploits/windows/ftp/netterm_netftpd_user.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-1323'], + [ 'OSVDB', '15865'], [ 'URL', 'http://seclists.org/lists/fulldisclosure/2005/Apr/0578.html'], [ 'BID', '13396'], ], diff --git a/modules/exploits/windows/ftp/odin_list_reply.rb b/modules/exploits/windows/ftp/odin_list_reply.rb index 1c47c82f06..afe59385b0 100644 --- a/modules/exploits/windows/ftp/odin_list_reply.rb +++ b/modules/exploits/windows/ftp/odin_list_reply.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '68824' ], [ 'URL', 'http://www.corelan.be:8800/index.php/2010/10/12/death-of-an-ftp-client/' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/open_ftpd_wbem.rb b/modules/exploits/windows/ftp/open_ftpd_wbem.rb index 096e2d5fcc..92f731b177 100644 --- a/modules/exploits/windows/ftp/open_ftpd_wbem.rb +++ b/modules/exploits/windows/ftp/open_ftpd_wbem.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '65687'], ['EDB', '13932'], ['CVE', '2010-2620'] ], diff --git a/modules/exploits/windows/ftp/oracle9i_xdb_ftp_pass.rb b/modules/exploits/windows/ftp/oracle9i_xdb_ftp_pass.rb index 43f15736cc..592bad109b 100644 --- a/modules/exploits/windows/ftp/oracle9i_xdb_ftp_pass.rb +++ b/modules/exploits/windows/ftp/oracle9i_xdb_ftp_pass.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0727'], + [ 'OSVDB', '2449'], [ 'BID', '8375'], [ 'URL', 'http://www.blackhat.com/presentations/bh-usa-03/bh-us-03-litchfield-paper.pdf'], ], diff --git a/modules/exploits/windows/ftp/oracle9i_xdb_ftp_unlock.rb b/modules/exploits/windows/ftp/oracle9i_xdb_ftp_unlock.rb index af6c6b3440..aa1c8cb6d8 100644 --- a/modules/exploits/windows/ftp/oracle9i_xdb_ftp_unlock.rb +++ b/modules/exploits/windows/ftp/oracle9i_xdb_ftp_unlock.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0727'], + [ 'OSVDB', '2449'], [ 'BID', '8375'], [ 'URL', 'http://www.blackhat.com/presentations/bh-usa-03/bh-us-03-litchfield-paper.pdf'], ], diff --git a/modules/exploits/windows/ftp/pcman_put.rb b/modules/exploits/windows/ftp/pcman_put.rb index 5045005c41..0379c0c577 100644 --- a/modules/exploits/windows/ftp/pcman_put.rb +++ b/modules/exploits/windows/ftp/pcman_put.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'EDB', '37731'], + [ 'OSVDB', '94624'] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/ftp/pcman_stor.rb b/modules/exploits/windows/ftp/pcman_stor.rb index 88e80bd852..9ec9e76e93 100644 --- a/modules/exploits/windows/ftp/pcman_stor.rb +++ b/modules/exploits/windows/ftp/pcman_stor.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '94624'], [ 'EDB', '27703'] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/proftp_banner.rb b/modules/exploits/windows/ftp/proftp_banner.rb index b8da3432d2..c5565db2f1 100644 --- a/modules/exploits/windows/ftp/proftp_banner.rb +++ b/modules/exploits/windows/ftp/proftp_banner.rb @@ -20,6 +20,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3976' ], + [ 'OSVDB', '57394' ], [ 'URL', 'http://www.labtam-inc.com/index.php?act=products&pid=1' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/quickshare_traversal_write.rb b/modules/exploits/windows/ftp/quickshare_traversal_write.rb index 3818f8f67c..343134c41c 100644 --- a/modules/exploits/windows/ftp/quickshare_traversal_write.rb +++ b/modules/exploits/windows/ftp/quickshare_traversal_write.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '70776'], ['EDB', '16105'], ['URL', 'http://www.quicksharehq.com/blog/quickshare-file-server-1-2-2-released.html'], ['URL', 'http://www.digital-echidna.org/2011/02/quickshare-file-share-1-2-1-directory-traversal-vulnerability/'] diff --git a/modules/exploits/windows/ftp/ricoh_dl_bof.rb b/modules/exploits/windows/ftp/ricoh_dl_bof.rb index 8d8a172960..0d36500d61 100644 --- a/modules/exploits/windows/ftp/ricoh_dl_bof.rb +++ b/modules/exploits/windows/ftp/ricoh_dl_bof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-5002'], + ['OSVDB', '79691'], ['URL', 'http://secunia.com/advisories/47912'], ['URL', 'http://www.inshell.net/2012/03/ricoh-dc-software-dl-10-ftp-server-sr10-exe-remote-buffer-overflow-vulnerability/'] ], diff --git a/modules/exploits/windows/ftp/sami_ftpd_list.rb b/modules/exploits/windows/ftp/sami_ftpd_list.rb index 54babf3544..ffc7d788f1 100644 --- a/modules/exploits/windows/ftp/sami_ftpd_list.rb +++ b/modules/exploits/windows/ftp/sami_ftpd_list.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '90815'], [ 'BID', '58247'], [ 'EDB', '24557'] ], diff --git a/modules/exploits/windows/ftp/sami_ftpd_user.rb b/modules/exploits/windows/ftp/sami_ftpd_user.rb index f806908634..6f204555fd 100644 --- a/modules/exploits/windows/ftp/sami_ftpd_user.rb +++ b/modules/exploits/windows/ftp/sami_ftpd_user.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote # This exploit appears to have been reported multiple times. [ 'CVE', '2006-0441'], [ 'CVE', '2006-2212'], + [ 'OSVDB', '25670'], [ 'BID', '16370'], [ 'BID', '22045'], [ 'BID', '17835'], diff --git a/modules/exploits/windows/ftp/sasser_ftpd_port.rb b/modules/exploits/windows/ftp/sasser_ftpd_port.rb index c287d5cd81..42d0bf5062 100644 --- a/modules/exploits/windows/ftp/sasser_ftpd_port.rb +++ b/modules/exploits/windows/ftp/sasser_ftpd_port.rb @@ -20,6 +20,10 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => [ '', '', 'patrick' ], 'Arch' => [ ARCH_X86 ], 'License' => MSF_LICENSE, + 'References' => + [ + [ 'OSVDB', '6197'], + ], 'DefaultOptions' => { 'EXITFUNC' => 'thread', diff --git a/modules/exploits/windows/ftp/scriptftp_list.rb b/modules/exploits/windows/ftp/scriptftp_list.rb index 5e0cc90d17..13c7fdf422 100644 --- a/modules/exploits/windows/ftp/scriptftp_list.rb +++ b/modules/exploits/windows/ftp/scriptftp_list.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-3976' ], + [ 'OSVDB', '75633' ], [ 'EDB', '17876' ], [ 'US-CERT-VU', '440219' ] ], diff --git a/modules/exploits/windows/ftp/seagull_list_reply.rb b/modules/exploits/windows/ftp/seagull_list_reply.rb index 327cc9223f..a3bfa6be94 100644 --- a/modules/exploits/windows/ftp/seagull_list_reply.rb +++ b/modules/exploits/windows/ftp/seagull_list_reply.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '94556' ], [ 'URL', 'http://www.corelan.be:8800/index.php/2010/10/12/death-of-an-ftp-client/' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/servu_chmod.rb b/modules/exploits/windows/ftp/servu_chmod.rb index a0c56927b2..6d5bcdc0ca 100644 --- a/modules/exploits/windows/ftp/servu_chmod.rb +++ b/modules/exploits/windows/ftp/servu_chmod.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-2111'], + [ 'OSVDB', '3713'], [ 'BID', '9483'], ], 'Privileged' => true, diff --git a/modules/exploits/windows/ftp/servu_mdtm.rb b/modules/exploits/windows/ftp/servu_mdtm.rb index 2820320c05..eb547b3b9a 100644 --- a/modules/exploits/windows/ftp/servu_mdtm.rb +++ b/modules/exploits/windows/ftp/servu_mdtm.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-0330'], + [ 'OSVDB', '4073'], [ 'URL', 'http://archives.neohapsis.com/archives/bugtraq/2004-02/0654.html'], [ 'BID', '9751'], ], diff --git a/modules/exploits/windows/ftp/slimftpd_list_concat.rb b/modules/exploits/windows/ftp/slimftpd_list_concat.rb index 8d1c920663..5be79c2078 100644 --- a/modules/exploits/windows/ftp/slimftpd_list_concat.rb +++ b/modules/exploits/windows/ftp/slimftpd_list_concat.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-2373'], + [ 'OSVDB', '18172'], [ 'BID', '14339'], ], 'Privileged' => false, diff --git a/modules/exploits/windows/ftp/trellian_client_pasv.rb b/modules/exploits/windows/ftp/trellian_client_pasv.rb index 80d78d5f0e..0ed324112a 100644 --- a/modules/exploits/windows/ftp/trellian_client_pasv.rb +++ b/modules/exploits/windows/ftp/trellian_client_pasv.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1465'], + [ 'OSVDB', '63812'], [ 'EDB', '12152' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/turboftp_port.rb b/modules/exploits/windows/ftp/turboftp_port.rb index b33f910ed7..57a026c205 100644 --- a/modules/exploits/windows/ftp/turboftp_port.rb +++ b/modules/exploits/windows/ftp/turboftp_port.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'EDB', '22161' ], + [ 'OSVDB', '85887' ] ], 'Payload' => { diff --git a/modules/exploits/windows/ftp/vermillion_ftpd_port.rb b/modules/exploits/windows/ftp/vermillion_ftpd_port.rb index 617c6f2d72..18fc0971bb 100644 --- a/modules/exploits/windows/ftp/vermillion_ftpd_port.rb +++ b/modules/exploits/windows/ftp/vermillion_ftpd_port.rb @@ -48,6 +48,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '62163' ], [ 'EDB', '11293' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/warftpd_165_pass.rb b/modules/exploits/windows/ftp/warftpd_165_pass.rb index ee8556ca8d..7c797946c4 100644 --- a/modules/exploits/windows/ftp/warftpd_165_pass.rb +++ b/modules/exploits/windows/ftp/warftpd_165_pass.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '1999-0256'], + [ 'OSVDB', '875' ], [ 'BID', '10078' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/warftpd_165_user.rb b/modules/exploits/windows/ftp/warftpd_165_user.rb index f919b60f17..4337793eac 100644 --- a/modules/exploits/windows/ftp/warftpd_165_user.rb +++ b/modules/exploits/windows/ftp/warftpd_165_user.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '1999-0256'], + [ 'OSVDB', '875' ], [ 'BID', '10078' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/wftpd_size.rb b/modules/exploits/windows/ftp/wftpd_size.rb index 7a2483de54..109c13a220 100644 --- a/modules/exploits/windows/ftp/wftpd_size.rb +++ b/modules/exploits/windows/ftp/wftpd_size.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-4318' ], + [ 'OSVDB', '28134' ], [ 'BID', '19617' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/ftp/wsftp_server_503_mkd.rb b/modules/exploits/windows/ftp/wsftp_server_503_mkd.rb index 7a2b62a22b..4ecd12e46f 100644 --- a/modules/exploits/windows/ftp/wsftp_server_503_mkd.rb +++ b/modules/exploits/windows/ftp/wsftp_server_503_mkd.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1135' ], + [ 'OSVDB', '12509' ], [ 'BID', '11772'], ], 'Privileged' => false, diff --git a/modules/exploits/windows/ftp/wsftp_server_505_xmd5.rb b/modules/exploits/windows/ftp/wsftp_server_505_xmd5.rb index 42cf985fed..e73dc1f1e4 100644 --- a/modules/exploits/windows/ftp/wsftp_server_505_xmd5.rb +++ b/modules/exploits/windows/ftp/wsftp_server_505_xmd5.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-4847' ], + [ 'OSVDB', '28939' ], [ 'BID', '20076' ], ], 'Privileged' => false, diff --git a/modules/exploits/windows/ftp/xftp_client_pwd.rb b/modules/exploits/windows/ftp/xftp_client_pwd.rb index 03cd3be7dd..56db38b8d8 100644 --- a/modules/exploits/windows/ftp/xftp_client_pwd.rb +++ b/modules/exploits/windows/ftp/xftp_client_pwd.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '63968'], [ 'EDB', '12332' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/xlink_client.rb b/modules/exploits/windows/ftp/xlink_client.rb index 776af4caad..fac246c6f9 100644 --- a/modules/exploits/windows/ftp/xlink_client.rb +++ b/modules/exploits/windows/ftp/xlink_client.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-5792' ], + [ 'OSVDB', '33969' ], [ 'URL', 'http://www.xlink.com' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ftp/xlink_server.rb b/modules/exploits/windows/ftp/xlink_server.rb index 326a08435a..89ce3fd299 100644 --- a/modules/exploits/windows/ftp/xlink_server.rb +++ b/modules/exploits/windows/ftp/xlink_server.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-5792' ], + [ 'OSVDB', '58646' ], [ 'URL', 'http://www.xlink.com' ] ], 'Privileged' => true, diff --git a/modules/exploits/windows/games/mohaa_getinfo.rb b/modules/exploits/windows/games/mohaa_getinfo.rb index 3c00b265f3..6589171d8d 100644 --- a/modules/exploits/windows/games/mohaa_getinfo.rb +++ b/modules/exploits/windows/games/mohaa_getinfo.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-0735'], + [ 'OSVDB', '8061' ], [ 'EDB', '357'], [ 'BID', '10743'], ], diff --git a/modules/exploits/windows/games/racer_503beta5.rb b/modules/exploits/windows/games/racer_503beta5.rb index 12aa4970ff..5a4354bc73 100644 --- a/modules/exploits/windows/games/racer_503beta5.rb +++ b/modules/exploits/windows/games/racer_503beta5.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-4370' ], + [ 'OSVDB', '39601' ], [ 'EDB', '4283' ], [ 'BID', '25297' ], ], diff --git a/modules/exploits/windows/games/ut2004_secure.rb b/modules/exploits/windows/games/ut2004_secure.rb index d2b041eb3a..e0349a6926 100644 --- a/modules/exploits/windows/games/ut2004_secure.rb +++ b/modules/exploits/windows/games/ut2004_secure.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-0608'], + [ 'OSVDB', '7217'], [ 'BID', '10570'], ], diff --git a/modules/exploits/windows/http/adobe_robohelper_authbypass.rb b/modules/exploits/windows/http/adobe_robohelper_authbypass.rb index 5f674117b1..a4f19815f1 100644 --- a/modules/exploits/windows/http/adobe_robohelper_authbypass.rb +++ b/modules/exploits/windows/http/adobe_robohelper_authbypass.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3068' ], + [ 'OSVDB', '57896'], [ 'URL', 'http://www.intevydis.com/blog/?p=69' ], [ 'ZDI', '09-066' ], ], diff --git a/modules/exploits/windows/http/altn_securitygateway.rb b/modules/exploits/windows/http/altn_securitygateway.rb index ee92c38623..330a09117d 100644 --- a/modules/exploits/windows/http/altn_securitygateway.rb +++ b/modules/exploits/windows/http/altn_securitygateway.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-4193' ], + [ 'OSVDB', '45854' ], [ 'BID', '29457'] ], 'Privileged' => true, diff --git a/modules/exploits/windows/http/altn_webadmin.rb b/modules/exploits/windows/http/altn_webadmin.rb index 35763e8c02..62df0874e3 100644 --- a/modules/exploits/windows/http/altn_webadmin.rb +++ b/modules/exploits/windows/http/altn_webadmin.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0471' ], + [ 'OSVDB', '2207' ], [ 'BID', '8024'], [ 'URL', 'http://www.nessus.org/plugins/index.php?view=single&id=11771'] ], diff --git a/modules/exploits/windows/http/amlibweb_webquerydll_app.rb b/modules/exploits/windows/http/amlibweb_webquerydll_app.rb index e55d555e84..dc3171e2d5 100644 --- a/modules/exploits/windows/http/amlibweb_webquerydll_app.rb +++ b/modules/exploits/windows/http/amlibweb_webquerydll_app.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '66814' ], [ 'BID', '42293' ], [ 'URL', 'http://www.aushack.com/advisories/' ], ], diff --git a/modules/exploits/windows/http/apache_chunked.rb b/modules/exploits/windows/http/apache_chunked.rb index 1bb300375d..99a7f4e393 100644 --- a/modules/exploits/windows/http/apache_chunked.rb +++ b/modules/exploits/windows/http/apache_chunked.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2002-0392' ], + [ 'OSVDB', '838'], [ 'BID', '5033' ] ], 'Privileged' => true, diff --git a/modules/exploits/windows/http/apache_mod_rewrite_ldap.rb b/modules/exploits/windows/http/apache_mod_rewrite_ldap.rb index 76b61ae61f..d2f50d14d3 100644 --- a/modules/exploits/windows/http/apache_mod_rewrite_ldap.rb +++ b/modules/exploits/windows/http/apache_mod_rewrite_ldap.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-3747' ], + [ 'OSVDB', '27588' ], [ 'BID', '19204' ], [ 'URL', 'http://archives.neohapsis.com/archives/bugtraq/2006-07/0514.html' ], [ 'EDB', '3680' ], diff --git a/modules/exploits/windows/http/apache_modjk_overflow.rb b/modules/exploits/windows/http/apache_modjk_overflow.rb index f111bc03f6..add74bc934 100644 --- a/modules/exploits/windows/http/apache_modjk_overflow.rb +++ b/modules/exploits/windows/http/apache_modjk_overflow.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-0774' ], + [ 'OSVDB', '33855' ], [ 'BID', '22791' ], [ 'ZDI', '07-008' ] ], diff --git a/modules/exploits/windows/http/avaya_ccr_imageupload_exec.rb b/modules/exploits/windows/http/avaya_ccr_imageupload_exec.rb index 188ad00005..690467f2e8 100644 --- a/modules/exploits/windows/http/avaya_ccr_imageupload_exec.rb +++ b/modules/exploits/windows/http/avaya_ccr_imageupload_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-3811' ], + [ 'OSVDB', '83399' ], [ 'BID', '54225' ], [ 'URL', 'https://downloads.avaya.com/css/P8/documents/100164021' ], [ 'ZDI', '12-106' ] diff --git a/modules/exploits/windows/http/badblue_ext_overflow.rb b/modules/exploits/windows/http/badblue_ext_overflow.rb index 0941ac279a..8ea6438d3a 100644 --- a/modules/exploits/windows/http/badblue_ext_overflow.rb +++ b/modules/exploits/windows/http/badblue_ext_overflow.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0595' ], + [ 'OSVDB', '14238' ], [ 'BID', '7387' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/badblue_passthru.rb b/modules/exploits/windows/http/badblue_passthru.rb index 9e57731369..841642ef04 100644 --- a/modules/exploits/windows/http/badblue_passthru.rb +++ b/modules/exploits/windows/http/badblue_passthru.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-6377'], + ['OSVDB', '42416'], ['BID', '26803'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/bea_weblogic_jsessionid.rb b/modules/exploits/windows/http/bea_weblogic_jsessionid.rb index 85a302671b..f17d84ac56 100644 --- a/modules/exploits/windows/http/bea_weblogic_jsessionid.rb +++ b/modules/exploits/windows/http/bea_weblogic_jsessionid.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-5457' ], + [ 'OSVDB', '51311' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/http/bea_weblogic_post_bof.rb b/modules/exploits/windows/http/bea_weblogic_post_bof.rb index ad36cdec88..e9fbfad2f7 100644 --- a/modules/exploits/windows/http/bea_weblogic_post_bof.rb +++ b/modules/exploits/windows/http/bea_weblogic_post_bof.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-3257' ], + [ 'OSVDB', '47096' ], [ 'BID', '30273' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/bea_weblogic_transfer_encoding.rb b/modules/exploits/windows/http/bea_weblogic_transfer_encoding.rb index 8d76a1978b..58e78c7b8d 100644 --- a/modules/exploits/windows/http/bea_weblogic_transfer_encoding.rb +++ b/modules/exploits/windows/http/bea_weblogic_transfer_encoding.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-4008' ], + [ 'OSVDB', '49283' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/http/belkin_bulldog.rb b/modules/exploits/windows/http/belkin_bulldog.rb index c0d00a059f..0f139255d0 100644 --- a/modules/exploits/windows/http/belkin_bulldog.rb +++ b/modules/exploits/windows/http/belkin_bulldog.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '54395' ], [ 'BID', '34033' ], [ 'EDB', '8173' ] ], diff --git a/modules/exploits/windows/http/ca_arcserve_rpc_authbypass.rb b/modules/exploits/windows/http/ca_arcserve_rpc_authbypass.rb index 8968ed9460..05e2613719 100644 --- a/modules/exploits/windows/http/ca_arcserve_rpc_authbypass.rb +++ b/modules/exploits/windows/http/ca_arcserve_rpc_authbypass.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-3011' ], + [ 'OSVDB', '74162' ], [ 'EDB', '17574' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/ca_igateway_debug.rb b/modules/exploits/windows/http/ca_igateway_debug.rb index f7672124d6..4069ec878d 100644 --- a/modules/exploits/windows/http/ca_igateway_debug.rb +++ b/modules/exploits/windows/http/ca_igateway_debug.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-3190' ], + [ 'OSVDB', '19920' ], [ 'URL', 'http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=33485' ], [ 'EDB', '1243' ], [ 'BID', '15025' ], diff --git a/modules/exploits/windows/http/ca_totaldefense_regeneratereports.rb b/modules/exploits/windows/http/ca_totaldefense_regeneratereports.rb index e1588fffd6..1b994c17e7 100644 --- a/modules/exploits/windows/http/ca_totaldefense_regeneratereports.rb +++ b/modules/exploits/windows/http/ca_totaldefense_regeneratereports.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'ZDI', '11-134' ], + [ 'OSVDB', '74968'], [ 'CVE', '2011-1653' ], ], 'Targets' => diff --git a/modules/exploits/windows/http/cogent_datahub_request_headers_bof.rb b/modules/exploits/windows/http/cogent_datahub_request_headers_bof.rb index 3701e8bd6a..11dc34709f 100644 --- a/modules/exploits/windows/http/cogent_datahub_request_headers_bof.rb +++ b/modules/exploits/windows/http/cogent_datahub_request_headers_bof.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '95819'], [ 'BID', '53455'], [ 'ZDI', '13-178' ], [ 'URL', 'http://www.cogentdatahub.com/Info/130712_ZDI-CAN-1915_Response.html'] diff --git a/modules/exploits/windows/http/coldfusion_fckeditor.rb b/modules/exploits/windows/http/coldfusion_fckeditor.rb index c7738476a4..4936809590 100644 --- a/modules/exploits/windows/http/coldfusion_fckeditor.rb +++ b/modules/exploits/windows/http/coldfusion_fckeditor.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-2265' ], + [ 'OSVDB', '55684'], ], 'Targets' => [ diff --git a/modules/exploits/windows/http/cyclope_ess_sqli.rb b/modules/exploits/windows/http/cyclope_ess_sqli.rb index 76ece90140..3ce543f576 100644 --- a/modules/exploits/windows/http/cyclope_ess_sqli.rb +++ b/modules/exploits/windows/http/cyclope_ess_sqli.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '84517'], ['EDB', '20393'] ], 'Payload' => diff --git a/modules/exploits/windows/http/desktopcentral_file_upload.rb b/modules/exploits/windows/http/desktopcentral_file_upload.rb index 4739f6dd6f..ea7669bbee 100644 --- a/modules/exploits/windows/http/desktopcentral_file_upload.rb +++ b/modules/exploits/windows/http/desktopcentral_file_upload.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2013-7390'], + ['OSVDB', '100008'], ['URL', 'http://security-assessment.com/files/documents/advisory/Desktop%20Central%20Arbitrary%20File%20Upload.pdf'], ['URL', 'http://seclists.org/fulldisclosure/2013/Nov/130'], ], diff --git a/modules/exploits/windows/http/desktopcentral_statusupdate_upload.rb b/modules/exploits/windows/http/desktopcentral_statusupdate_upload.rb index 3cfe8ecf94..ab88da7094 100644 --- a/modules/exploits/windows/http/desktopcentral_statusupdate_upload.rb +++ b/modules/exploits/windows/http/desktopcentral_statusupdate_upload.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2014-5005'], + ['OSVDB', '110643'], ['URL', 'http://seclists.org/fulldisclosure/2014/Aug/88'] ], 'Platform' => 'win', diff --git a/modules/exploits/windows/http/easyftp_list.rb b/modules/exploits/windows/http/easyftp_list.rb index 1fb042cf6d..0def8e6474 100644 --- a/modules/exploits/windows/http/easyftp_list.rb +++ b/modules/exploits/windows/http/easyftp_list.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '66614'], [ 'EDB', '11500' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/edirectory_host.rb b/modules/exploits/windows/http/edirectory_host.rb index 15802976a0..9dd6288406 100644 --- a/modules/exploits/windows/http/edirectory_host.rb +++ b/modules/exploits/windows/http/edirectory_host.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-5478'], + ['OSVDB', '29993'], ['BID', '20655'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/edirectory_imonitor.rb b/modules/exploits/windows/http/edirectory_imonitor.rb index 4fbaee07c7..b6b34663cd 100644 --- a/modules/exploits/windows/http/edirectory_imonitor.rb +++ b/modules/exploits/windows/http/edirectory_imonitor.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-2551'], + [ 'OSVDB', '18703'], [ 'BID', '14548'], ], 'Privileged' => true, diff --git a/modules/exploits/windows/http/efs_easychatserver_username.rb b/modules/exploits/windows/http/efs_easychatserver_username.rb index 25bb042727..6d763d06ed 100644 --- a/modules/exploits/windows/http/efs_easychatserver_username.rb +++ b/modules/exploits/windows/http/efs_easychatserver_username.rb @@ -30,6 +30,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-2466' ], + [ 'OSVDB', '7416' ], + [ 'OSVDB', '106841' ], [ 'BID', '25328' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/efs_fmws_userid_bof.rb b/modules/exploits/windows/http/efs_fmws_userid_bof.rb index 631745a63d..1ddad4cad6 100644 --- a/modules/exploits/windows/http/efs_fmws_userid_bof.rb +++ b/modules/exploits/windows/http/efs_fmws_userid_bof.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '107241'], ['EDB', '33610'], ['BID', '67542'], ['URL', 'http://www.cnnvd.org.cn/vulnerability/show/cv_id/2014050536'], diff --git a/modules/exploits/windows/http/ektron_xslt_exec.rb b/modules/exploits/windows/http/ektron_xslt_exec.rb index 2601cc7013..807f2ad8f2 100644 --- a/modules/exploits/windows/http/ektron_xslt_exec.rb +++ b/modules/exploits/windows/http/ektron_xslt_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-5357'], + [ 'OSVDB', '88107' ], [ 'URL', 'http://webstersprodigy.net/2012/10/25/cve-2012-5357cve-1012-5358-cool-ektron-xslt-rce-bugs/' ], [ 'URL', 'http://technet.microsoft.com/en-us/security/msvr/msvr12-016' ] ], diff --git a/modules/exploits/windows/http/ezserver_http.rb b/modules/exploits/windows/http/ezserver_http.rb index a1d7cf4e37..4b704d325e 100644 --- a/modules/exploits/windows/http/ezserver_http.rb +++ b/modules/exploits/windows/http/ezserver_http.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '83065' ], [ 'BID', '54056' ], [ 'EDB', '19266' ], [ 'URL', 'http://www.spentera.com/2012/06/ezhometech-ezserver-6-4-017-stack-overflow-vulnerability/' ] diff --git a/modules/exploits/windows/http/fdm_auth_header.rb b/modules/exploits/windows/http/fdm_auth_header.rb index 26a1bb4079..ba762f52b5 100644 --- a/modules/exploits/windows/http/fdm_auth_header.rb +++ b/modules/exploits/windows/http/fdm_auth_header.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-0183' ], + [ 'OSVDB', '51745' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/http/hp_imc_bims_upload.rb b/modules/exploits/windows/http/hp_imc_bims_upload.rb index 3cb47d851b..4396f25703 100644 --- a/modules/exploits/windows/http/hp_imc_bims_upload.rb +++ b/modules/exploits/windows/http/hp_imc_bims_upload.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-4822' ], + [ 'OSVDB', '98247' ], [ 'BID', '62895' ], [ 'ZDI', '13-238' ], [ 'URL', 'https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03943425' ] diff --git a/modules/exploits/windows/http/hp_imc_mibfileupload.rb b/modules/exploits/windows/http/hp_imc_mibfileupload.rb index 6b26b76926..169532851f 100644 --- a/modules/exploits/windows/http/hp_imc_mibfileupload.rb +++ b/modules/exploits/windows/http/hp_imc_mibfileupload.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-5201' ], + [ 'OSVDB', '91026' ], [ 'BID', '58385' ], [ 'ZDI', '13-050' ], [ 'URL', 'https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03689276' ] diff --git a/modules/exploits/windows/http/hp_loadrunner_copyfiletoserver.rb b/modules/exploits/windows/http/hp_loadrunner_copyfiletoserver.rb index 7b18c79d06..50e1585296 100644 --- a/modules/exploits/windows/http/hp_loadrunner_copyfiletoserver.rb +++ b/modules/exploits/windows/http/hp_loadrunner_copyfiletoserver.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-4837' ], + [ 'OSVDB', '99231' ], [ 'BID', '63475' ], [ 'ZDI', '13-259' ], [ 'URL', 'https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03969437' ] diff --git a/modules/exploits/windows/http/hp_mpa_job_acct.rb b/modules/exploits/windows/http/hp_mpa_job_acct.rb index 7575ed3f5f..1049d6673b 100644 --- a/modules/exploits/windows/http/hp_mpa_job_acct.rb +++ b/modules/exploits/windows/http/hp_mpa_job_acct.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-4166'], + ['OSVDB', '78015'], ['BID', '51174'], ['ZDI', '11-352'], ['URL', 'https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03128469'] diff --git a/modules/exploits/windows/http/hp_nnm_getnnmdata_hostname.rb b/modules/exploits/windows/http/hp_nnm_getnnmdata_hostname.rb index effba0e2a6..2294c8b669 100644 --- a/modules/exploits/windows/http/hp_nnm_getnnmdata_hostname.rb +++ b/modules/exploits/windows/http/hp_nnm_getnnmdata_hostname.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1555' ], + [ 'OSVDB', '64976' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/http/hp_nnm_getnnmdata_icount.rb b/modules/exploits/windows/http/hp_nnm_getnnmdata_icount.rb index 9360ca382f..11a8dad538 100644 --- a/modules/exploits/windows/http/hp_nnm_getnnmdata_icount.rb +++ b/modules/exploits/windows/http/hp_nnm_getnnmdata_icount.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1554' ], + [ 'OSVDB', '64976' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/http/hp_nnm_getnnmdata_maxage.rb b/modules/exploits/windows/http/hp_nnm_getnnmdata_maxage.rb index b2c1f36eb7..da06017e88 100644 --- a/modules/exploits/windows/http/hp_nnm_getnnmdata_maxage.rb +++ b/modules/exploits/windows/http/hp_nnm_getnnmdata_maxage.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1553' ], + [ 'OSVDB', '64976' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/http/hp_nnm_nnmrptconfig_nameparams.rb b/modules/exploits/windows/http/hp_nnm_nnmrptconfig_nameparams.rb index 79a56fdc5c..e219d739fc 100644 --- a/modules/exploits/windows/http/hp_nnm_nnmrptconfig_nameparams.rb +++ b/modules/exploits/windows/http/hp_nnm_nnmrptconfig_nameparams.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-0266'], + ['OSVDB', '70473'], ['ZDI', '11-008'] ], 'Payload' => diff --git a/modules/exploits/windows/http/hp_nnm_nnmrptconfig_schdparams.rb b/modules/exploits/windows/http/hp_nnm_nnmrptconfig_schdparams.rb index 4009cdddf0..241ec0cf1a 100644 --- a/modules/exploits/windows/http/hp_nnm_nnmrptconfig_schdparams.rb +++ b/modules/exploits/windows/http/hp_nnm_nnmrptconfig_schdparams.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-0267'], + ['OSVDB', '70473'], ['ZDI', '11-009'], ], 'Payload' => diff --git a/modules/exploits/windows/http/hp_nnm_openview5.rb b/modules/exploits/windows/http/hp_nnm_openview5.rb index c081368246..edff3b0c55 100644 --- a/modules/exploits/windows/http/hp_nnm_openview5.rb +++ b/modules/exploits/windows/http/hp_nnm_openview5.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-6204' ], + [ 'OSVDB', '39530' ], [ 'BID', '26741' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/hp_nnm_ovalarm_lang.rb b/modules/exploits/windows/http/hp_nnm_ovalarm_lang.rb index 9d851d729f..e709be8cf0 100644 --- a/modules/exploits/windows/http/hp_nnm_ovalarm_lang.rb +++ b/modules/exploits/windows/http/hp_nnm_ovalarm_lang.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-4179' ], + [ 'OSVDB', '60930' ], [ 'BID', '37347' ], [ 'URL', 'http://dvlabs.tippingpoint.com/advisory/TPTI-09-12' ], [ 'URL', 'http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877' ] diff --git a/modules/exploits/windows/http/hp_nnm_ovas.rb b/modules/exploits/windows/http/hp_nnm_ovas.rb index b66d785b36..8982d9bbbe 100644 --- a/modules/exploits/windows/http/hp_nnm_ovas.rb +++ b/modules/exploits/windows/http/hp_nnm_ovas.rb @@ -42,6 +42,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-1697' ], + [ 'OSVDB', '43992' ], [ 'BID', '28569' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/hp_nnm_ovbuildpath_textfile.rb b/modules/exploits/windows/http/hp_nnm_ovbuildpath_textfile.rb index 08f1a586da..7981a0efbc 100644 --- a/modules/exploits/windows/http/hp_nnm_ovbuildpath_textfile.rb +++ b/modules/exploits/windows/http/hp_nnm_ovbuildpath_textfile.rb @@ -31,7 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote which contains the OpenView installation path. To achieve reliable exploitation a directory traversal in OpenView5.exe - is being used to retrieve OpenView logs and disclose the installation + (OSVDB 44359) is being used to retrieve OpenView logs and disclose the installation path. If the installation path cannot be guessed the default installation path is used. } , @@ -45,6 +45,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-3167' ], + [ 'OSVDB', '76775' ], [ 'BID', '50471' ], [ 'ZDI', '12-002' ], [ 'URL', 'https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03054052' ] @@ -119,8 +120,9 @@ class MetasploitModule < Msf::Exploit::Remote end - # Tries to guess the HP OpenView install dir via the Directory traversal - # If unable to retrieve the installation path the default one + # Tries to guess the HP OpenView install dir via the Directory traversal identified + # by OSVDB 44359. + # If OSVDB 44359 doesn't allow to retrieve the installation path the default one # (C:\Program Files\HP OpenView\) is used. # Directory Traversal used: # http://host/OvCgi/OpenView5.exe?Context=Snmp&Action=../../../log/setup.log diff --git a/modules/exploits/windows/http/hp_nnm_ovwebhelp.rb b/modules/exploits/windows/http/hp_nnm_ovwebhelp.rb index 53036f6c05..cdb57c968e 100644 --- a/modules/exploits/windows/http/hp_nnm_ovwebhelp.rb +++ b/modules/exploits/windows/http/hp_nnm_ovwebhelp.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-4178' ], + [ 'OSVDB', '60929' ], [ 'BID', '37340' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_main.rb b/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_main.rb index 5c8866ed21..8e7e3c1d2b 100644 --- a/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_main.rb +++ b/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_main.rb @@ -42,6 +42,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1964' ], + [ 'OSVDB', '65552' ], [ 'BID', '40873' ], [ 'ZDI', '10-108' ] ], diff --git a/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_ovutil.rb b/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_ovutil.rb index 35a7382aec..6ac18869d3 100644 --- a/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_ovutil.rb +++ b/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_ovutil.rb @@ -45,6 +45,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1961' ], + [ 'OSVDB', '65428' ], [ 'BID', '40638' ], [ 'ZDI', '10-106' ], [ 'URL', 'http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02217439' ] diff --git a/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_uro.rb b/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_uro.rb index 345e805a79..bfe0674871 100644 --- a/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_uro.rb +++ b/modules/exploits/windows/http/hp_nnm_ovwebsnmpsrv_uro.rb @@ -41,6 +41,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1960' ], + [ 'OSVDB', '65427' ], [ 'BID', '40637' ], [ 'ZDI', '10-105' ], ], diff --git a/modules/exploits/windows/http/hp_nnm_snmp.rb b/modules/exploits/windows/http/hp_nnm_snmp.rb index ad5d75b77a..8632155f8a 100644 --- a/modules/exploits/windows/http/hp_nnm_snmp.rb +++ b/modules/exploits/windows/http/hp_nnm_snmp.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3849' ], + [ 'OSVDB', '60933' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/http/hp_nnm_snmpviewer_actapp.rb b/modules/exploits/windows/http/hp_nnm_snmpviewer_actapp.rb index 1b40074ea1..e6c8376f02 100644 --- a/modules/exploits/windows/http/hp_nnm_snmpviewer_actapp.rb +++ b/modules/exploits/windows/http/hp_nnm_snmpviewer_actapp.rb @@ -39,6 +39,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1552' ], + [ 'OSVDB', '64975' ], [ 'BID', '40068' ], [ 'ZDI', '10-083' ], [ 'URL', 'http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02153379' ] diff --git a/modules/exploits/windows/http/hp_nnm_toolbar_01.rb b/modules/exploits/windows/http/hp_nnm_toolbar_01.rb index 873386e535..ebb5c95576 100644 --- a/modules/exploits/windows/http/hp_nnm_toolbar_01.rb +++ b/modules/exploits/windows/http/hp_nnm_toolbar_01.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-0067' ], + [ 'OSVDB', '53222' ], [ 'BID', '33147' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/hp_nnm_toolbar_02.rb b/modules/exploits/windows/http/hp_nnm_toolbar_02.rb index a51a045b43..d53f58ec5b 100644 --- a/modules/exploits/windows/http/hp_nnm_toolbar_02.rb +++ b/modules/exploits/windows/http/hp_nnm_toolbar_02.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-0920' ], + [ 'OSVDB', '53242' ], [ 'BID', '34294' ], [ 'URL', 'http://www.coresecurity.com/content/openview-buffer-overflows'] ], diff --git a/modules/exploits/windows/http/hp_nnm_webappmon_execvp.rb b/modules/exploits/windows/http/hp_nnm_webappmon_execvp.rb index 23e1c7a109..37d8c6bd7d 100644 --- a/modules/exploits/windows/http/hp_nnm_webappmon_execvp.rb +++ b/modules/exploits/windows/http/hp_nnm_webappmon_execvp.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-2703' ], + [ 'OSVDB', '66514' ], [ 'BID', '41829' ], [ 'ZDI', '10-137' ], [ 'URL', 'http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02286088' ] diff --git a/modules/exploits/windows/http/hp_nnm_webappmon_ovjavalocale.rb b/modules/exploits/windows/http/hp_nnm_webappmon_ovjavalocale.rb index a0310e9069..47d8108ede 100644 --- a/modules/exploits/windows/http/hp_nnm_webappmon_ovjavalocale.rb +++ b/modules/exploits/windows/http/hp_nnm_webappmon_ovjavalocale.rb @@ -47,6 +47,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-2709' ], + [ 'OSVDB', '66932' ], [ 'BID', '42154' ], [ 'URL', 'http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02446520' ], [ 'URL', 'http://www.coresecurity.com/content/hp-nnm-ovjavalocale-buffer-overflow' ] diff --git a/modules/exploits/windows/http/hp_openview_insight_backdoor.rb b/modules/exploits/windows/http/hp_openview_insight_backdoor.rb index 852670868c..20514989eb 100644 --- a/modules/exploits/windows/http/hp_openview_insight_backdoor.rb +++ b/modules/exploits/windows/http/hp_openview_insight_backdoor.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-0276' ], + [ 'OSVDB', '70754' ], ], 'Targets' => [ diff --git a/modules/exploits/windows/http/hp_pcm_snac_update_certificates.rb b/modules/exploits/windows/http/hp_pcm_snac_update_certificates.rb index fa76827e77..e409da7372 100644 --- a/modules/exploits/windows/http/hp_pcm_snac_update_certificates.rb +++ b/modules/exploits/windows/http/hp_pcm_snac_update_certificates.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-4812' ], + [ 'OSVDB', '97155' ], [ 'BID', '62348' ], [ 'ZDI', '13-225' ] ], diff --git a/modules/exploits/windows/http/hp_pcm_snac_update_domain.rb b/modules/exploits/windows/http/hp_pcm_snac_update_domain.rb index 2db6226c3b..92ef605294 100644 --- a/modules/exploits/windows/http/hp_pcm_snac_update_domain.rb +++ b/modules/exploits/windows/http/hp_pcm_snac_update_domain.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-4811' ], + [ 'OSVDB', '97154' ], [ 'BID', '62349' ], [ 'ZDI', '13-226' ] ], diff --git a/modules/exploits/windows/http/hp_power_manager_filename.rb b/modules/exploits/windows/http/hp_power_manager_filename.rb index 6bdc0e7e11..0f943908b5 100644 --- a/modules/exploits/windows/http/hp_power_manager_filename.rb +++ b/modules/exploits/windows/http/hp_power_manager_filename.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3999' ], + [ 'OSVDB', '61848'], [ 'BID', '37867' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/hp_power_manager_login.rb b/modules/exploits/windows/http/hp_power_manager_login.rb index 9eb4d475b4..2d4f0e3dd0 100644 --- a/modules/exploits/windows/http/hp_power_manager_login.rb +++ b/modules/exploits/windows/http/hp_power_manager_login.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-2685' ], + [ 'OSVDB', '59684'], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/http/hp_sitescope_runomagentcommand.rb b/modules/exploits/windows/http/hp_sitescope_runomagentcommand.rb index e9f6672cc7..9b3c96e2e8 100644 --- a/modules/exploits/windows/http/hp_sitescope_runomagentcommand.rb +++ b/modules/exploits/windows/http/hp_sitescope_runomagentcommand.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-2367'], + [ 'OSVDB', '95824' ], [ 'BID', '61506' ], [ 'ZDI', '13-205' ] ], diff --git a/modules/exploits/windows/http/httpdx_handlepeer.rb b/modules/exploits/windows/http/httpdx_handlepeer.rb index ce6ce18e96..db7349f2b9 100644 --- a/modules/exploits/windows/http/httpdx_handlepeer.rb +++ b/modules/exploits/windows/http/httpdx_handlepeer.rb @@ -43,6 +43,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '58714' ], [ 'CVE', '2009-3711' ], [ 'URL', 'http://www.pank4j.com/exploits/httpdxb0f.php' ], [ 'URL', 'http://www.rec-sec.com/2009/10/16/httpdx-buffer-overflow-exploit/' ] diff --git a/modules/exploits/windows/http/httpdx_tolog_format.rb b/modules/exploits/windows/http/httpdx_tolog_format.rb index feea84bd47..3c6c307d55 100644 --- a/modules/exploits/windows/http/httpdx_tolog_format.rb +++ b/modules/exploits/windows/http/httpdx_tolog_format.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-4769' ], + [ 'OSVDB', '60182' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/http/ia_webmail.rb b/modules/exploits/windows/http/ia_webmail.rb index 75ff1639f0..858761d5b2 100644 --- a/modules/exploits/windows/http/ia_webmail.rb +++ b/modules/exploits/windows/http/ia_webmail.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-1192'], + [ 'OSVDB', '2757'], [ 'BID', '8965'], [ 'URL', 'http://www.k-otik.net/exploits/11.19.iawebmail.pl.php'], ], diff --git a/modules/exploits/windows/http/ibm_tivoli_endpoint_bof.rb b/modules/exploits/windows/http/ibm_tivoli_endpoint_bof.rb index f3ce5ef5ba..20350f46d3 100644 --- a/modules/exploits/windows/http/ibm_tivoli_endpoint_bof.rb +++ b/modules/exploits/windows/http/ibm_tivoli_endpoint_bof.rb @@ -32,6 +32,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-1220'], + [ 'OSVDB', '72713'], # buffer overflow + [ 'OSVDB', '72751'], # hardcoded account [ 'BID', '48049'], [ 'ZDI', '11-169' ], ], diff --git a/modules/exploits/windows/http/ibm_tpmfosd_overflow.rb b/modules/exploits/windows/http/ibm_tpmfosd_overflow.rb index d02f421370..5fc1f2e280 100644 --- a/modules/exploits/windows/http/ibm_tpmfosd_overflow.rb +++ b/modules/exploits/windows/http/ibm_tpmfosd_overflow.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-1868'], + [ 'OSVDB', '34678'], [ 'BID', '23264'], [ 'URL', 'http://dvlabs.tippingpoint.com/advisory/TPTI-07-05' ], ], diff --git a/modules/exploits/windows/http/ibm_tsm_cad_header.rb b/modules/exploits/windows/http/ibm_tsm_cad_header.rb index 807a9f5089..02a2577049 100644 --- a/modules/exploits/windows/http/ibm_tsm_cad_header.rb +++ b/modules/exploits/windows/http/ibm_tsm_cad_header.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-4880' ], + [ 'OSVDB', '38161' ], [ 'BID', '25743' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/icecast_header.rb b/modules/exploits/windows/http/icecast_header.rb index 816123151a..f8d661fd61 100644 --- a/modules/exploits/windows/http/icecast_header.rb +++ b/modules/exploits/windows/http/icecast_header.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1561'], + [ 'OSVDB', '10406'], [ 'BID', '11271'], [ 'URL', 'http://archives.neohapsis.com/archives/bugtraq/2004-09/0366.html'], ], diff --git a/modules/exploits/windows/http/integard_password_bof.rb b/modules/exploits/windows/http/integard_password_bof.rb index 0334808e6f..7fa35f9262 100644 --- a/modules/exploits/windows/http/integard_password_bof.rb +++ b/modules/exploits/windows/http/integard_password_bof.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '67909'], ['URL','http://www.corelan.be:8800/advisories.php?id=CORELAN-10-061'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/intersystems_cache.rb b/modules/exploits/windows/http/intersystems_cache.rb index e7962930ef..5015245f56 100644 --- a/modules/exploits/windows/http/intersystems_cache.rb +++ b/modules/exploits/windows/http/intersystems_cache.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '60549' ], [ 'BID', '37177' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/intrasrv_bof.rb b/modules/exploits/windows/http/intrasrv_bof.rb index 4ebd6cac14..ef301edbab 100644 --- a/modules/exploits/windows/http/intrasrv_bof.rb +++ b/modules/exploits/windows/http/intrasrv_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '94097'], ['EDB','18397'], ['BID','60229'] ], diff --git a/modules/exploits/windows/http/ipswitch_wug_maincfgret.rb b/modules/exploits/windows/http/ipswitch_wug_maincfgret.rb index 224a5ce4b4..f77b24d91c 100644 --- a/modules/exploits/windows/http/ipswitch_wug_maincfgret.rb +++ b/modules/exploits/windows/http/ipswitch_wug_maincfgret.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2004-0798'], + ['OSVDB', '9177'], ['BID', '11043'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/jira_collector_traversal.rb b/modules/exploits/windows/http/jira_collector_traversal.rb index 3cd7ffaea8..3d9068f693 100644 --- a/modules/exploits/windows/http/jira_collector_traversal.rb +++ b/modules/exploits/windows/http/jira_collector_traversal.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2014-2314'], + [ 'OSVDB', '103807' ], [ 'BID', '65849' ], [ 'URL', 'https://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2014-02-26' ], [ 'URL', 'http://blog.h3xstream.com/2014/02/jira-path-traversal-explained.html' ] diff --git a/modules/exploits/windows/http/kaseya_uploadimage_file_upload.rb b/modules/exploits/windows/http/kaseya_uploadimage_file_upload.rb index 949d878cad..8037a95ec3 100644 --- a/modules/exploits/windows/http/kaseya_uploadimage_file_upload.rb +++ b/modules/exploits/windows/http/kaseya_uploadimage_file_upload.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '99984'], ['BID', '63782'], ['EDB', '29675'], ['URL', 'http://security-assessment.com/files/documents/advisory/Kaseya%20File%20Upload.pdf'] diff --git a/modules/exploits/windows/http/kolibri_http.rb b/modules/exploits/windows/http/kolibri_http.rb index 64e1d34fc5..e0b5dc2d8d 100644 --- a/modules/exploits/windows/http/kolibri_http.rb +++ b/modules/exploits/windows/http/kolibri_http.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2002-2268' ], + [ 'OSVDB', '70808' ], [ 'BID', '6289' ], [ 'EDB', '15834' ], ], diff --git a/modules/exploits/windows/http/landesk_thinkmanagement_upload_asp.rb b/modules/exploits/windows/http/landesk_thinkmanagement_upload_asp.rb index f5e9238687..9dac1e3d1a 100644 --- a/modules/exploits/windows/http/landesk_thinkmanagement_upload_asp.rb +++ b/modules/exploits/windows/http/landesk_thinkmanagement_upload_asp.rb @@ -36,6 +36,8 @@ class MetasploitModule < Msf::Exploit::Remote [ ['CVE', '2012-1195'], ['CVE', '2012-1196'], + ['OSVDB', '79276'], + ['OSVDB', '79277'], ['BID', '52023'], ['EDB', '18622'], ['EDB', '18623'] diff --git a/modules/exploits/windows/http/mailenable_auth_header.rb b/modules/exploits/windows/http/mailenable_auth_header.rb index e61be4316c..0d0fd3e481 100644 --- a/modules/exploits/windows/http/mailenable_auth_header.rb +++ b/modules/exploits/windows/http/mailenable_auth_header.rb @@ -26,6 +26,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-1348'], + ['OSVDB', '15913'], + ['OSVDB', '15737'], ['BID', '13350'], ['URL', 'http://www.nessus.org/plugins/index.php?view=single&id=18123'], ], diff --git a/modules/exploits/windows/http/maxdb_webdbm_database.rb b/modules/exploits/windows/http/maxdb_webdbm_database.rb index 385716474c..f9e6f01222 100644 --- a/modules/exploits/windows/http/maxdb_webdbm_database.rb +++ b/modules/exploits/windows/http/maxdb_webdbm_database.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-4305'], + ['OSVDB', '28300'], ['BID', '19660'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/maxdb_webdbm_get_overflow.rb b/modules/exploits/windows/http/maxdb_webdbm_get_overflow.rb index 31c6004d7c..5f6da07f06 100644 --- a/modules/exploits/windows/http/maxdb_webdbm_get_overflow.rb +++ b/modules/exploits/windows/http/maxdb_webdbm_get_overflow.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0684'], + [ 'OSVDB', '15816'], [ 'URL', 'http://www.idefense.com/application/poi/display?id=234&type=vulnerabilities'], [ 'BID', '13368'], ], diff --git a/modules/exploits/windows/http/mcafee_epolicy_source.rb b/modules/exploits/windows/http/mcafee_epolicy_source.rb index 22986d2762..42d991ab2d 100644 --- a/modules/exploits/windows/http/mcafee_epolicy_source.rb +++ b/modules/exploits/windows/http/mcafee_epolicy_source.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-5156' ], + [ 'OSVDB', '29421' ], [ 'EDB', '2467' ], [ 'BID', '20288' ], ], diff --git a/modules/exploits/windows/http/mdaemon_worldclient_form2raw.rb b/modules/exploits/windows/http/mdaemon_worldclient_form2raw.rb index f649f8397a..f6ae402ff7 100644 --- a/modules/exploits/windows/http/mdaemon_worldclient_form2raw.rb +++ b/modules/exploits/windows/http/mdaemon_worldclient_form2raw.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-1200' ], + [ 'OSVDB', '3255' ], [ 'BID', '9317' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/http/minishare_get_overflow.rb b/modules/exploits/windows/http/minishare_get_overflow.rb index b3a80eeeef..ffdcf97b1d 100644 --- a/modules/exploits/windows/http/minishare_get_overflow.rb +++ b/modules/exploits/windows/http/minishare_get_overflow.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-2271'], + [ 'OSVDB', '11530'], [ 'BID', '11620'], [ 'URL', 'http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0208.html'], ], diff --git a/modules/exploits/windows/http/miniweb_upload_wbem.rb b/modules/exploits/windows/http/miniweb_upload_wbem.rb index d9b225671d..eb5fc32a50 100644 --- a/modules/exploits/windows/http/miniweb_upload_wbem.rb +++ b/modules/exploits/windows/http/miniweb_upload_wbem.rb @@ -36,6 +36,8 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '92198'], + ['OSVDB', '92200'], ['PACKETSTORM', '121168'] ], 'Payload' => diff --git a/modules/exploits/windows/http/navicopa_get_overflow.rb b/modules/exploits/windows/http/navicopa_get_overflow.rb index 25097a8853..4298f850fb 100644 --- a/modules/exploits/windows/http/navicopa_get_overflow.rb +++ b/modules/exploits/windows/http/navicopa_get_overflow.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-5112' ], + [ 'OSVDB', '29257' ], [ 'BID', '20250' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/netdecision_http_bof.rb b/modules/exploits/windows/http/netdecision_http_bof.rb index 43fa2ce475..7d9bfc54af 100644 --- a/modules/exploits/windows/http/netdecision_http_bof.rb +++ b/modules/exploits/windows/http/netdecision_http_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-1465'], + ['OSVDB', '79651'], ['URL', 'http://secunia.com/advisories/48168/'], ['URL', 'http://secpod.org/advisories/SecPod_Netmechanica_NetDecision_HTTP_Server_DoS_Vuln.txt'] ], diff --git a/modules/exploits/windows/http/novell_imanager_upload.rb b/modules/exploits/windows/http/novell_imanager_upload.rb index 4035c09468..465490a72b 100644 --- a/modules/exploits/windows/http/novell_imanager_upload.rb +++ b/modules/exploits/windows/http/novell_imanager_upload.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ #[ 'CVE', '2010-??' ], + [ 'OSVDB', '68320'], [ 'ZDI', '10-190' ], [ 'URL', 'http://www.novell.com/support/viewContent.do?externalId=7006515&sliceId=2' ], ], diff --git a/modules/exploits/windows/http/novell_mdm_lfi.rb b/modules/exploits/windows/http/novell_mdm_lfi.rb index a7c1fcbf2e..aee9177369 100644 --- a/modules/exploits/windows/http/novell_mdm_lfi.rb +++ b/modules/exploits/windows/http/novell_mdm_lfi.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2013-1081'], + ['OSVDB', '91119'], ['ZDI', '13-087'], ['URL', 'http://www.novell.com/support/kb/doc.php?id=7011895'] ], @@ -72,6 +73,7 @@ class MetasploitModule < Msf::Exploit::Remote if v.nil? return Exploit::CheckCode::Unknown elsif v =~ /^2\.6\.[01]/ or v =~ /^2\.7\.0/ + # Conditions based on OSVDB info return Exploit::CheckCode::Appears end diff --git a/modules/exploits/windows/http/novell_messenger_acceptlang.rb b/modules/exploits/windows/http/novell_messenger_acceptlang.rb index d7c6a7414c..0f80454e8c 100644 --- a/modules/exploits/windows/http/novell_messenger_acceptlang.rb +++ b/modules/exploits/windows/http/novell_messenger_acceptlang.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-0992'], + ['OSVDB', '24617'], ['BID', '17503'], ], 'Privileged' => true, diff --git a/modules/exploits/windows/http/nowsms.rb b/modules/exploits/windows/http/nowsms.rb index fcf4d83ca7..5bbf6d1524 100644 --- a/modules/exploits/windows/http/nowsms.rb +++ b/modules/exploits/windows/http/nowsms.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-0871' ], + [ 'OSVDB', '42953'], [ 'BID', '27896' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/oracle9i_xdb_pass.rb b/modules/exploits/windows/http/oracle9i_xdb_pass.rb index d814080c56..c59eeaa693 100644 --- a/modules/exploits/windows/http/oracle9i_xdb_pass.rb +++ b/modules/exploits/windows/http/oracle9i_xdb_pass.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2003-0727'], + ['OSVDB', '2449'], ['BID', '8375'], ['URL', 'http://www.blackhat.com/presentations/bh-usa-03/bh-us-03-litchfield-paper.pdf'], ], diff --git a/modules/exploits/windows/http/oracle_btm_writetofile.rb b/modules/exploits/windows/http/oracle_btm_writetofile.rb index 988a2111a6..81a88ca3d0 100644 --- a/modules/exploits/windows/http/oracle_btm_writetofile.rb +++ b/modules/exploits/windows/http/oracle_btm_writetofile.rb @@ -39,6 +39,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '85087' ], [ 'BID', '54839' ], [ 'EDB', '20318' ] ], diff --git a/modules/exploits/windows/http/oracle_endeca_exec.rb b/modules/exploits/windows/http/oracle_endeca_exec.rb index 4e654cf137..a48a151838 100644 --- a/modules/exploits/windows/http/oracle_endeca_exec.rb +++ b/modules/exploits/windows/http/oracle_endeca_exec.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2013-3763' ], [ 'BID', '61217' ], + [ 'OSVDB', '95269' ], [ 'ZDI', '13-190' ], [ 'URL', 'http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html' ] ], diff --git a/modules/exploits/windows/http/osb_uname_jlist.rb b/modules/exploits/windows/http/osb_uname_jlist.rb index 61454a8bd1..792e5db124 100644 --- a/modules/exploits/windows/http/osb_uname_jlist.rb +++ b/modules/exploits/windows/http/osb_uname_jlist.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0904' ], + [ 'OSVDB', '66338' ], [ 'ZDI', '10-118' ] # the jlist vector has not been disclosed or has it? ], diff --git a/modules/exploits/windows/http/peercast_url.rb b/modules/exploits/windows/http/peercast_url.rb index 268ac88aeb..d8e514ffab 100644 --- a/modules/exploits/windows/http/peercast_url.rb +++ b/modules/exploits/windows/http/peercast_url.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-1148'], + ['OSVDB', '23777'], ['BID', '17040'] ], 'Privileged' => false, diff --git a/modules/exploits/windows/http/php_apache_request_headers_bof.rb b/modules/exploits/windows/http/php_apache_request_headers_bof.rb index 0993f18bee..04e9ee1427 100644 --- a/modules/exploits/windows/http/php_apache_request_headers_bof.rb +++ b/modules/exploits/windows/http/php_apache_request_headers_bof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-2329'], + [ 'OSVDB', '82215'], [ 'BID', '53455'], [ 'URL', 'http://www.php.net/archive/2012.php#id2012-05-08-1' ], [ 'URL', 'http://www.php.net/ChangeLog-5.php#5.4.3'], diff --git a/modules/exploits/windows/http/privatewire_gateway.rb b/modules/exploits/windows/http/privatewire_gateway.rb index 009f1f4e5a..2ad78064a3 100644 --- a/modules/exploits/windows/http/privatewire_gateway.rb +++ b/modules/exploits/windows/http/privatewire_gateway.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-3252'], + ['OSVDB', '26861'], ['BID', '18647'], ], 'Payload' => diff --git a/modules/exploits/windows/http/psoproxy91_overflow.rb b/modules/exploits/windows/http/psoproxy91_overflow.rb index 3c35b8ca60..f387140d39 100644 --- a/modules/exploits/windows/http/psoproxy91_overflow.rb +++ b/modules/exploits/windows/http/psoproxy91_overflow.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-0313' ], + [ 'OSVDB', '4028' ], [ 'EDB', '156' ], [ 'BID', '9706' ], ], diff --git a/modules/exploits/windows/http/rabidhamster_r4_log.rb b/modules/exploits/windows/http/rabidhamster_r4_log.rb index d72b281170..a4a1a1f186 100644 --- a/modules/exploits/windows/http/rabidhamster_r4_log.rb +++ b/modules/exploits/windows/http/rabidhamster_r4_log.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '79007'], ['URL', 'http://aluigi.altervista.org/adv/r4_1-adv.txt'], ['URL', 'http://secunia.com/advisories/47901/'] ], diff --git a/modules/exploits/windows/http/rejetto_hfs_exec.rb b/modules/exploits/windows/http/rejetto_hfs_exec.rb index ca731b98f2..cce2a993c1 100644 --- a/modules/exploits/windows/http/rejetto_hfs_exec.rb +++ b/modules/exploits/windows/http/rejetto_hfs_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2014-6287'], + ['OSVDB', '111386'], ['URL', 'http://seclists.org/bugtraq/2014/Sep/85'], ['URL', 'http://www.rejetto.com/wiki/index.php?title=HFS:_scripting_commands'] ], diff --git a/modules/exploits/windows/http/sambar6_search_results.rb b/modules/exploits/windows/http/sambar6_search_results.rb index 6e29bdce17..060403088e 100644 --- a/modules/exploits/windows/http/sambar6_search_results.rb +++ b/modules/exploits/windows/http/sambar6_search_results.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-2086' ], + [ 'OSVDB', '5786' ], [ 'BID', '9607' ], ], 'Privileged' => false, diff --git a/modules/exploits/windows/http/sap_configservlet_exec_noauth.rb b/modules/exploits/windows/http/sap_configservlet_exec_noauth.rb index 3332275bb3..1b37036b59 100644 --- a/modules/exploits/windows/http/sap_configservlet_exec_noauth.rb +++ b/modules/exploits/windows/http/sap_configservlet_exec_noauth.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '92704'], [ 'EDB', '24996'], [ 'URL', 'http://erpscan.com/wp-content/uploads/2012/11/Breaking-SAP-Portal-HackerHalted-2012.pdf'] ], diff --git a/modules/exploits/windows/http/sap_host_control_cmd_exec.rb b/modules/exploits/windows/http/sap_host_control_cmd_exec.rb index 3c0de02a72..3ba0407e99 100644 --- a/modules/exploits/windows/http/sap_host_control_cmd_exec.rb +++ b/modules/exploits/windows/http/sap_host_control_cmd_exec.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => 'win', 'References' => [ + [ 'OSVDB', '84821'], [ 'URL', 'http://www.contextis.com/research/blog/sap4/' ], [ 'URL', 'https://websmp130.sap-ag.de/sap/support/notes/1341333' ] # Authentication Required ], diff --git a/modules/exploits/windows/http/sapdb_webtools.rb b/modules/exploits/windows/http/sapdb_webtools.rb index 22f5508c69..7456fd6022 100644 --- a/modules/exploits/windows/http/sapdb_webtools.rb +++ b/modules/exploits/windows/http/sapdb_webtools.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-3614' ], + [ 'OSVDB', '37838' ], [ 'BID', '24773' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/http/savant_31_overflow.rb b/modules/exploits/windows/http/savant_31_overflow.rb index 8e4de4daa8..e21b096884 100644 --- a/modules/exploits/windows/http/savant_31_overflow.rb +++ b/modules/exploits/windows/http/savant_31_overflow.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2002-1120' ], + [ 'OSVDB', '9829' ], [ 'BID', '5686' ], [ 'EDB', '787' ] ], diff --git a/modules/exploits/windows/http/servu_session_cookie.rb b/modules/exploits/windows/http/servu_session_cookie.rb index 0d183847b5..5384e6cef6 100644 --- a/modules/exploits/windows/http/servu_session_cookie.rb +++ b/modules/exploits/windows/http/servu_session_cookie.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-4006' ], # unsure + [ 'OSVDB', '59772' ], [ 'URL', 'http://rangos.de/ServU-ADV.txt' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/http/shoutcast_format.rb b/modules/exploits/windows/http/shoutcast_format.rb index 3e6323787b..b95de3b057 100644 --- a/modules/exploits/windows/http/shoutcast_format.rb +++ b/modules/exploits/windows/http/shoutcast_format.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1373'], + [ 'OSVDB', '12585'], [ 'BID', '12096'], ], 'Privileged' => false, diff --git a/modules/exploits/windows/http/shttpd_post.rb b/modules/exploits/windows/http/shttpd_post.rb index c2a0252483..5255a61775 100644 --- a/modules/exploits/windows/http/shttpd_post.rb +++ b/modules/exploits/windows/http/shttpd_post.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-5216'], + [ 'OSVDB', '29565' ], [ 'URL', 'http://shttpd.sourceforge.net'], [ 'BID', '20393'], ], diff --git a/modules/exploits/windows/http/solarwinds_fsm_userlogin.rb b/modules/exploits/windows/http/solarwinds_fsm_userlogin.rb index be0692bf78..f484664718 100644 --- a/modules/exploits/windows/http/solarwinds_fsm_userlogin.rb +++ b/modules/exploits/windows/http/solarwinds_fsm_userlogin.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2015-2284'], + ['OSVDB', '81634'], ['ZDI', '15-107'], ['URL', 'http://downloads.solarwinds.com/solarwinds/Release/HotFix/FSM-v6.6.5-HotFix1.zip'] ], diff --git a/modules/exploits/windows/http/solarwinds_storage_manager_sql.rb b/modules/exploits/windows/http/solarwinds_storage_manager_sql.rb index b2aca4f437..2df31f7ccf 100644 --- a/modules/exploits/windows/http/solarwinds_storage_manager_sql.rb +++ b/modules/exploits/windows/http/solarwinds_storage_manager_sql.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '81634'], ['EDB', '18818'], ['URL', 'http://ddilabs.blogspot.com/2012/02/solarwinds-storage-manager-server-sql.html'], ['URL', 'http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/vulnerability.htm'] diff --git a/modules/exploits/windows/http/sonicwall_scrutinizer_sqli.rb b/modules/exploits/windows/http/sonicwall_scrutinizer_sqli.rb index 04512852a1..053b40eec4 100644 --- a/modules/exploits/windows/http/sonicwall_scrutinizer_sqli.rb +++ b/modules/exploits/windows/http/sonicwall_scrutinizer_sqli.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-2962'], + ['OSVDB', '84232'], ['EDB', '20033'], ['BID', '54625'], ['URL', 'http://www.sonicwall.com/shared/download/Dell_SonicWALL_Scrutinizer_Service_Bulletin_for_SQL_injection_vulnerability_CVE.pdf'] diff --git a/modules/exploits/windows/http/steamcast_useragent.rb b/modules/exploits/windows/http/steamcast_useragent.rb index 35a165b6ca..650dd5f3e5 100644 --- a/modules/exploits/windows/http/steamcast_useragent.rb +++ b/modules/exploits/windows/http/steamcast_useragent.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-0550' ], + [ 'OSVDB', '42670' ], [ 'URL', 'http://aluigi.altervista.org/adv/steamcazz-adv.txt'], [ 'BID', '33898' ], ], diff --git a/modules/exploits/windows/http/sws_connection_bof.rb b/modules/exploits/windows/http/sws_connection_bof.rb index 61541595b0..c84081854b 100644 --- a/modules/exploits/windows/http/sws_connection_bof.rb +++ b/modules/exploits/windows/http/sws_connection_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '84310'], ['EDB', '19937'], ['URL', 'http://ghostinthelab.wordpress.com/2012/07/19/simplewebserver-2-2-rc2-remote-buffer-overflow-exploit/'] ], diff --git a/modules/exploits/windows/http/sybase_easerver.rb b/modules/exploits/windows/http/sybase_easerver.rb index b0be4446c1..8be77137c6 100644 --- a/modules/exploits/windows/http/sybase_easerver.rb +++ b/modules/exploits/windows/http/sybase_easerver.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-2297' ], + [ 'OSVDB', '17996' ], [ 'BID', '14287'], ], 'Privileged' => false, diff --git a/modules/exploits/windows/http/sysax_create_folder.rb b/modules/exploits/windows/http/sysax_create_folder.rb index 7984f706f8..b043198646 100644 --- a/modules/exploits/windows/http/sysax_create_folder.rb +++ b/modules/exploits/windows/http/sysax_create_folder.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-6530' ], + [ 'OSVDB', '82329' ], [ 'EDB', '20676' ], [ 'EDB', '18420' ], [ 'URL', 'http://www.pwnag3.com/2012/01/sysax-multi-server-550-exploit.html' ], diff --git a/modules/exploits/windows/http/trackercam_phparg_overflow.rb b/modules/exploits/windows/http/trackercam_phparg_overflow.rb index cbb0a149e7..f431fd9289 100644 --- a/modules/exploits/windows/http/trackercam_phparg_overflow.rb +++ b/modules/exploits/windows/http/trackercam_phparg_overflow.rb @@ -27,6 +27,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0478'], + [ 'OSVDB', '13953'], + [ 'OSVDB', '13955'], [ 'BID', '12592'], [ 'URL', 'http://aluigi.altervista.org/adv/tcambof-adv.txt'], ], diff --git a/modules/exploits/windows/http/trackit_file_upload.rb b/modules/exploits/windows/http/trackit_file_upload.rb index 4afb5e7551..c4cc9ee2fd 100644 --- a/modules/exploits/windows/http/trackit_file_upload.rb +++ b/modules/exploits/windows/http/trackit_file_upload.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2014-4872' ], + [ 'OSVDB', '112741' ], [ 'US-CERT-VU', '121036' ], [ 'URL', 'http://seclists.org/fulldisclosure/2014/Oct/34' ] ], diff --git a/modules/exploits/windows/http/trendmicro_officescan.rb b/modules/exploits/windows/http/trendmicro_officescan.rb index 5564ddf91c..0b1dcff49f 100644 --- a/modules/exploits/windows/http/trendmicro_officescan.rb +++ b/modules/exploits/windows/http/trendmicro_officescan.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-1365' ], + [ 'OSVDB', '42499' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/http/ultraminihttp_bof.rb b/modules/exploits/windows/http/ultraminihttp_bof.rb index 2b1d6bb5e5..1100d1b113 100644 --- a/modules/exploits/windows/http/ultraminihttp_bof.rb +++ b/modules/exploits/windows/http/ultraminihttp_bof.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '95164'], ['EDB','26739'], ['CVE','2013-5019'], ['BID','61130'] diff --git a/modules/exploits/windows/http/umbraco_upload_aspx.rb b/modules/exploits/windows/http/umbraco_upload_aspx.rb index 0d8b066baf..8cb9460f71 100644 --- a/modules/exploits/windows/http/umbraco_upload_aspx.rb +++ b/modules/exploits/windows/http/umbraco_upload_aspx.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => 'win', 'References' => [ + [ 'OSVDB', '83765' ], [ 'EDB', '19671' ], [ 'URL', 'http://blog.gdssecurity.com/labs/2012/7/3/find-bugs-faster-with-a-webmatrix-local-reference-instance.html' ], [ 'URL', 'http://umbraco.codeplex.com/workitem/18192' ] # Item deleted for security reasons diff --git a/modules/exploits/windows/http/vmware_vcenter_chargeback_upload.rb b/modules/exploits/windows/http/vmware_vcenter_chargeback_upload.rb index 883c2a9686..e6e1375362 100644 --- a/modules/exploits/windows/http/vmware_vcenter_chargeback_upload.rb +++ b/modules/exploits/windows/http/vmware_vcenter_chargeback_upload.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-3520' ], + [ 'OSVDB', '94188' ], [ 'BID', '60484' ], [ 'ZDI', '13-147' ] ], diff --git a/modules/exploits/windows/http/webster_http.rb b/modules/exploits/windows/http/webster_http.rb index c394c938db..5821ba4e27 100644 --- a/modules/exploits/windows/http/webster_http.rb +++ b/modules/exploits/windows/http/webster_http.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2002-2268' ], + [ 'OSVDB', '44106' ], [ 'BID', '6289' ], [ 'URL', 'http://www.microsoft.com/msj/archive/s25f.aspx' ], [ 'URL', 'http://www.netdave.com/webster/webster.htm' ], diff --git a/modules/exploits/windows/http/xitami_if_mod_since.rb b/modules/exploits/windows/http/xitami_if_mod_since.rb index bad29cbc86..213f3d1b68 100644 --- a/modules/exploits/windows/http/xitami_if_mod_since.rb +++ b/modules/exploits/windows/http/xitami_if_mod_since.rb @@ -27,6 +27,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5067' ], + [ 'OSVDB', '40594'], + [ 'OSVDB', '40595'], [ 'BID', '25772' ], [ 'EDB', '4450' ] ], diff --git a/modules/exploits/windows/http/zenworks_assetmgmt_uploadservlet.rb b/modules/exploits/windows/http/zenworks_assetmgmt_uploadservlet.rb index abc9706937..a650c6cbbe 100644 --- a/modules/exploits/windows/http/zenworks_assetmgmt_uploadservlet.rb +++ b/modules/exploits/windows/http/zenworks_assetmgmt_uploadservlet.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-2653' ], + [ 'OSVDB', '77583' ], [ 'BID', '50966' ], [ 'ZDI', '11-342' ], [ 'URL', 'http://download.novell.com/Download?buildid=hPvHtXeNmCU~' ] diff --git a/modules/exploits/windows/http/zenworks_uploadservlet.rb b/modules/exploits/windows/http/zenworks_uploadservlet.rb index 9818b4c3c4..4e0e67c8e7 100644 --- a/modules/exploits/windows/http/zenworks_uploadservlet.rb +++ b/modules/exploits/windows/http/zenworks_uploadservlet.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '63412' ], [ 'BID', '39114' ], [ 'ZDI', '10-078' ], [ 'URL', 'http://tucanalamigo.blogspot.com/2010/04/pdc-de-zdi-10-078.html' ], diff --git a/modules/exploits/windows/iis/iis_webdav_upload_asp.rb b/modules/exploits/windows/iis/iis_webdav_upload_asp.rb index a106377bc3..74f593f2ad 100644 --- a/modules/exploits/windows/iis/iis_webdav_upload_asp.rb +++ b/modules/exploits/windows/iis/iis_webdav_upload_asp.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => 'win', 'References' => [ + ['OSVDB', '397'], ['BID', '12141'] ], 'Targets' => diff --git a/modules/exploits/windows/iis/ms01_023_printer.rb b/modules/exploits/windows/iis/ms01_023_printer.rb index b60f9f84ad..1318d6ac68 100644 --- a/modules/exploits/windows/iis/ms01_023_printer.rb +++ b/modules/exploits/windows/iis/ms01_023_printer.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2001-0241'], + [ 'OSVDB', '3323'], [ 'BID', '2674'], [ 'MSB', 'MS01-023'], [ 'URL', 'http://seclists.org/lists/bugtraq/2001/May/0005.html'], diff --git a/modules/exploits/windows/iis/ms01_026_dbldecode.rb b/modules/exploits/windows/iis/ms01_026_dbldecode.rb index 31c67d480d..5a4738e926 100644 --- a/modules/exploits/windows/iis/ms01_026_dbldecode.rb +++ b/modules/exploits/windows/iis/ms01_026_dbldecode.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2001-0333' ], + [ 'OSVDB', '556' ], [ 'BID', '2708' ], [ 'MSB', 'MS01-026' ], [ 'URL', 'http://marc.info/?l=bugtraq&m=98992056521300&w=2' ] diff --git a/modules/exploits/windows/iis/ms01_033_idq.rb b/modules/exploits/windows/iis/ms01_033_idq.rb index 44c2fce5a2..f631cc4e19 100644 --- a/modules/exploits/windows/iis/ms01_033_idq.rb +++ b/modules/exploits/windows/iis/ms01_033_idq.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2001-0500'], + [ 'OSVDB', '568'], [ 'MSB', 'MS01-033'], [ 'BID', '2880'], ], diff --git a/modules/exploits/windows/iis/ms02_018_htr.rb b/modules/exploits/windows/iis/ms02_018_htr.rb index a1e2d9c43c..9ef0522d13 100644 --- a/modules/exploits/windows/iis/ms02_018_htr.rb +++ b/modules/exploits/windows/iis/ms02_018_htr.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '1999-0874'], + [ 'OSVDB', '3325'], [ 'BID', '307'], [ 'URL', 'http://www.eeye.com/html/research/advisories/AD19990608.html'], [ 'MSB', 'MS02-018'], diff --git a/modules/exploits/windows/iis/ms02_065_msadc.rb b/modules/exploits/windows/iis/ms02_065_msadc.rb index 729b7d055f..8b8b9ea12e 100644 --- a/modules/exploits/windows/iis/ms02_065_msadc.rb +++ b/modules/exploits/windows/iis/ms02_065_msadc.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => 'win', 'References' => [ + ['OSVDB', '14502'], ['BID', '6214'], ['CVE', '2002-1142'], ['MSB', 'MS02-065'], diff --git a/modules/exploits/windows/iis/ms03_007_ntdll_webdav.rb b/modules/exploits/windows/iis/ms03_007_ntdll_webdav.rb index eff7ecf823..d548309299 100644 --- a/modules/exploits/windows/iis/ms03_007_ntdll_webdav.rb +++ b/modules/exploits/windows/iis/ms03_007_ntdll_webdav.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0109'], + [ 'OSVDB', '4467'], [ 'BID', '7116'], [ 'MSB', 'MS03-007'] ], diff --git a/modules/exploits/windows/iis/msadc.rb b/modules/exploits/windows/iis/msadc.rb index a916c41f4c..fff453f738 100644 --- a/modules/exploits/windows/iis/msadc.rb +++ b/modules/exploits/windows/iis/msadc.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => 'win', 'References' => [ + ['OSVDB', '272'], ['BID', '529'], ['CVE', '1999-1011'], ['MSB', 'MS98-004'], diff --git a/modules/exploits/windows/imap/eudora_list.rb b/modules/exploits/windows/imap/eudora_list.rb index 88eea8f1f1..035aa5a85f 100644 --- a/modules/exploits/windows/imap/eudora_list.rb +++ b/modules/exploits/windows/imap/eudora_list.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-4267'], + [ 'OSVDB', '22097'], [ 'BID', '15980'], ], diff --git a/modules/exploits/windows/imap/imail_delete.rb b/modules/exploits/windows/imap/imail_delete.rb index d783903a3b..77a2823617 100644 --- a/modules/exploits/windows/imap/imail_delete.rb +++ b/modules/exploits/windows/imap/imail_delete.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1520'], + [ 'OSVDB', '11838'], [ 'BID', '11675'], ], 'Privileged' => true, diff --git a/modules/exploits/windows/imap/ipswitch_search.rb b/modules/exploits/windows/imap/ipswitch_search.rb index 92ce98171b..403dadfdbf 100644 --- a/modules/exploits/windows/imap/ipswitch_search.rb +++ b/modules/exploits/windows/imap/ipswitch_search.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-3925' ], + [ 'OSVDB', '36219' ], [ 'BID', '24962' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/imap/mailenable_login.rb b/modules/exploits/windows/imap/mailenable_login.rb index 8297773454..776059c1bb 100644 --- a/modules/exploits/windows/imap/mailenable_login.rb +++ b/modules/exploits/windows/imap/mailenable_login.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-6423'], + [ 'OSVDB', '32125'], [ 'BID', '21492'] ], 'Privileged' => true, diff --git a/modules/exploits/windows/imap/mailenable_status.rb b/modules/exploits/windows/imap/mailenable_status.rb index 1c4c6dab31..9e984b8f5e 100644 --- a/modules/exploits/windows/imap/mailenable_status.rb +++ b/modules/exploits/windows/imap/mailenable_status.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-2278'], + [ 'OSVDB', '17844'], [ 'BID', '14243'], [ 'URL', 'http://www.nessus.org/plugins/index.php?view=single&id=19193'], ], diff --git a/modules/exploits/windows/imap/mailenable_w3c_select.rb b/modules/exploits/windows/imap/mailenable_w3c_select.rb index 124431e39d..f10818b868 100644 --- a/modules/exploits/windows/imap/mailenable_w3c_select.rb +++ b/modules/exploits/windows/imap/mailenable_w3c_select.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-3155'], + [ 'OSVDB', '19842'], [ 'BID', '15006'], ], 'Privileged' => true, diff --git a/modules/exploits/windows/imap/mdaemon_cram_md5.rb b/modules/exploits/windows/imap/mdaemon_cram_md5.rb index 864fa060cc..f15372a824 100644 --- a/modules/exploits/windows/imap/mdaemon_cram_md5.rb +++ b/modules/exploits/windows/imap/mdaemon_cram_md5.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1520'], + [ 'OSVDB', '11838'], [ 'BID', '11675'], ], 'Privileged' => true, diff --git a/modules/exploits/windows/imap/mdaemon_fetch.rb b/modules/exploits/windows/imap/mdaemon_fetch.rb index 97a48ece8f..b983440500 100644 --- a/modules/exploits/windows/imap/mdaemon_fetch.rb +++ b/modules/exploits/windows/imap/mdaemon_fetch.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-1358' ], + [ 'OSVDB', '43111' ], [ 'BID', '28245' ], [ 'EDB', '5248' ] ], diff --git a/modules/exploits/windows/imap/mercur_imap_select_overflow.rb b/modules/exploits/windows/imap/mercur_imap_select_overflow.rb index 5e13181e4f..f4e2546d73 100644 --- a/modules/exploits/windows/imap/mercur_imap_select_overflow.rb +++ b/modules/exploits/windows/imap/mercur_imap_select_overflow.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-1255' ], + [ 'OSVDB', '23950' ], [ 'BID', '17138' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/imap/mercur_login.rb b/modules/exploits/windows/imap/mercur_login.rb index d9abfdcfeb..7b580ad5dc 100644 --- a/modules/exploits/windows/imap/mercur_login.rb +++ b/modules/exploits/windows/imap/mercur_login.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-1255' ], + [ 'OSVDB', '23950' ], [ 'BID', '17138' ], [ 'URL', 'http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1104.html' ], ], diff --git a/modules/exploits/windows/imap/mercury_login.rb b/modules/exploits/windows/imap/mercury_login.rb index 6d9efb99bc..621ae49de5 100644 --- a/modules/exploits/windows/imap/mercury_login.rb +++ b/modules/exploits/windows/imap/mercury_login.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-1373' ], + [ 'OSVDB', '33883' ], ], 'Privileged' => true, 'DefaultOptions' => diff --git a/modules/exploits/windows/imap/mercury_rename.rb b/modules/exploits/windows/imap/mercury_rename.rb index c7f5b80380..8f6bacec40 100644 --- a/modules/exploits/windows/imap/mercury_rename.rb +++ b/modules/exploits/windows/imap/mercury_rename.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1211'], + [ 'OSVDB', '12508'], [ 'BID', '11775'], [ 'URL', 'http://www.nessus.org/plugins/index.php?view=single&id=15867'], ], diff --git a/modules/exploits/windows/imap/novell_netmail_append.rb b/modules/exploits/windows/imap/novell_netmail_append.rb index 372355a0fc..a254c10cd2 100644 --- a/modules/exploits/windows/imap/novell_netmail_append.rb +++ b/modules/exploits/windows/imap/novell_netmail_append.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-6425' ], + [ 'OSVDB', '31362' ], [ 'BID', '21723' ], [ 'ZDI', '06-054' ], ], diff --git a/modules/exploits/windows/imap/novell_netmail_auth.rb b/modules/exploits/windows/imap/novell_netmail_auth.rb index 27220e4dbd..562013f2e4 100644 --- a/modules/exploits/windows/imap/novell_netmail_auth.rb +++ b/modules/exploits/windows/imap/novell_netmail_auth.rb @@ -21,6 +21,10 @@ class MetasploitModule < Msf::Exploit::Remote }, 'Author' => [ 'MC' ], 'License' => MSF_LICENSE, + 'References' => + [ + [ 'OSVDB', '55175' ] + ], 'Privileged' => true, 'DefaultOptions' => { diff --git a/modules/exploits/windows/imap/novell_netmail_status.rb b/modules/exploits/windows/imap/novell_netmail_status.rb index 5e1fc258cc..3f0cdc6c27 100644 --- a/modules/exploits/windows/imap/novell_netmail_status.rb +++ b/modules/exploits/windows/imap/novell_netmail_status.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-3314' ], + [ 'OSVDB', '20956' ], [ 'BID', '15491' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/imap/novell_netmail_subscribe.rb b/modules/exploits/windows/imap/novell_netmail_subscribe.rb index 2d7270853a..1b317ddc1f 100644 --- a/modules/exploits/windows/imap/novell_netmail_subscribe.rb +++ b/modules/exploits/windows/imap/novell_netmail_subscribe.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-6761' ], + [ 'OSVDB', '31360' ], [ 'BID', '21728' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=454' ], ], diff --git a/modules/exploits/windows/isapi/ms00_094_pbserver.rb b/modules/exploits/windows/isapi/ms00_094_pbserver.rb index 7fc555ddd4..de284832e7 100644 --- a/modules/exploits/windows/isapi/ms00_094_pbserver.rb +++ b/modules/exploits/windows/isapi/ms00_094_pbserver.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2000-1089' ], + [ 'OSVDB', '463' ], [ 'BID', '2048' ], [ 'MSB', 'MS00-094' ], ], diff --git a/modules/exploits/windows/isapi/ms03_022_nsiislog_post.rb b/modules/exploits/windows/isapi/ms03_022_nsiislog_post.rb index 0e62ccad1e..884a2cb940 100644 --- a/modules/exploits/windows/isapi/ms03_022_nsiislog_post.rb +++ b/modules/exploits/windows/isapi/ms03_022_nsiislog_post.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0349'], + [ 'OSVDB', '4535'], [ 'BID', '8035'], [ 'MSB', 'MS03-022'], [ 'URL', 'http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0120.html'], diff --git a/modules/exploits/windows/isapi/ms03_051_fp30reg_chunked.rb b/modules/exploits/windows/isapi/ms03_051_fp30reg_chunked.rb index c9e6a9c9f2..ffa2f21cb0 100644 --- a/modules/exploits/windows/isapi/ms03_051_fp30reg_chunked.rb +++ b/modules/exploits/windows/isapi/ms03_051_fp30reg_chunked.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0822'], + [ 'OSVDB', '2952'], [ 'BID', '9007'], [ 'MSB', 'MS03-051'], ], diff --git a/modules/exploits/windows/isapi/rsa_webagent_redirect.rb b/modules/exploits/windows/isapi/rsa_webagent_redirect.rb index 09a89cc877..0c03aed308 100644 --- a/modules/exploits/windows/isapi/rsa_webagent_redirect.rb +++ b/modules/exploits/windows/isapi/rsa_webagent_redirect.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-4734'], + ['OSVDB', '20151'], ], 'Privileged' => false, 'Payload' => diff --git a/modules/exploits/windows/isapi/w3who_query.rb b/modules/exploits/windows/isapi/w3who_query.rb index 19824e85f7..0963967016 100644 --- a/modules/exploits/windows/isapi/w3who_query.rb +++ b/modules/exploits/windows/isapi/w3who_query.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1134' ], + [ 'OSVDB', '12258' ], [ 'URL', 'http://www.exaprobe.com/labs/advisories/esa-2004-1206.html' ], [ 'BID', '11820' ] ], diff --git a/modules/exploits/windows/ldap/imail_thc.rb b/modules/exploits/windows/ldap/imail_thc.rb index cf8d8d0461..abbb005e30 100644 --- a/modules/exploits/windows/ldap/imail_thc.rb +++ b/modules/exploits/windows/ldap/imail_thc.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-0297'], + [ 'OSVDB', '3984'], [ 'BID', '9682'], [ 'URL', 'http://secunia.com/advisories/10880/'], ], diff --git a/modules/exploits/windows/ldap/pgp_keyserver7.rb b/modules/exploits/windows/ldap/pgp_keyserver7.rb index 9f7470ca26..1e98ff170f 100644 --- a/modules/exploits/windows/ldap/pgp_keyserver7.rb +++ b/modules/exploits/windows/ldap/pgp_keyserver7.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2001-1320' ], + [ 'OSVDB', '4742' ], [ 'BID', '3046' ], [ 'URL', 'http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/' ], ], diff --git a/modules/exploits/windows/license/calicclnt_getconfig.rb b/modules/exploits/windows/license/calicclnt_getconfig.rb index 512d1b17aa..18ef7a6cb2 100644 --- a/modules/exploits/windows/license/calicclnt_getconfig.rb +++ b/modules/exploits/windows/license/calicclnt_getconfig.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0581' ], + [ 'OSVDB', '14389' ], [ 'BID', '12705' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=213' ], ], diff --git a/modules/exploits/windows/license/calicserv_getconfig.rb b/modules/exploits/windows/license/calicserv_getconfig.rb index 0f9afcca77..0638dbae5b 100644 --- a/modules/exploits/windows/license/calicserv_getconfig.rb +++ b/modules/exploits/windows/license/calicserv_getconfig.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0581' ], + [ 'OSVDB', '14389' ], [ 'BID', '12705' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=213' ], ], diff --git a/modules/exploits/windows/license/flexnet_lmgrd_bof.rb b/modules/exploits/windows/license/flexnet_lmgrd_bof.rb index 46dcb2de18..1f7d26fd43 100644 --- a/modules/exploits/windows/license/flexnet_lmgrd_bof.rb +++ b/modules/exploits/windows/license/flexnet_lmgrd_bof.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '81899' ], [ 'BID', '52718' ], [ 'ZDI', '12-052' ], [ 'URL', 'http://aluigi.altervista.org/adv/lmgrd_1-adv.txt' ], diff --git a/modules/exploits/windows/license/sentinel_lm7_udp.rb b/modules/exploits/windows/license/sentinel_lm7_udp.rb index 9760721bcb..8fd7714f4b 100644 --- a/modules/exploits/windows/license/sentinel_lm7_udp.rb +++ b/modules/exploits/windows/license/sentinel_lm7_udp.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0353'], + [ 'OSVDB', '14605'], [ 'BID', '12742'], ], 'Privileged' => true, diff --git a/modules/exploits/windows/local/adobe_sandbox_adobecollabsync.rb b/modules/exploits/windows/local/adobe_sandbox_adobecollabsync.rb index 1073b21a98..cdbd812b7c 100644 --- a/modules/exploits/windows/local/adobe_sandbox_adobecollabsync.rb +++ b/modules/exploits/windows/local/adobe_sandbox_adobecollabsync.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ [ 'CVE', '2013-2730' ], + [ 'OSVDB', '93355' ], [ 'URL', 'http://blog.binamuse.com/2013/05/adobe-reader-x-collab-sandbox-bypass.html' ] ], 'Arch' => ARCH_X86, diff --git a/modules/exploits/windows/local/agnitum_outpost_acs.rb b/modules/exploits/windows/local/agnitum_outpost_acs.rb index 24f63d354e..681a42f712 100644 --- a/modules/exploits/windows/local/agnitum_outpost_acs.rb +++ b/modules/exploits/windows/local/agnitum_outpost_acs.rb @@ -46,6 +46,7 @@ class MetasploitModule < Msf::Exploit::Local }, 'References' => [ + [ 'OSVDB', '96208' ], [ 'EDB', '27282' ] ], 'DisclosureDate' => 'Aug 02 2013', diff --git a/modules/exploits/windows/local/bthpan.rb b/modules/exploits/windows/local/bthpan.rb index f6c0709a05..8f86edb891 100644 --- a/modules/exploits/windows/local/bthpan.rb +++ b/modules/exploits/windows/local/bthpan.rb @@ -56,6 +56,7 @@ class MetasploitModule < Msf::Exploit::Local [ 'MSB', 'MS14-062' ], [ 'CVE', '2014-4971' ], [ 'URL', 'https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt' ], + [ 'OSVDB', '109387' ] ], 'DisclosureDate' => 'Jul 18 2014', 'DefaultTarget' => 0 diff --git a/modules/exploits/windows/local/current_user_psexec.rb b/modules/exploits/windows/local/current_user_psexec.rb index 52fb050c4c..46c9d307fb 100644 --- a/modules/exploits/windows/local/current_user_psexec.rb +++ b/modules/exploits/windows/local/current_user_psexec.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ # same as for windows/smb/psexec [ 'CVE', '1999-0504'], # Administrator with no password (since this is the default) + [ 'OSVDB', '3106'], [ 'URL', 'http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/local/lenovo_systemupdate.rb b/modules/exploits/windows/local/lenovo_systemupdate.rb index e4f58044ea..1eeeb00c31 100644 --- a/modules/exploits/windows/local/lenovo_systemupdate.rb +++ b/modules/exploits/windows/local/lenovo_systemupdate.rb @@ -48,6 +48,7 @@ class MetasploitModule < Msf::Exploit::Local }, 'References' => [ + ['OSVDB', '121522'], ['CVE', '2015-2219'], ['URL', 'http://www.ioactive.com/pdfs/Lenovo_System_Update_Multiple_Privilege_Escalations.pdf'] ], diff --git a/modules/exploits/windows/local/ms10_015_kitrap0d.rb b/modules/exploits/windows/local/ms10_015_kitrap0d.rb index 188bfbe73a..351038ada4 100644 --- a/modules/exploits/windows/local/ms10_015_kitrap0d.rb +++ b/modules/exploits/windows/local/ms10_015_kitrap0d.rb @@ -39,6 +39,7 @@ class MetasploitModule < Msf::Exploit::Local 'DefaultTarget' => 0, 'References' => [ [ 'CVE', '2010-0232' ], + [ 'OSVDB', '61854' ], [ 'MSB', 'MS10-015' ], [ 'EDB', '11199' ], [ 'URL', 'http://seclists.org/fulldisclosure/2010/Jan/341' ] diff --git a/modules/exploits/windows/local/ms10_092_schelevator.rb b/modules/exploits/windows/local/ms10_092_schelevator.rb index f6215a3bdd..e41166d961 100644 --- a/modules/exploits/windows/local/ms10_092_schelevator.rb +++ b/modules/exploits/windows/local/ms10_092_schelevator.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Exploit::Local ], 'References' => [ + [ 'OSVDB', '68518' ], [ 'CVE', '2010-3338' ], [ 'BID', '44357' ], [ 'MSB', 'MS10-092' ], diff --git a/modules/exploits/windows/local/ms11_080_afdjoinleaf.rb b/modules/exploits/windows/local/ms11_080_afdjoinleaf.rb index 51f1ff729d..f058484caf 100644 --- a/modules/exploits/windows/local/ms11_080_afdjoinleaf.rb +++ b/modules/exploits/windows/local/ms11_080_afdjoinleaf.rb @@ -71,6 +71,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ %w(CVE 2011-2005), + %w(OSVDB 76232), %w(EDB 18176), %w(MSB MS11-080), %w(URL http://www.offensive-security.com/vulndev/ms11-080-voyage-into-ring-zero/) diff --git a/modules/exploits/windows/local/ms13_005_hwnd_broadcast.rb b/modules/exploits/windows/local/ms13_005_hwnd_broadcast.rb index ed85c3c3f3..c8a04ce87c 100644 --- a/modules/exploits/windows/local/ms13_005_hwnd_broadcast.rb +++ b/modules/exploits/windows/local/ms13_005_hwnd_broadcast.rb @@ -60,6 +60,7 @@ class MetasploitModule < Msf::Exploit::Local [ [ 'CVE', '2013-0008' ], [ 'MSB', 'MS13-005' ], + [ 'OSVDB', '88966'], [ 'URL', 'http://blog.cmpxchg8b.com/2013/02/a-few-years-ago-while-working-on.html' ] ] )) diff --git a/modules/exploits/windows/local/ms13_081_track_popup_menu.rb b/modules/exploits/windows/local/ms13_081_track_popup_menu.rb index ec1bb8a461..0767257937 100644 --- a/modules/exploits/windows/local/ms13_081_track_popup_menu.rb +++ b/modules/exploits/windows/local/ms13_081_track_popup_menu.rb @@ -52,6 +52,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ [ 'CVE', '2013-3881' ], + [ 'OSVDB', '98212' ], [ 'BID', '62830'], [ 'MSB', 'MS13-081' ], [ 'URL', 'http://endgame.com/news/microsoft-win32k-null-page-vulnerability-technical-analysis.html' ], diff --git a/modules/exploits/windows/local/ms14_058_track_popup_menu.rb b/modules/exploits/windows/local/ms14_058_track_popup_menu.rb index 8cd3b64172..6e84605d84 100644 --- a/modules/exploits/windows/local/ms14_058_track_popup_menu.rb +++ b/modules/exploits/windows/local/ms14_058_track_popup_menu.rb @@ -63,6 +63,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ ['CVE', '2014-4113'], + ['OSVDB', '113167'], ['BID', '70364'], ['MSB', 'MS14-058'], ['URL', 'http://blog.trendmicro.com/trendlabs-security-intelligence/an-analysis-of-a-windows-kernel-mode-vulnerability-cve-2014-4113/'] diff --git a/modules/exploits/windows/local/ms14_070_tcpip_ioctl.rb b/modules/exploits/windows/local/ms14_070_tcpip_ioctl.rb index f709cd8eb6..6809b48556 100644 --- a/modules/exploits/windows/local/ms14_070_tcpip_ioctl.rb +++ b/modules/exploits/windows/local/ms14_070_tcpip_ioctl.rb @@ -53,6 +53,7 @@ class MetasploitModule < Msf::Exploit::Local [ ['CVE', '2014-4076'], ['MSB', 'MS14-070'], + ['OSVDB', '114532'], ['URL', 'https://blog.korelogic.com/blog/2015/01/28/2k3_tcpip_setaddroptions_exploit_dev'], ['URL', 'https://www.korelogic.com/Resources/Advisories/KL-001-2015-001.txt'] ], diff --git a/modules/exploits/windows/local/ms_ndproxy.rb b/modules/exploits/windows/local/ms_ndproxy.rb index 68d035f8f4..441ee622ba 100644 --- a/modules/exploits/windows/local/ms_ndproxy.rb +++ b/modules/exploits/windows/local/ms_ndproxy.rb @@ -73,6 +73,7 @@ class MetasploitModule < Msf::Exploit::Local [ %w(CVE 2013-5065), %w(MSB MS14-002), + %w(OSVDB 100368), %w(BID 63971), %w(EDB 30014), %w(URL http://labs.portcullis.co.uk/blog/cve-2013-5065-ndproxy-array-indexing-error-unpatched-vulnerability/), diff --git a/modules/exploits/windows/local/novell_client_nicm.rb b/modules/exploits/windows/local/novell_client_nicm.rb index 99d023c9ee..48e194aefb 100644 --- a/modules/exploits/windows/local/novell_client_nicm.rb +++ b/modules/exploits/windows/local/novell_client_nicm.rb @@ -56,6 +56,7 @@ class MetasploitModule < Msf::Exploit::Local }, 'References' => [ + [ 'OSVDB', '93718' ], [ 'URL', 'http://www.novell.com/support/kb/doc.php?id=7012497' ], [ 'URL', 'http://pastebin.com/GB4iiEwR' ] ], diff --git a/modules/exploits/windows/local/novell_client_nwfs.rb b/modules/exploits/windows/local/novell_client_nwfs.rb index e68392e26b..9a2ef1896d 100644 --- a/modules/exploits/windows/local/novell_client_nwfs.rb +++ b/modules/exploits/windows/local/novell_client_nwfs.rb @@ -52,6 +52,7 @@ class MetasploitModule < Msf::Exploit::Local ], 'References' => [ + [ 'OSVDB', '46578' ], [ 'BID', '30001' ] ], 'DisclosureDate'=> 'Jun 26 2008', diff --git a/modules/exploits/windows/local/nvidia_nvsvc.rb b/modules/exploits/windows/local/nvidia_nvsvc.rb index b248e1efa8..97c19714e1 100644 --- a/modules/exploits/windows/local/nvidia_nvsvc.rb +++ b/modules/exploits/windows/local/nvidia_nvsvc.rb @@ -58,6 +58,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ [ 'CVE', '2013-0109' ], + [ 'OSVDB', '88745' ], [ 'URL', 'http://nvidia.custhelp.com/app/answers/detail/a_id/3288' ], ], 'DisclosureDate' => 'Dec 25 2012', diff --git a/modules/exploits/windows/local/powershell_remoting.rb b/modules/exploits/windows/local/powershell_remoting.rb index a85f0849ab..ac63c1c122 100644 --- a/modules/exploits/windows/local/powershell_remoting.rb +++ b/modules/exploits/windows/local/powershell_remoting.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ [ 'CVE', '1999-0504'], # Administrator with no password (since this is the default) + [ 'OSVDB', '3106'] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/local/ppr_flatten_rec.rb b/modules/exploits/windows/local/ppr_flatten_rec.rb index 084e850c64..9ec2c9df0b 100644 --- a/modules/exploits/windows/local/ppr_flatten_rec.rb +++ b/modules/exploits/windows/local/ppr_flatten_rec.rb @@ -56,6 +56,7 @@ class MetasploitModule < Msf::Exploit::Local [ [ 'CVE', '2013-3660' ], [ 'EDB', '25912' ], + [ 'OSVDB', '93539' ], [ 'MSB', 'MS13-053' ], [ 'URL', 'http://seclists.org/fulldisclosure/2013/May/91' ], ], diff --git a/modules/exploits/windows/local/wmi.rb b/modules/exploits/windows/local/wmi.rb index 7c6608c863..a57469af53 100644 --- a/modules/exploits/windows/local/wmi.rb +++ b/modules/exploits/windows/local/wmi.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Local 'References' => [ [ 'CVE', '1999-0504'], # Administrator with no password (since this is the default) + [ 'OSVDB', '3106'], [ 'URL', 'http://passing-the-hash.blogspot.co.uk/2013/07/WMIS-PowerSploit-Shells.html' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/lotus/domino_http_accept_language.rb b/modules/exploits/windows/lotus/domino_http_accept_language.rb index fe0535e3a3..d7aa39f5d0 100644 --- a/modules/exploits/windows/lotus/domino_http_accept_language.rb +++ b/modules/exploits/windows/lotus/domino_http_accept_language.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2008-2240'], + ['OSVDB', '45415'], ['BID', '29310'], ['URL', 'http://www-01.ibm.com/support/docview.wss?uid=swg21303057'], ], diff --git a/modules/exploits/windows/lotus/domino_icalendar_organizer.rb b/modules/exploits/windows/lotus/domino_icalendar_organizer.rb index 1479477d54..15c6f3465b 100644 --- a/modules/exploits/windows/lotus/domino_icalendar_organizer.rb +++ b/modules/exploits/windows/lotus/domino_icalendar_organizer.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-3407' ], + [ 'OSVDB', '68040' ], [ 'ZDI', '10-177' ], [ 'URL', 'http://labs.mwrinfosecurity.com/advisories/lotus_domino_ical_stack_buffer_overflow/' ], [ 'URL', 'http://www-01.ibm.com/support/docview.wss?rs=475&uid=swg21446515' ] diff --git a/modules/exploits/windows/lotus/domino_sametime_stmux.rb b/modules/exploits/windows/lotus/domino_sametime_stmux.rb index ef87b0f18b..0152389d2e 100644 --- a/modules/exploits/windows/lotus/domino_sametime_stmux.rb +++ b/modules/exploits/windows/lotus/domino_sametime_stmux.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-2499' ], + [ 'OSVDB', '45610' ], [ 'BID', '29328' ], [ 'ZDI', '08-028' ], ], diff --git a/modules/exploits/windows/lotus/lotusnotes_lzh.rb b/modules/exploits/windows/lotus/lotusnotes_lzh.rb index 768a79b429..c81eba5b73 100644 --- a/modules/exploits/windows/lotus/lotusnotes_lzh.rb +++ b/modules/exploits/windows/lotus/lotusnotes_lzh.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-1213'], + ['OSVDB', '72706'], ['BID', '48018'], ['URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=904'], ['URL', 'http://www.ibm.com/support/docview.wss?uid=swg21500034'], diff --git a/modules/exploits/windows/lpd/hummingbird_exceed.rb b/modules/exploits/windows/lpd/hummingbird_exceed.rb index 50a1ace36c..783fc8ec7c 100644 --- a/modules/exploits/windows/lpd/hummingbird_exceed.rb +++ b/modules/exploits/windows/lpd/hummingbird_exceed.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-1815'], + ['OSVDB', '16957'], ['BID', '13788'], ], 'Privileged' => true, diff --git a/modules/exploits/windows/lpd/niprint.rb b/modules/exploits/windows/lpd/niprint.rb index 0f212f1f1e..aa57ae65e4 100644 --- a/modules/exploits/windows/lpd/niprint.rb +++ b/modules/exploits/windows/lpd/niprint.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2003-1141'], + ['OSVDB', '2774'], ['BID', '8968'], ['URL', 'http://www.immunitysec.com/documentation/vs_niprint.html'], ], diff --git a/modules/exploits/windows/lpd/saplpd.rb b/modules/exploits/windows/lpd/saplpd.rb index d8cd33e8e1..e370868b86 100644 --- a/modules/exploits/windows/lpd/saplpd.rb +++ b/modules/exploits/windows/lpd/saplpd.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-0621' ], + [ 'OSVDB', '41127' ], [ 'BID', '27613' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/lpd/wincomlpd_admin.rb b/modules/exploits/windows/lpd/wincomlpd_admin.rb index b93e3c1488..6e5354b7e5 100644 --- a/modules/exploits/windows/lpd/wincomlpd_admin.rb +++ b/modules/exploits/windows/lpd/wincomlpd_admin.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2008-5159'], + ['OSVDB', '42861'], ['BID', '27614'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/actfax_raw_server_bof.rb b/modules/exploits/windows/misc/actfax_raw_server_bof.rb index 1a0e601634..970804766e 100644 --- a/modules/exploits/windows/misc/actfax_raw_server_bof.rb +++ b/modules/exploits/windows/misc/actfax_raw_server_bof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '89944' ], [ 'BID', '57789' ], [ 'EDB', '24467' ], [ 'URL', 'http://www.pwnag3.com/2013/02/actfax-raw-server-exploit.html' ] diff --git a/modules/exploits/windows/misc/agentxpp_receive_agentx.rb b/modules/exploits/windows/misc/agentxpp_receive_agentx.rb index c39116166e..64aa24d4a0 100644 --- a/modules/exploits/windows/misc/agentxpp_receive_agentx.rb +++ b/modules/exploits/windows/misc/agentxpp_receive_agentx.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-1318' ], + [ 'OSVDB', '63919'], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=867' ] ], 'Privileged' => true, diff --git a/modules/exploits/windows/misc/allmediaserver_bof.rb b/modules/exploits/windows/misc/allmediaserver_bof.rb index 0e2c54b98d..2ecd64761c 100644 --- a/modules/exploits/windows/misc/allmediaserver_bof.rb +++ b/modules/exploits/windows/misc/allmediaserver_bof.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '83889' ], [ 'EDB', '19625' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/altiris_ds_sqli.rb b/modules/exploits/windows/misc/altiris_ds_sqli.rb index 557ad65a00..5d41f38d8d 100644 --- a/modules/exploits/windows/misc/altiris_ds_sqli.rb +++ b/modules/exploits/windows/misc/altiris_ds_sqli.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-2286' ], + [ 'OSVDB', '45313' ], [ 'BID', '29198'], [ 'URL', 'http://www.zerodayinitiative.com/advisories/ZDI-08-024' ] ], diff --git a/modules/exploits/windows/misc/apple_quicktime_rtsp_response.rb b/modules/exploits/windows/misc/apple_quicktime_rtsp_response.rb index e8499aac4e..a18abfeb57 100644 --- a/modules/exploits/windows/misc/apple_quicktime_rtsp_response.rb +++ b/modules/exploits/windows/misc/apple_quicktime_rtsp_response.rb @@ -20,6 +20,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-6166' ], + [ 'OSVDB', '40876' ], [ 'BID', '26549' ], [ 'EDB', '4648' ], ], diff --git a/modules/exploits/windows/misc/asus_dpcproxy_overflow.rb b/modules/exploits/windows/misc/asus_dpcproxy_overflow.rb index 82b6bbcef3..ef8ca5f737 100644 --- a/modules/exploits/windows/misc/asus_dpcproxy_overflow.rb +++ b/modules/exploits/windows/misc/asus_dpcproxy_overflow.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-1491' ], + [ 'OSVDB', '43638' ], [ 'BID', '28394' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/avaya_winpmd_unihostrouter.rb b/modules/exploits/windows/misc/avaya_winpmd_unihostrouter.rb index cf35eea7df..163488bdd5 100644 --- a/modules/exploits/windows/misc/avaya_winpmd_unihostrouter.rb +++ b/modules/exploits/windows/misc/avaya_winpmd_unihostrouter.rb @@ -27,6 +27,8 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '82764'], + ['OSVDB', '73269'], ['BID', '47947'], ['EDB', '18397'], ['URL', 'https://downloads.avaya.com/css/P8/documents/100140122'], diff --git a/modules/exploits/windows/misc/avidphoneticindexer.rb b/modules/exploits/windows/misc/avidphoneticindexer.rb index 9426514f14..b73941ecee 100644 --- a/modules/exploits/windows/misc/avidphoneticindexer.rb +++ b/modules/exploits/windows/misc/avidphoneticindexer.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-5003'], + ['OSVDB', '77376'], [ 'URL', 'http://www.security-assessment.com/files/documents/advisory/Avid_Media_Composer-Phonetic_Indexer-Remote_Stack_Buffer_Overflow.pdf' ], ], 'Payload' => diff --git a/modules/exploits/windows/misc/bakbone_netvault_heap.rb b/modules/exploits/windows/misc/bakbone_netvault_heap.rb index ece978d8e7..33623a6a2e 100644 --- a/modules/exploits/windows/misc/bakbone_netvault_heap.rb +++ b/modules/exploits/windows/misc/bakbone_netvault_heap.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-1009'], + ['OSVDB', '15234'], ['BID', '12967'], ], 'Payload' => diff --git a/modules/exploits/windows/misc/bcaaa_bof.rb b/modules/exploits/windows/misc/bcaaa_bof.rb index 796675851f..b83075517a 100644 --- a/modules/exploits/windows/misc/bcaaa_bof.rb +++ b/modules/exploits/windows/misc/bcaaa_bof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-5124' ], + [ 'OSVDB', '72095'], [ 'URL', 'https://kb.bluecoat.com/index?page=content&id=SA55' ], [ 'URL', 'http://seclists.org/bugtraq/2011/Jul/44' ] ], diff --git a/modules/exploits/windows/misc/bigant_server.rb b/modules/exploits/windows/misc/bigant_server.rb index b90677ff0c..a485c3f977 100644 --- a/modules/exploits/windows/misc/bigant_server.rb +++ b/modules/exploits/windows/misc/bigant_server.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-1914' ], + [ 'OSVDB', '44454' ], [ 'BID', '28795' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/misc/bigant_server_250.rb b/modules/exploits/windows/misc/bigant_server_250.rb index 372e07ec15..2cfbdcfe73 100644 --- a/modules/exploits/windows/misc/bigant_server_250.rb +++ b/modules/exploits/windows/misc/bigant_server_250.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote # It's not clear if these are correct - there was a fix for # the v2.2 vuln back in Dec 2008 [ 'CVE', '2008-1914'], + [ 'OSVDB', '44454'], [ 'EDB', '9673' ], [ 'EDB', '9690' ] #[ 'B_ID', '28795' ], diff --git a/modules/exploits/windows/misc/bigant_server_dupf_upload.rb b/modules/exploits/windows/misc/bigant_server_dupf_upload.rb index b99242b57e..2a727d37ea 100644 --- a/modules/exploits/windows/misc/bigant_server_dupf_upload.rb +++ b/modules/exploits/windows/misc/bigant_server_dupf_upload.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote [ 'CVE', '2012-6274' ], [ 'US-CERT-VU', '990652' ], [ 'BID', '57214' ], + [ 'OSVDB', '89342' ] ], 'Privileged' => true, 'Platform' => 'win', diff --git a/modules/exploits/windows/misc/bigant_server_sch_dupf_bof.rb b/modules/exploits/windows/misc/bigant_server_sch_dupf_bof.rb index 8bb00236e0..e0fd894ab6 100644 --- a/modules/exploits/windows/misc/bigant_server_sch_dupf_bof.rb +++ b/modules/exploits/windows/misc/bigant_server_sch_dupf_bof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote [ 'CVE', '2012-6275' ], [ 'US-CERT-VU', '990652' ], [ 'BID', '57214' ], + [ 'OSVDB', '89344' ] ], 'Payload' => { diff --git a/modules/exploits/windows/misc/bigant_server_usv.rb b/modules/exploits/windows/misc/bigant_server_usv.rb index 9bb032117e..fa53f1bdc9 100644 --- a/modules/exploits/windows/misc/bigant_server_usv.rb +++ b/modules/exploits/windows/misc/bigant_server_usv.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '61386' ], [ 'EDB', '10765' ], [ 'EDB', '10973' ] ], diff --git a/modules/exploits/windows/misc/bomberclone_overflow.rb b/modules/exploits/windows/misc/bomberclone_overflow.rb index 1826995b54..55a2bb646b 100644 --- a/modules/exploits/windows/misc/bomberclone_overflow.rb +++ b/modules/exploits/windows/misc/bomberclone_overflow.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-0460'], + ['OSVDB', '23263'], ['BID', '16697'] ], 'Payload' => diff --git a/modules/exploits/windows/misc/bopup_comm.rb b/modules/exploits/windows/misc/bopup_comm.rb index 931edca3bd..c792582b39 100644 --- a/modules/exploits/windows/misc/bopup_comm.rb +++ b/modules/exploits/windows/misc/bopup_comm.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-2227' ], + [ 'OSVDB', '55275' ], [ 'URL', 'http://www.blabsoft.com/products/server' ], [ 'EDB', '9002' ] ], diff --git a/modules/exploits/windows/misc/borland_interbase.rb b/modules/exploits/windows/misc/borland_interbase.rb index 1a7ed101de..c994706c67 100644 --- a/modules/exploits/windows/misc/borland_interbase.rb +++ b/modules/exploits/windows/misc/borland_interbase.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-3566' ], + [ 'OSVDB', '38602' ], [ 'URL', 'http://dvlabs.tippingpoint.com/advisory/TPTI-07-13' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/borland_starteam.rb b/modules/exploits/windows/misc/borland_starteam.rb index 508b8e5187..d744dd9c5f 100644 --- a/modules/exploits/windows/misc/borland_starteam.rb +++ b/modules/exploits/windows/misc/borland_starteam.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-0311' ], + [ 'OSVDB', '44039' ], [ 'BID', '28602' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/citrix_streamprocess.rb b/modules/exploits/windows/misc/citrix_streamprocess.rb index 387016f42e..b67a2c6433 100644 --- a/modules/exploits/windows/misc/citrix_streamprocess.rb +++ b/modules/exploits/windows/misc/citrix_streamprocess.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '70597'], [ 'ZDI', '11-023' ], [ 'URL', 'http://secunia.com/advisories/42954/' ], [ 'URL', 'http://support.citrix.com/article/CTX127149' ], diff --git a/modules/exploits/windows/misc/citrix_streamprocess_data_msg.rb b/modules/exploits/windows/misc/citrix_streamprocess_data_msg.rb index 5f98778dcb..e67cc1e95e 100644 --- a/modules/exploits/windows/misc/citrix_streamprocess_data_msg.rb +++ b/modules/exploits/windows/misc/citrix_streamprocess_data_msg.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '75780'], ['BID', '49803'], ['ZDI', '12-009'], ['URL', 'http://support.citrix.com/article/CTX130846'] diff --git a/modules/exploits/windows/misc/citrix_streamprocess_get_boot_record_request.rb b/modules/exploits/windows/misc/citrix_streamprocess_get_boot_record_request.rb index 132c93851a..5d48e0a692 100644 --- a/modules/exploits/windows/misc/citrix_streamprocess_get_boot_record_request.rb +++ b/modules/exploits/windows/misc/citrix_streamprocess_get_boot_record_request.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '75780'], ['BID', '49803'], ['URL', 'http://support.citrix.com/article/CTX130846'] ], diff --git a/modules/exploits/windows/misc/citrix_streamprocess_get_footer.rb b/modules/exploits/windows/misc/citrix_streamprocess_get_footer.rb index 38b9dd07d4..373922133a 100644 --- a/modules/exploits/windows/misc/citrix_streamprocess_get_footer.rb +++ b/modules/exploits/windows/misc/citrix_streamprocess_get_footer.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '75780'], ['BID', '49803'], ['URL', 'http://support.citrix.com/article/CTX130846'] ], diff --git a/modules/exploits/windows/misc/citrix_streamprocess_get_objects.rb b/modules/exploits/windows/misc/citrix_streamprocess_get_objects.rb index 6c6a63b840..8741273ee4 100644 --- a/modules/exploits/windows/misc/citrix_streamprocess_get_objects.rb +++ b/modules/exploits/windows/misc/citrix_streamprocess_get_objects.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '75780'], ['BID', '49803'], ['URL', 'http://support.citrix.com/article/CTX130846'], ['ZDI', '12-010'] diff --git a/modules/exploits/windows/misc/doubletake.rb b/modules/exploits/windows/misc/doubletake.rb index d82ec4da13..388c996923 100644 --- a/modules/exploits/windows/misc/doubletake.rb +++ b/modules/exploits/windows/misc/doubletake.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2008-1661' ], + ['OSVDB', '45924' ], ], 'Privileged' => false, 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/eiqnetworks_esa.rb b/modules/exploits/windows/misc/eiqnetworks_esa.rb index e0092d2e18..bcc0102e7b 100644 --- a/modules/exploits/windows/misc/eiqnetworks_esa.rb +++ b/modules/exploits/windows/misc/eiqnetworks_esa.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-3838'], + ['OSVDB', '27526'], ['BID', '19163'], ['ZDI', '06-024'], ], diff --git a/modules/exploits/windows/misc/eiqnetworks_esa_topology.rb b/modules/exploits/windows/misc/eiqnetworks_esa_topology.rb index fb1d75a45a..5e7b5c8e0b 100644 --- a/modules/exploits/windows/misc/eiqnetworks_esa_topology.rb +++ b/modules/exploits/windows/misc/eiqnetworks_esa_topology.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-3838'], + ['OSVDB', '27528'], ['BID', '19164'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/enterasys_netsight_syslog_bof.rb b/modules/exploits/windows/misc/enterasys_netsight_syslog_bof.rb index a6a87d5aa2..b5c78fb561 100644 --- a/modules/exploits/windows/misc/enterasys_netsight_syslog_bof.rb +++ b/modules/exploits/windows/misc/enterasys_netsight_syslog_bof.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-5227'], + ['OSVDB', '77971'], ['BID', '51124'], ['ZDI', '11-350'] ], diff --git a/modules/exploits/windows/misc/eureka_mail_err.rb b/modules/exploits/windows/misc/eureka_mail_err.rb index cd9a49ced9..8d61c18476 100644 --- a/modules/exploits/windows/misc/eureka_mail_err.rb +++ b/modules/exploits/windows/misc/eureka_mail_err.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3837' ], + [ 'OSVDB', '59262' ], [ 'EDB', '10235' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/fb_cnct_group.rb b/modules/exploits/windows/misc/fb_cnct_group.rb index 640c39c37f..df7c0adc8e 100644 --- a/modules/exploits/windows/misc/fb_cnct_group.rb +++ b/modules/exploits/windows/misc/fb_cnct_group.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-2492' ], + [ 'OSVDB', '91044' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/misc/fb_isc_attach_database.rb b/modules/exploits/windows/misc/fb_isc_attach_database.rb index 340d44979c..d913136f3b 100644 --- a/modules/exploits/windows/misc/fb_isc_attach_database.rb +++ b/modules/exploits/windows/misc/fb_isc_attach_database.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5243' ], + [ 'OSVDB', '38607' ], [ 'BID', '25917' ], [ 'URL', 'http://www.risesecurity.org/advisories/RISE-2007002.txt' ], ], diff --git a/modules/exploits/windows/misc/fb_isc_create_database.rb b/modules/exploits/windows/misc/fb_isc_create_database.rb index 1636051bda..2bcac14761 100644 --- a/modules/exploits/windows/misc/fb_isc_create_database.rb +++ b/modules/exploits/windows/misc/fb_isc_create_database.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5243' ], + [ 'OSVDB', '38606' ], [ 'BID', '25917' ], [ 'URL', 'http://www.risesecurity.org/advisories/RISE-2007002.txt' ], ], diff --git a/modules/exploits/windows/misc/fb_svc_attach.rb b/modules/exploits/windows/misc/fb_svc_attach.rb index db3097f8b5..db3949ec51 100644 --- a/modules/exploits/windows/misc/fb_svc_attach.rb +++ b/modules/exploits/windows/misc/fb_svc_attach.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5243' ], + [ 'OSVDB', '38605' ], [ 'BID', '25917' ], [ 'URL', 'http://www.risesecurity.org/advisories/RISE-2007002.txt' ], ], diff --git a/modules/exploits/windows/misc/gimp_script_fu.rb b/modules/exploits/windows/misc/gimp_script_fu.rb index 4c071b2094..d5e6c095ef 100644 --- a/modules/exploits/windows/misc/gimp_script_fu.rb +++ b/modules/exploits/windows/misc/gimp_script_fu.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-2763' ], + [ 'OSVDB', '82429' ], [ 'BID', '53741' ], [ 'EDB', '18956' ], [ 'URL', 'http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html' ] diff --git a/modules/exploits/windows/misc/hp_dataprotector_cmd_exec.rb b/modules/exploits/windows/misc/hp_dataprotector_cmd_exec.rb index 22a6ec8ea6..cf29c3b2d6 100644 --- a/modules/exploits/windows/misc/hp_dataprotector_cmd_exec.rb +++ b/modules/exploits/windows/misc/hp_dataprotector_cmd_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2014-2623'], + ['OSVDB', '109069'], ['EDB', '34066'], ['URL', 'https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04373818'] ], diff --git a/modules/exploits/windows/misc/hp_dataprotector_crs.rb b/modules/exploits/windows/misc/hp_dataprotector_crs.rb index cab1b65832..d600cbbad1 100644 --- a/modules/exploits/windows/misc/hp_dataprotector_crs.rb +++ b/modules/exploits/windows/misc/hp_dataprotector_crs.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-2333' ], + [ 'OSVDB', '93867' ], [ 'BID', '60309' ], [ 'ZDI', '13-130' ] ], diff --git a/modules/exploits/windows/misc/hp_dataprotector_dtbclslogin.rb b/modules/exploits/windows/misc/hp_dataprotector_dtbclslogin.rb index 8cc4816a43..2e1c591fd1 100644 --- a/modules/exploits/windows/misc/hp_dataprotector_dtbclslogin.rb +++ b/modules/exploits/windows/misc/hp_dataprotector_dtbclslogin.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-3007' ], + [ 'OSVDB', '67973' ], [ 'BID', '43105' ], [ 'ZDI', '10-174' ], [ 'URL', 'http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02498535' ] diff --git a/modules/exploits/windows/misc/hp_dataprotector_new_folder.rb b/modules/exploits/windows/misc/hp_dataprotector_new_folder.rb index 9501583f4b..65676817b8 100644 --- a/modules/exploits/windows/misc/hp_dataprotector_new_folder.rb +++ b/modules/exploits/windows/misc/hp_dataprotector_new_folder.rb @@ -38,6 +38,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-0124' ], + [ 'OSVDB', '80105' ], [ 'BID', '52431' ], [ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2012/07/06/an-example-of-egghunting-to-exploit-cve-2012-0124' ] ], diff --git a/modules/exploits/windows/misc/hp_dataprotector_traversal.rb b/modules/exploits/windows/misc/hp_dataprotector_traversal.rb index 64421ac4f8..779082e32e 100644 --- a/modules/exploits/windows/misc/hp_dataprotector_traversal.rb +++ b/modules/exploits/windows/misc/hp_dataprotector_traversal.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2013-6194' ], + [ 'OSVDB', '101630' ], [ 'BID', '64647' ], [ 'ZDI', '14-003' ], [ 'URL' , 'https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03822422' ] diff --git a/modules/exploits/windows/misc/hp_imc_uam.rb b/modules/exploits/windows/misc/hp_imc_uam.rb index e919204230..6ba32d2958 100644 --- a/modules/exploits/windows/misc/hp_imc_uam.rb +++ b/modules/exploits/windows/misc/hp_imc_uam.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-3274'], + ['OSVDB', '85060'], ['BID', '55271'], ['ZDI', '12-171'], ['URL', 'https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03589863'] diff --git a/modules/exploits/windows/misc/hp_loadrunner_magentproc.rb b/modules/exploits/windows/misc/hp_loadrunner_magentproc.rb index f4e6eac80a..7f7d4d2696 100644 --- a/modules/exploits/windows/misc/hp_loadrunner_magentproc.rb +++ b/modules/exploits/windows/misc/hp_loadrunner_magentproc.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2013-4800'], + ['OSVDB', '95644'], ['ZDI', '13-169'] ], 'Privileged' => false, diff --git a/modules/exploits/windows/misc/hp_magentservice.rb b/modules/exploits/windows/misc/hp_magentservice.rb index 1c76e4672e..041554ef94 100644 --- a/modules/exploits/windows/misc/hp_magentservice.rb +++ b/modules/exploits/windows/misc/hp_magentservice.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '72815'], ['CVE', '2011-4789'], ['ZDI', '12-016'] ], diff --git a/modules/exploits/windows/misc/hp_omniinet_1.rb b/modules/exploits/windows/misc/hp_omniinet_1.rb index 9041b839c4..6da50b07fa 100644 --- a/modules/exploits/windows/misc/hp_omniinet_1.rb +++ b/modules/exploits/windows/misc/hp_omniinet_1.rb @@ -41,6 +41,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2007-2280' ], [ 'BID', '37396' ], + [ 'OSVDB', '61206' ], [ 'ZDI', '09-099' ] ], 'Privileged' => true, diff --git a/modules/exploits/windows/misc/hp_omniinet_2.rb b/modules/exploits/windows/misc/hp_omniinet_2.rb index 22a1479d7d..f5dbf7bd77 100644 --- a/modules/exploits/windows/misc/hp_omniinet_2.rb +++ b/modules/exploits/windows/misc/hp_omniinet_2.rb @@ -41,6 +41,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2009-3844' ], [ 'BID', '37250' ], + [ 'OSVDB', '60852' ], [ 'ZDI', '09-091' ] ], 'Privileged' => true, diff --git a/modules/exploits/windows/misc/hp_omniinet_3.rb b/modules/exploits/windows/misc/hp_omniinet_3.rb index bafc4f2576..e0332ba2a2 100644 --- a/modules/exploits/windows/misc/hp_omniinet_3.rb +++ b/modules/exploits/windows/misc/hp_omniinet_3.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-1865' ], + [ 'OSVDB', '73571'], [ 'URL', 'http://www.coresecurity.com/content/HP-Data-Protector-multiple-vulnerabilities' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/misc/hp_omniinet_4.rb b/modules/exploits/windows/misc/hp_omniinet_4.rb index 2ecbea30d1..4128ceaf0c 100644 --- a/modules/exploits/windows/misc/hp_omniinet_4.rb +++ b/modules/exploits/windows/misc/hp_omniinet_4.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-1865' ], + [ 'OSVDB', '73571'], [ 'EDB', '17468' ], [ 'URL', 'http://www.coresecurity.com/content/HP-Data-Protector-multiple-vulnerabilities' ], [ 'URL', 'http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182' ], diff --git a/modules/exploits/windows/misc/hp_operations_agent_coda_34.rb b/modules/exploits/windows/misc/hp_operations_agent_coda_34.rb index 40eb60fb3e..a7e2b6619a 100644 --- a/modules/exploits/windows/misc/hp_operations_agent_coda_34.rb +++ b/modules/exploits/windows/misc/hp_operations_agent_coda_34.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-2019' ], + [ 'OSVDB', '83673' ], [ 'BID', '54362' ], [ 'ZDI', '12-114' ] ], diff --git a/modules/exploits/windows/misc/hp_operations_agent_coda_8c.rb b/modules/exploits/windows/misc/hp_operations_agent_coda_8c.rb index 0683ac6ada..704f3f28c4 100644 --- a/modules/exploits/windows/misc/hp_operations_agent_coda_8c.rb +++ b/modules/exploits/windows/misc/hp_operations_agent_coda_8c.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-2020' ], + [ 'OSVDB', '83674' ], [ 'BID', '54362' ], [ 'ZDI', '12-115' ] ], diff --git a/modules/exploits/windows/misc/hp_ovtrace.rb b/modules/exploits/windows/misc/hp_ovtrace.rb index c505c4e752..77ff5cd927 100644 --- a/modules/exploits/windows/misc/hp_ovtrace.rb +++ b/modules/exploits/windows/misc/hp_ovtrace.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-3872' ], + [ 'OSVDB', '39527' ], [ 'BID', '25255' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/ib_isc_attach_database.rb b/modules/exploits/windows/misc/ib_isc_attach_database.rb index 7b3557439d..8b90ae8b18 100644 --- a/modules/exploits/windows/misc/ib_isc_attach_database.rb +++ b/modules/exploits/windows/misc/ib_isc_attach_database.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5243' ], + [ 'OSVDB', '38607' ], [ 'BID', '25917' ], [ 'URL', 'http://www.risesecurity.org/advisories/RISE-2007002.txt' ], ], diff --git a/modules/exploits/windows/misc/ib_isc_create_database.rb b/modules/exploits/windows/misc/ib_isc_create_database.rb index 85d69b7bce..19e55148ad 100644 --- a/modules/exploits/windows/misc/ib_isc_create_database.rb +++ b/modules/exploits/windows/misc/ib_isc_create_database.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5243' ], + [ 'OSVDB', '38606' ], [ 'BID', '25917' ], [ 'URL', 'http://www.risesecurity.org/advisories/RISE-2007002.txt' ], ], diff --git a/modules/exploits/windows/misc/ib_svc_attach.rb b/modules/exploits/windows/misc/ib_svc_attach.rb index ada40aba9e..7a177f1417 100644 --- a/modules/exploits/windows/misc/ib_svc_attach.rb +++ b/modules/exploits/windows/misc/ib_svc_attach.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-5243' ], + [ 'OSVDB', '38605' ], [ 'BID', '25917' ], [ 'URL', 'http://www.risesecurity.org/advisories/RISE-2007002.txt' ], ], diff --git a/modules/exploits/windows/misc/ibm_cognos_tm1admsd_bof.rb b/modules/exploits/windows/misc/ibm_cognos_tm1admsd_bof.rb index 047361bd27..2b8ed7bd4c 100644 --- a/modules/exploits/windows/misc/ibm_cognos_tm1admsd_bof.rb +++ b/modules/exploits/windows/misc/ibm_cognos_tm1admsd_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-0202'], + ['OSVDB', '80876'], ['BID', '52847'], ['ZDI', '12-101'], ['URL', 'http://www-01.ibm.com/support/docview.wss?uid=swg21590314'] diff --git a/modules/exploits/windows/misc/ibm_director_cim_dllinject.rb b/modules/exploits/windows/misc/ibm_director_cim_dllinject.rb index bde46a4152..965e5cc20c 100644 --- a/modules/exploits/windows/misc/ibm_director_cim_dllinject.rb +++ b/modules/exploits/windows/misc/ibm_director_cim_dllinject.rb @@ -34,6 +34,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-0880'], + [ 'OSVDB', '52616'], + [ 'OSVDB', '88102'], [ 'BID', '34065' ], [ 'URL', 'https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20090305-2_IBM_director_privilege_escalation.txt' ], [ 'URL', 'http://seclists.org/bugtraq/2012/Dec/5' ] diff --git a/modules/exploits/windows/misc/ibm_tsm_cad_ping.rb b/modules/exploits/windows/misc/ibm_tsm_cad_ping.rb index 57c12bcf32..af43d8f24c 100644 --- a/modules/exploits/windows/misc/ibm_tsm_cad_ping.rb +++ b/modules/exploits/windows/misc/ibm_tsm_cad_ping.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-3853' ], + [ 'OSVDB', '59632' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/misc/ibm_tsm_rca_dicugetidentify.rb b/modules/exploits/windows/misc/ibm_tsm_rca_dicugetidentify.rb index 917ec18f82..6a5f5a1bdb 100644 --- a/modules/exploits/windows/misc/ibm_tsm_rca_dicugetidentify.rb +++ b/modules/exploits/windows/misc/ibm_tsm_rca_dicugetidentify.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-4828' ], + [ 'OSVDB', '54232' ], [ 'BID', '34803' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/itunes_extm3u_bof.rb b/modules/exploits/windows/misc/itunes_extm3u_bof.rb index a09560dffd..f1f6199933 100644 --- a/modules/exploits/windows/misc/itunes_extm3u_bof.rb +++ b/modules/exploits/windows/misc/itunes_extm3u_bof.rb @@ -52,6 +52,7 @@ class MetasploitModule < Msf::Exploit::Remote }, 'References' => [ + [ 'OSVDB', '83220' ], [ 'EDB', '19322' ], [ 'URL', 'http://pastehtml.com/view/c25uhk4ab.html' ] ], diff --git a/modules/exploits/windows/misc/landesk_aolnsrvr.rb b/modules/exploits/windows/misc/landesk_aolnsrvr.rb index 8c8804ae82..e6aa0aa5eb 100644 --- a/modules/exploits/windows/misc/landesk_aolnsrvr.rb +++ b/modules/exploits/windows/misc/landesk_aolnsrvr.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-1674'], + ['OSVDB', '34964'], ['URL', 'http://www.tippingpoint.com/security/advisories/TSRT-07-04.html'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/lianja_db_net.rb b/modules/exploits/windows/misc/lianja_db_net.rb index 9c1320494f..b9e6600298 100644 --- a/modules/exploits/windows/misc/lianja_db_net.rb +++ b/modules/exploits/windows/misc/lianja_db_net.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ [ 'CVE', '2013-3563' ], + [ 'OSVDB', '93759' ] ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/misc/mercury_phonebook.rb b/modules/exploits/windows/misc/mercury_phonebook.rb index a9ea5594f8..1ca77aead5 100644 --- a/modules/exploits/windows/misc/mercury_phonebook.rb +++ b/modules/exploits/windows/misc/mercury_phonebook.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-4411' ], + [ 'OSVDB', '22103'], [ 'BID', '16396' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/mini_stream.rb b/modules/exploits/windows/misc/mini_stream.rb index 51709a3794..5bfbbb284b 100644 --- a/modules/exploits/windows/misc/mini_stream.rb +++ b/modules/exploits/windows/misc/mini_stream.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-5109'], + [ 'OSVDB', '61341' ], [ 'EDB', '10745' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/mirc_privmsg_server.rb b/modules/exploits/windows/misc/mirc_privmsg_server.rb index 8bdb9ca486..fdfaf0add6 100644 --- a/modules/exploits/windows/misc/mirc_privmsg_server.rb +++ b/modules/exploits/windows/misc/mirc_privmsg_server.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-4449' ], + [ 'OSVDB', '48752' ], [ 'BID', '31552' ], [ 'EDB', '6666' ] ], diff --git a/modules/exploits/windows/misc/ms07_064_sami.rb b/modules/exploits/windows/misc/ms07_064_sami.rb index d977103b6c..0d81ba82c5 100644 --- a/modules/exploits/windows/misc/ms07_064_sami.rb +++ b/modules/exploits/windows/misc/ms07_064_sami.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-3901' ], + [ 'OSVDB', '39126' ], [ 'MSB', 'MS07-064' ], [ 'BID', '26789' ], ], diff --git a/modules/exploits/windows/misc/ms10_104_sharepoint.rb b/modules/exploits/windows/misc/ms10_104_sharepoint.rb index 5834208bf3..e021f4f11e 100644 --- a/modules/exploits/windows/misc/ms10_104_sharepoint.rb +++ b/modules/exploits/windows/misc/ms10_104_sharepoint.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-3964' ], + [ 'OSVDB', '69817' ], [ 'BID', '45264' ], [ 'MSB', 'MS10-104' ], [ 'ZDI', '10-287' ] diff --git a/modules/exploits/windows/misc/netcat110_nt.rb b/modules/exploits/windows/misc/netcat110_nt.rb index 5b17a967ce..ca13a1fbef 100644 --- a/modules/exploits/windows/misc/netcat110_nt.rb +++ b/modules/exploits/windows/misc/netcat110_nt.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1317' ], + [ 'OSVDB', '12612' ], [ 'BID', '12106' ], [ 'EDB', '726' ] ], diff --git a/modules/exploits/windows/misc/nettransport.rb b/modules/exploits/windows/misc/nettransport.rb index 6aab71cb02..9c93950deb 100644 --- a/modules/exploits/windows/misc/nettransport.rb +++ b/modules/exploits/windows/misc/nettransport.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '61435' ], [ 'EDB', '10911'], ], 'Privileged' => false, diff --git a/modules/exploits/windows/misc/nvidia_mental_ray.rb b/modules/exploits/windows/misc/nvidia_mental_ray.rb index 4d37a659c0..592f64903d 100644 --- a/modules/exploits/windows/misc/nvidia_mental_ray.rb +++ b/modules/exploits/windows/misc/nvidia_mental_ray.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'URL', 'http://revuln.com/files/ReVuln_NVIDIA_mental_ray.pdf' ], + [ 'OSVDB', '100827' ] ], 'Stance' => Msf::Exploit::Stance::Aggressive, 'Platform' => 'win', diff --git a/modules/exploits/windows/misc/poisonivy_bof.rb b/modules/exploits/windows/misc/poisonivy_bof.rb index 1bbd7b2cbc..92a41a9510 100644 --- a/modules/exploits/windows/misc/poisonivy_bof.rb +++ b/modules/exploits/windows/misc/poisonivy_bof.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '83774' ], [ 'EDB', '19613' ], [ 'URL', 'http://www.signal11.eu/en/research/articles/targeted_2010.pdf' ], [ 'URL', 'http://samvartaka.github.io/malware/2015/09/07/poison-ivy-reliable-exploitation/' ], diff --git a/modules/exploits/windows/misc/poppeeper_date.rb b/modules/exploits/windows/misc/poppeeper_date.rb index 200fc64a1f..b00e4573e5 100644 --- a/modules/exploits/windows/misc/poppeeper_date.rb +++ b/modules/exploits/windows/misc/poppeeper_date.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-1029' ], + [ 'OSVDB', '53560'], [ 'BID', '34093' ] ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/poppeeper_uidl.rb b/modules/exploits/windows/misc/poppeeper_uidl.rb index 688830057c..82bf4b2499 100644 --- a/modules/exploits/windows/misc/poppeeper_uidl.rb +++ b/modules/exploits/windows/misc/poppeeper_uidl.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '53559' ], [ 'CVE', '2009-1029' ], [ 'BID', '33926' ] ], diff --git a/modules/exploits/windows/misc/realtek_playlist.rb b/modules/exploits/windows/misc/realtek_playlist.rb index 7014a8fdb8..b1d3e0876d 100644 --- a/modules/exploits/windows/misc/realtek_playlist.rb +++ b/modules/exploits/windows/misc/realtek_playlist.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-5664'], + [ 'OSVDB', '50715'], [ 'BID', '32860' ], ], 'Payload' => diff --git a/modules/exploits/windows/misc/sap_2005_license.rb b/modules/exploits/windows/misc/sap_2005_license.rb index 7439991d30..bd359502e7 100644 --- a/modules/exploits/windows/misc/sap_2005_license.rb +++ b/modules/exploits/windows/misc/sap_2005_license.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Author' => 'Jacopo Cervini', 'References' => [ + [ 'OSVDB', '56837' ], [ 'CVE', '2009-4988' ], [ 'BID', '35933' ], [ 'EDB', '9319' ] diff --git a/modules/exploits/windows/misc/sap_netweaver_dispatcher.rb b/modules/exploits/windows/misc/sap_netweaver_dispatcher.rb index 1e682246fc..99c952ef24 100644 --- a/modules/exploits/windows/misc/sap_netweaver_dispatcher.rb +++ b/modules/exploits/windows/misc/sap_netweaver_dispatcher.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '81759' ], [ 'CVE', '2012-2611' ], [ 'BID', '53424' ], [ 'EDB', '20705' ], diff --git a/modules/exploits/windows/misc/shixxnote_font.rb b/modules/exploits/windows/misc/shixxnote_font.rb index fe09dace4e..35326a2771 100644 --- a/modules/exploits/windows/misc/shixxnote_font.rb +++ b/modules/exploits/windows/misc/shixxnote_font.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2004-1595'], + ['OSVDB', '10721'], ['BID', '11409'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/solidworks_workgroup_pdmwservice_file_write.rb b/modules/exploits/windows/misc/solidworks_workgroup_pdmwservice_file_write.rb index 2c21d5ed0b..fb3049aa86 100644 --- a/modules/exploits/windows/misc/solidworks_workgroup_pdmwservice_file_write.rb +++ b/modules/exploits/windows/misc/solidworks_workgroup_pdmwservice_file_write.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['EDB', '31831'], + ['OSVDB', '103671'] ], 'Payload' => { diff --git a/modules/exploits/windows/misc/splayer_content_type.rb b/modules/exploits/windows/misc/splayer_content_type.rb index df43e1923b..42ab69a938 100644 --- a/modules/exploits/windows/misc/splayer_content_type.rb +++ b/modules/exploits/windows/misc/splayer_content_type.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '72181'], ['EDB', '17243'], ], 'Payload' => diff --git a/modules/exploits/windows/misc/stream_down_bof.rb b/modules/exploits/windows/misc/stream_down_bof.rb index 8815892121..6975c8e264 100644 --- a/modules/exploits/windows/misc/stream_down_bof.rb +++ b/modules/exploits/windows/misc/stream_down_bof.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-5052'], + ['OSVDB', '78043'], ['BID', '51190'], ['URL', 'http://www.dark-masters.tk/'], ['URL', 'http://secunia.com/advisories/47343/'], diff --git a/modules/exploits/windows/misc/talkative_response.rb b/modules/exploits/windows/misc/talkative_response.rb index 446ab59481..34f7cbf704 100644 --- a/modules/exploits/windows/misc/talkative_response.rb +++ b/modules/exploits/windows/misc/talkative_response.rb @@ -20,6 +20,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '64582'], [ 'BID', '34141' ], [ 'EDB', '8227' ] ], diff --git a/modules/exploits/windows/misc/tiny_identd_overflow.rb b/modules/exploits/windows/misc/tiny_identd_overflow.rb index 9387ddc06d..a12b6c76f8 100644 --- a/modules/exploits/windows/misc/tiny_identd_overflow.rb +++ b/modules/exploits/windows/misc/tiny_identd_overflow.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-2711'], + ['OSVDB', '36053'], ['BID', '23981'], ], 'Payload' => diff --git a/modules/exploits/windows/misc/trendmicro_cmdprocessor_addtask.rb b/modules/exploits/windows/misc/trendmicro_cmdprocessor_addtask.rb index 54132ef2ec..602dcce773 100644 --- a/modules/exploits/windows/misc/trendmicro_cmdprocessor_addtask.rb +++ b/modules/exploits/windows/misc/trendmicro_cmdprocessor_addtask.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-5001'], + ['OSVDB', '77585'], ['ZDI', '11-345'] ], 'Payload' => diff --git a/modules/exploits/windows/misc/ufo_ai.rb b/modules/exploits/windows/misc/ufo_ai.rb index e3ec9f2cea..fbfeab6bd0 100644 --- a/modules/exploits/windows/misc/ufo_ai.rb +++ b/modules/exploits/windows/misc/ufo_ai.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '65689'], [ 'EDB', '14013' ] ], 'Payload' => diff --git a/modules/exploits/windows/misc/windows_rsh.rb b/modules/exploits/windows/misc/windows_rsh.rb index 486e1a71d3..8db7d2160c 100644 --- a/modules/exploits/windows/misc/windows_rsh.rb +++ b/modules/exploits/windows/misc/windows_rsh.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-4006'], + ['OSVDB', '38572'], ['BID', '25044'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/misc/wireshark_lua.rb b/modules/exploits/windows/misc/wireshark_lua.rb index 1af164ee30..2038a67811 100644 --- a/modules/exploits/windows/misc/wireshark_lua.rb +++ b/modules/exploits/windows/misc/wireshark_lua.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-3360'], + ['OSVDB', '75347'], ['URL', 'https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6136'], ['URL', 'http://technet.microsoft.com/en-us/security/msvr/msvr11-014'] ], diff --git a/modules/exploits/windows/misc/wireshark_packet_dect.rb b/modules/exploits/windows/misc/wireshark_packet_dect.rb index cea2a14213..4ac2312823 100644 --- a/modules/exploits/windows/misc/wireshark_packet_dect.rb +++ b/modules/exploits/windows/misc/wireshark_packet_dect.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-1591'], + [ 'OSVDB', '71848'], [ 'URL', 'https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5838' ], [ 'URL', 'https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5836' ], [ 'EDB', '17185' ], diff --git a/modules/exploits/windows/mmsp/ms10_025_wmss_connect_funnel.rb b/modules/exploits/windows/mmsp/ms10_025_wmss_connect_funnel.rb index 06161afbbc..702c4c0e37 100644 --- a/modules/exploits/windows/mmsp/ms10_025_wmss_connect_funnel.rb +++ b/modules/exploits/windows/mmsp/ms10_025_wmss_connect_funnel.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-0478' ], + [ 'OSVDB', '63726' ], [ 'MSB', 'MS10-025' ], [ 'URL', 'https://www.lexsi.com/abonnes/labs/adviso-cve-2010-0478.txt' ] ], diff --git a/modules/exploits/windows/motorola/timbuktu_fileupload.rb b/modules/exploits/windows/motorola/timbuktu_fileupload.rb index 004069d865..8b7959b40c 100644 --- a/modules/exploits/windows/motorola/timbuktu_fileupload.rb +++ b/modules/exploits/windows/motorola/timbuktu_fileupload.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-1117' ], + [ 'OSVDB', '43544' ], ], 'Privileged' => true, 'DefaultOptions' => diff --git a/modules/exploits/windows/mssql/lyris_listmanager_weak_pass.rb b/modules/exploits/windows/mssql/lyris_listmanager_weak_pass.rb index 05b6a0e638..f16938f734 100644 --- a/modules/exploits/windows/mssql/lyris_listmanager_weak_pass.rb +++ b/modules/exploits/windows/mssql/lyris_listmanager_weak_pass.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-4145'], + [ 'OSVDB', '21559'], ], 'Platform' => 'win', 'Targets' => diff --git a/modules/exploits/windows/mssql/ms02_039_slammer.rb b/modules/exploits/windows/mssql/ms02_039_slammer.rb index 83247c587b..cf6ca68dcc 100644 --- a/modules/exploits/windows/mssql/ms02_039_slammer.rb +++ b/modules/exploits/windows/mssql/ms02_039_slammer.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2002-0649'], + [ 'OSVDB', '4578'], [ 'BID', '5310'], [ 'MSB', 'MS02-039'], diff --git a/modules/exploits/windows/mssql/ms02_056_hello.rb b/modules/exploits/windows/mssql/ms02_056_hello.rb index 996370fec1..4016a5c781 100644 --- a/modules/exploits/windows/mssql/ms02_056_hello.rb +++ b/modules/exploits/windows/mssql/ms02_056_hello.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2002-1123'], + [ 'OSVDB', '10132'], [ 'BID', '5411'], [ 'MSB', 'MS02-056'], diff --git a/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin.rb b/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin.rb index fd65d53d09..fda5bfcd30 100644 --- a/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin.rb +++ b/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin.rb @@ -54,6 +54,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '50589' ], [ 'CVE', '2008-5416' ], [ 'BID', '32710' ], [ 'MSB', 'MS09-004' ], diff --git a/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin_sqli.rb b/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin_sqli.rb index 3911a304e7..ebf8b5f23c 100644 --- a/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin_sqli.rb +++ b/modules/exploits/windows/mssql/ms09_004_sp_replwritetovarbin_sqli.rb @@ -54,6 +54,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '50589' ], [ 'CVE', '2008-5416' ], [ 'BID', '32710' ], [ 'MSB', 'MS09-004' ], diff --git a/modules/exploits/windows/mssql/mssql_payload.rb b/modules/exploits/windows/mssql/mssql_payload.rb index 27131f55f3..7fa63780fa 100644 --- a/modules/exploits/windows/mssql/mssql_payload.rb +++ b/modules/exploits/windows/mssql/mssql_payload.rb @@ -45,10 +45,12 @@ class MetasploitModule < Msf::Exploit::Remote [ # 'sa' password in logs [ 'CVE', '2000-0402' ], + [ 'OSVDB', '557' ], [ 'BID', '1281' ], # blank default 'sa' password [ 'CVE', '2000-1209' ], + [ 'OSVDB', '15757' ], [ 'BID', '4797' ] ], 'Platform' => 'win', diff --git a/modules/exploits/windows/mssql/mssql_payload_sqli.rb b/modules/exploits/windows/mssql/mssql_payload_sqli.rb index ce23edad79..ae7a014bd5 100644 --- a/modules/exploits/windows/mssql/mssql_payload_sqli.rb +++ b/modules/exploits/windows/mssql/mssql_payload_sqli.rb @@ -62,10 +62,12 @@ class MetasploitModule < Msf::Exploit::Remote [ # 'sa' password in logs [ 'CVE', '2000-0402' ], + [ 'OSVDB', '557' ], [ 'BID', '1281' ], # blank default 'sa' password [ 'CVE', '2000-1209' ], + [ 'OSVDB', '15757' ], [ 'BID', '4797' ], # code and comments diff --git a/modules/exploits/windows/mysql/mysql_mof.rb b/modules/exploits/windows/mysql/mysql_mof.rb index 9f5b58fb3b..b725efdf71 100644 --- a/modules/exploits/windows/mysql/mysql_mof.rb +++ b/modules/exploits/windows/mysql/mysql_mof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-5613'], #DISPUTED + ['OSVDB', '88118'], ['EDB', '23083'], ['URL', 'http://seclists.org/fulldisclosure/2012/Dec/13'] ], diff --git a/modules/exploits/windows/mysql/mysql_start_up.rb b/modules/exploits/windows/mysql/mysql_start_up.rb index ba42fb6648..e327a41670 100644 --- a/modules/exploits/windows/mysql/mysql_start_up.rb +++ b/modules/exploits/windows/mysql/mysql_start_up.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-5613'], #DISPUTED + ['OSVDB', '88118'], ['EDB', '23083'], ['URL', 'http://seclists.org/fulldisclosure/2012/Dec/13'] ], diff --git a/modules/exploits/windows/mysql/mysql_yassl_hello.rb b/modules/exploits/windows/mysql/mysql_yassl_hello.rb index 8a6eff4ced..b1f4985272 100644 --- a/modules/exploits/windows/mysql/mysql_yassl_hello.rb +++ b/modules/exploits/windows/mysql/mysql_yassl_hello.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-0226' ], + [ 'OSVDB', '41195'], [ 'BID', '27140' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/mysql/scrutinizer_upload_exec.rb b/modules/exploits/windows/mysql/scrutinizer_upload_exec.rb index a10cb93738..7eb98360a0 100644 --- a/modules/exploits/windows/mysql/scrutinizer_upload_exec.rb +++ b/modules/exploits/windows/mysql/scrutinizer_upload_exec.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-3951'], + ['OSVDB', '84317'], ['URL', 'http://secunia.com/advisories/50074/'], ['URL', 'https://www.trustwave.com/spiderlabs/advisories/TWSL2012-014.txt'] ], diff --git a/modules/exploits/windows/nfs/xlink_nfsd.rb b/modules/exploits/windows/nfs/xlink_nfsd.rb index c1e426530e..7f36adb06e 100644 --- a/modules/exploits/windows/nfs/xlink_nfsd.rb +++ b/modules/exploits/windows/nfs/xlink_nfsd.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-5780' ], + [ 'OSVDB', '30224'], [ 'BID', '20941' ], [ 'URL', 'http://www.securityfocus.com/data/vulnerabilities/exploits/omni-nfs-server-5.2-stackoverflow.pm' ], ], diff --git a/modules/exploits/windows/nntp/ms05_030_nntp.rb b/modules/exploits/windows/nntp/ms05_030_nntp.rb index 8712cfa8f9..cf5ffbafb5 100644 --- a/modules/exploits/windows/nntp/ms05_030_nntp.rb +++ b/modules/exploits/windows/nntp/ms05_030_nntp.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-1213' ], + [ 'OSVDB', '17306' ], [ 'BID', '13951' ], [ 'MSB', 'MS05-030' ], ], diff --git a/modules/exploits/windows/novell/file_reporter_fsfui_upload.rb b/modules/exploits/windows/novell/file_reporter_fsfui_upload.rb index fec3a9b868..f804a1afeb 100644 --- a/modules/exploits/windows/novell/file_reporter_fsfui_upload.rb +++ b/modules/exploits/windows/novell/file_reporter_fsfui_upload.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-4959'], + [ 'OSVDB', '87573' ], [ 'URL', 'https://community.rapid7.com/community/metasploit/blog/2012/11/16/nfr-agent-buffer-vulnerabilites-cve-2012-4959' ] ], 'Payload' => diff --git a/modules/exploits/windows/novell/groupwisemessenger_client.rb b/modules/exploits/windows/novell/groupwisemessenger_client.rb index e1d91a1277..d93490f75f 100644 --- a/modules/exploits/windows/novell/groupwisemessenger_client.rb +++ b/modules/exploits/windows/novell/groupwisemessenger_client.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-2703' ], + [ 'OSVDB', '46041' ], [ 'BID', '29602' ], [ 'URL', 'http://www.infobyte.com.ar/adv/ISR-17.html' ], ], diff --git a/modules/exploits/windows/novell/netiq_pum_eval.rb b/modules/exploits/windows/novell/netiq_pum_eval.rb index 6f599f4ebf..47e020de48 100644 --- a/modules/exploits/windows/novell/netiq_pum_eval.rb +++ b/modules/exploits/windows/novell/netiq_pum_eval.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '87334'], [ 'BID', '56539' ], [ 'EDB', '22738' ] ], diff --git a/modules/exploits/windows/novell/nmap_stor.rb b/modules/exploits/windows/novell/nmap_stor.rb index 681c1305ed..91b4b995b8 100644 --- a/modules/exploits/windows/novell/nmap_stor.rb +++ b/modules/exploits/windows/novell/nmap_stor.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-6424' ], + [ 'OSVDB', '31363' ], [ 'BID', '21725' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/novell/zenworks_desktop_agent.rb b/modules/exploits/windows/novell/zenworks_desktop_agent.rb index 1e3c1772ab..9b12cc218e 100644 --- a/modules/exploits/windows/novell/zenworks_desktop_agent.rb +++ b/modules/exploits/windows/novell/zenworks_desktop_agent.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-1543'], + [ 'OSVDB', '16698'], [ 'BID', '13678'], ], diff --git a/modules/exploits/windows/novell/zenworks_preboot_op21_bof.rb b/modules/exploits/windows/novell/zenworks_preboot_op21_bof.rb index bd3cadeff9..98e16a76dc 100644 --- a/modules/exploits/windows/novell/zenworks_preboot_op21_bof.rb +++ b/modules/exploits/windows/novell/zenworks_preboot_op21_bof.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '65361' ], [ 'BID', '40486' ], [ 'ZDI', '10-090' ], [ 'URL', 'http://www.novell.com/support/kb/doc.php?id=7005572' ], diff --git a/modules/exploits/windows/novell/zenworks_preboot_op4c_bof.rb b/modules/exploits/windows/novell/zenworks_preboot_op4c_bof.rb index c6a0351b19..5577884048 100644 --- a/modules/exploits/windows/novell/zenworks_preboot_op4c_bof.rb +++ b/modules/exploits/windows/novell/zenworks_preboot_op4c_bof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-3176' ], + [ 'OSVDB', '80231' ], [ 'BID', '52659' ], [ 'URL', 'http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=974' ] ], diff --git a/modules/exploits/windows/novell/zenworks_preboot_op6_bof.rb b/modules/exploits/windows/novell/zenworks_preboot_op6_bof.rb index 3b2f224a37..bfc3cdb83d 100644 --- a/modules/exploits/windows/novell/zenworks_preboot_op6_bof.rb +++ b/modules/exploits/windows/novell/zenworks_preboot_op6_bof.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '65361' ], [ 'BID', '40486' ], [ 'ZDI', '10-090' ], [ 'URL', 'http://www.novell.com/support/kb/doc.php?id=7005572' ], diff --git a/modules/exploits/windows/novell/zenworks_preboot_op6c_bof.rb b/modules/exploits/windows/novell/zenworks_preboot_op6c_bof.rb index b88ee4b790..bd7318ef14 100644 --- a/modules/exploits/windows/novell/zenworks_preboot_op6c_bof.rb +++ b/modules/exploits/windows/novell/zenworks_preboot_op6c_bof.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-3175' ], + [ 'OSVDB', '80231' ], [ 'BID', '52659' ], [ 'URL', 'http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=973' ] ], diff --git a/modules/exploits/windows/oracle/client_system_analyzer_upload.rb b/modules/exploits/windows/oracle/client_system_analyzer_upload.rb index abecfe0145..d018f07b73 100644 --- a/modules/exploits/windows/oracle/client_system_analyzer_upload.rb +++ b/modules/exploits/windows/oracle/client_system_analyzer_upload.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-3600' ], + [ 'OSVDB', '70546'], [ 'BID', '45883'], [ 'ZDI', '11-018' ], [ 'URL', 'http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html' ] diff --git a/modules/exploits/windows/oracle/osb_ndmp_auth.rb b/modules/exploits/windows/oracle/osb_ndmp_auth.rb index 4e7ceb92b6..e37b98a008 100644 --- a/modules/exploits/windows/oracle/osb_ndmp_auth.rb +++ b/modules/exploits/windows/oracle/osb_ndmp_auth.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-5444' ], + [ 'OSVDB', '51340' ], [ 'URL', 'http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2009.html' ], ], 'Platform' => 'win', diff --git a/modules/exploits/windows/oracle/tns_arguments.rb b/modules/exploits/windows/oracle/tns_arguments.rb index 501f43313f..f59db5a41d 100644 --- a/modules/exploits/windows/oracle/tns_arguments.rb +++ b/modules/exploits/windows/oracle/tns_arguments.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2001-0499' ], + [ 'OSVDB', '9427'], [ 'BID', '2941' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/oracle/tns_auth_sesskey.rb b/modules/exploits/windows/oracle/tns_auth_sesskey.rb index 75e4bb2195..21d7fc7fb5 100644 --- a/modules/exploits/windows/oracle/tns_auth_sesskey.rb +++ b/modules/exploits/windows/oracle/tns_auth_sesskey.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-1979'], + [ 'OSVDB', '59110'], [ 'BID', '36747'], [ 'URL', 'http://blogs.conus.info/node/28' ], [ 'URL', 'http://blogs.conus.info/node/35' ], diff --git a/modules/exploits/windows/oracle/tns_service_name.rb b/modules/exploits/windows/oracle/tns_service_name.rb index 06e5a1a3bb..4b7cd04159 100644 --- a/modules/exploits/windows/oracle/tns_service_name.rb +++ b/modules/exploits/windows/oracle/tns_service_name.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2002-0965'], + [ 'OSVDB', '5041'], [ 'BID', '4845'], [ 'URL', 'http://www.oracle.com/technology/deploy/security/pdf/net9_dos_alert.pdf' ], ], diff --git a/modules/exploits/windows/pop3/seattlelab_pass.rb b/modules/exploits/windows/pop3/seattlelab_pass.rb index 66428d72ce..2c04639fb6 100644 --- a/modules/exploits/windows/pop3/seattlelab_pass.rb +++ b/modules/exploits/windows/pop3/seattlelab_pass.rb @@ -47,6 +47,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2003-0264'], + ['OSVDB', '11975'], ['BID', '7519'], ], 'Privileged' => true, diff --git a/modules/exploits/windows/proxy/bluecoat_winproxy_host.rb b/modules/exploits/windows/proxy/bluecoat_winproxy_host.rb index 60bb8c5b1a..13711e0958 100644 --- a/modules/exploits/windows/proxy/bluecoat_winproxy_host.rb +++ b/modules/exploits/windows/proxy/bluecoat_winproxy_host.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-4085'], + ['OSVDB', '22238'], ['BID', '16147'], ['URL', 'http://www.bluecoat.com/support/knowledge/advisory_host_header_stack_overflow.html'], ], diff --git a/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb b/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb index 760aff0ba1..1b8875b4e9 100644 --- a/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb +++ b/modules/exploits/windows/proxy/ccproxy_telnet_ping.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-2416' ], + [ 'OSVDB', '11593' ], [ 'BID', '11666' ], [ 'EDB', '621' ], ], diff --git a/modules/exploits/windows/proxy/proxypro_http_get.rb b/modules/exploits/windows/proxy/proxypro_http_get.rb index 9ef734dcdd..2006bd8b07 100644 --- a/modules/exploits/windows/proxy/proxypro_http_get.rb +++ b/modules/exploits/windows/proxy/proxypro_http_get.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2004-0326'], + ['OSVDB', '4027'], ['BID', '9716'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/proxy/qbik_wingate_wwwproxy.rb b/modules/exploits/windows/proxy/qbik_wingate_wwwproxy.rb index 259cbe9bd3..104269200b 100644 --- a/modules/exploits/windows/proxy/qbik_wingate_wwwproxy.rb +++ b/modules/exploits/windows/proxy/qbik_wingate_wwwproxy.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-2926' ], + [ 'OSVDB', '26214' ], [ 'BID', '18312' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/scada/abb_wserver_exec.rb b/modules/exploits/windows/scada/abb_wserver_exec.rb index 7cb3772643..467bb0092f 100644 --- a/modules/exploits/windows/scada/abb_wserver_exec.rb +++ b/modules/exploits/windows/scada/abb_wserver_exec.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '100324'], [ 'ZDI', '13-270' ], [ 'URL', 'http://www05.abb.com/global/scot/scot229.nsf/veritydisplay/41ccfa8ccd0431e6c1257c1200395574/$file/ABB_SoftwareVulnerabilityHandlingAdvisory_ABB-VU-PSAC-1MRS235805.pdf'] ], diff --git a/modules/exploits/windows/scada/citect_scada_odbc.rb b/modules/exploits/windows/scada/citect_scada_odbc.rb index 8d7e2f2b89..988432dd45 100644 --- a/modules/exploits/windows/scada/citect_scada_odbc.rb +++ b/modules/exploits/windows/scada/citect_scada_odbc.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2008-2639' ], [ 'BID', '29634' ], + [ 'OSVDB', '46105' ], [ 'URL', 'http://www.coresecurity.com/content/citect-scada-odbc-service-vulnerability' ], [ 'URL', 'http://www.auscert.org.au/render.html?it=9433' ], [ 'URL', 'http://www.citect.com/documents/news_and_media/pr-citect-address-security.pdf' ], diff --git a/modules/exploits/windows/scada/codesys_gateway_server_traversal.rb b/modules/exploits/windows/scada/codesys_gateway_server_traversal.rb index a04dd85248..995fd79dd9 100644 --- a/modules/exploits/windows/scada/codesys_gateway_server_traversal.rb +++ b/modules/exploits/windows/scada/codesys_gateway_server_traversal.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2012-4705'], + ['OSVDB', '90368'], ['URL', 'http://ics-cert.us-cert.gov/pdf/ICSA-13-050-01-a.pdf'] ], 'DisclosureDate' => 'Feb 02 2013', diff --git a/modules/exploits/windows/scada/codesys_web_server.rb b/modules/exploits/windows/scada/codesys_web_server.rb index 3f7a584b74..c9232eafd6 100644 --- a/modules/exploits/windows/scada/codesys_web_server.rb +++ b/modules/exploits/windows/scada/codesys_web_server.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-5007'], + [ 'OSVDB', '77387'], [ 'URL', 'http://aluigi.altervista.org/adv/codesys_1-adv.txt' ], [ 'EDB', '18187' ], [ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-336-01A.pdf' ], diff --git a/modules/exploits/windows/scada/daq_factory_bof.rb b/modules/exploits/windows/scada/daq_factory_bof.rb index 48b913a231..dc3b814a0a 100644 --- a/modules/exploits/windows/scada/daq_factory_bof.rb +++ b/modules/exploits/windows/scada/daq_factory_bof.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-3492'], + [ 'OSVDB', '75496'], [ 'URL', 'http://aluigi.altervista.org/adv/daqfactory_1-adv.txt'], [ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-11-264-01.pdf'] ], diff --git a/modules/exploits/windows/scada/factorylink_csservice.rb b/modules/exploits/windows/scada/factorylink_csservice.rb index 302771453c..9a8f17a1e5 100644 --- a/modules/exploits/windows/scada/factorylink_csservice.rb +++ b/modules/exploits/windows/scada/factorylink_csservice.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '72812'], ['URL', 'http://aluigi.altervista.org/adv/factorylink_1-adv.txt'], ['URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-11-091-01.pdf'] ], diff --git a/modules/exploits/windows/scada/factorylink_vrn_09.rb b/modules/exploits/windows/scada/factorylink_vrn_09.rb index d74a4e5735..06edd9cdc4 100644 --- a/modules/exploits/windows/scada/factorylink_vrn_09.rb +++ b/modules/exploits/windows/scada/factorylink_vrn_09.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + ['OSVDB', '72815'], ['URL', 'http://aluigi.altervista.org/adv/factorylink_4-adv.txt'], ['URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-11-091-01.pdf'] ], diff --git a/modules/exploits/windows/scada/iconics_genbroker.rb b/modules/exploits/windows/scada/iconics_genbroker.rb index 843c404e06..9f51cfa0f8 100644 --- a/modules/exploits/windows/scada/iconics_genbroker.rb +++ b/modules/exploits/windows/scada/iconics_genbroker.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '72817'], ['URL', 'http://aluigi.org/adv/genesis_4-adv.txt'], ['URL', 'http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-02.pdf'] ], diff --git a/modules/exploits/windows/scada/iconics_webhmi_setactivexguid.rb b/modules/exploits/windows/scada/iconics_webhmi_setactivexguid.rb index d0eb9f022d..9461c4b2e5 100644 --- a/modules/exploits/windows/scada/iconics_webhmi_setactivexguid.rb +++ b/modules/exploits/windows/scada/iconics_webhmi_setactivexguid.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-2089'], + ['OSVDB', '72135'], ['URL', 'http://www.security-assessment.com/files/documents/advisory/ICONICS_WebHMI.pdf'], ['EDB', '17240'], ['URL', 'http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-02.pdf'] diff --git a/modules/exploits/windows/scada/igss9_igssdataserver_listall.rb b/modules/exploits/windows/scada/igss9_igssdataserver_listall.rb index 9c6da51f07..c107f557ee 100644 --- a/modules/exploits/windows/scada/igss9_igssdataserver_listall.rb +++ b/modules/exploits/windows/scada/igss9_igssdataserver_listall.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-1567'], + ['OSVDB', '72353'], ['URL', 'http://aluigi.altervista.org/adv/igss_2-adv.txt'], ['URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-11-132-01A.pdf'] ], diff --git a/modules/exploits/windows/scada/igss9_igssdataserver_rename.rb b/modules/exploits/windows/scada/igss9_igssdataserver_rename.rb index 4e4f70e03d..8fd355274a 100644 --- a/modules/exploits/windows/scada/igss9_igssdataserver_rename.rb +++ b/modules/exploits/windows/scada/igss9_igssdataserver_rename.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-1567'], + ['OSVDB', '72352'], ['URL', 'http://aluigi.altervista.org/adv/igss_5-adv.txt'], ['URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-11-132-01A.pdf'] ], diff --git a/modules/exploits/windows/scada/igss9_misc.rb b/modules/exploits/windows/scada/igss9_misc.rb index 68bf7510ab..0dfcda30ea 100644 --- a/modules/exploits/windows/scada/igss9_misc.rb +++ b/modules/exploits/windows/scada/igss9_misc.rb @@ -31,6 +31,8 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2011-1565'], [ 'CVE', '2011-1566'], + [ 'OSVDB', '72354'], + [ 'OSVDB', '72349'], [ 'URL', 'http://aluigi.altervista.org/adv/igss_1-adv.txt' ], #Write File packet flaw [ 'URL', 'http://aluigi.altervista.org/adv/igss_8-adv.txt' ], #EXE packet flaw [ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-11-132-01A.pdf'] diff --git a/modules/exploits/windows/scada/igss_exec_17.rb b/modules/exploits/windows/scada/igss_exec_17.rb index 16bd662e76..6f63c03418 100644 --- a/modules/exploits/windows/scada/igss_exec_17.rb +++ b/modules/exploits/windows/scada/igss_exec_17.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-1566'], + [ 'OSVDB', '72349'], [ 'URL', 'http://aluigi.org/adv/igss_8-adv.txt' ], ], 'Platform' => 'win', diff --git a/modules/exploits/windows/scada/indusoft_webstudio_exec.rb b/modules/exploits/windows/scada/indusoft_webstudio_exec.rb index d2d94751e2..99725bef2f 100644 --- a/modules/exploits/windows/scada/indusoft_webstudio_exec.rb +++ b/modules/exploits/windows/scada/indusoft_webstudio_exec.rb @@ -34,6 +34,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-4051' ], + [ 'OSVDB', '77179' ], [ 'BID', '50675' ], [ 'ZDI', '11-330' ] ], diff --git a/modules/exploits/windows/scada/moxa_mdmtool.rb b/modules/exploits/windows/scada/moxa_mdmtool.rb index f9319cc27e..d416fd0189 100644 --- a/modules/exploits/windows/scada/moxa_mdmtool.rb +++ b/modules/exploits/windows/scada/moxa_mdmtool.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-4741'], + [ 'OSVDB', '69027'], [ 'URL', 'http://www.reversemode.com/index.php?option=com_content&task=view&id=70&Itemid=' ], [ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-10-301-01A.pdf' ] ], diff --git a/modules/exploits/windows/scada/procyon_core_server.rb b/modules/exploits/windows/scada/procyon_core_server.rb index 01b4e4e029..b999c2608e 100644 --- a/modules/exploits/windows/scada/procyon_core_server.rb +++ b/modules/exploits/windows/scada/procyon_core_server.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2011-3322'], + ['OSVDB', '75371'], ['URL', 'http://www.stratsec.net/Research/Advisories/Procyon-Core-Server-HMI-Remote-Stack-Overflow'] ], 'Payload' => diff --git a/modules/exploits/windows/scada/realwin.rb b/modules/exploits/windows/scada/realwin.rb index c69ff28395..0153ee50d5 100644 --- a/modules/exploits/windows/scada/realwin.rb +++ b/modules/exploits/windows/scada/realwin.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-4322' ], + [ 'OSVDB', '48606' ], [ 'BID', '31418' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/scada/realwin_on_fc_binfile_a.rb b/modules/exploits/windows/scada/realwin_on_fc_binfile_a.rb index 7a3aa6410b..dfcf1dc520 100644 --- a/modules/exploits/windows/scada/realwin_on_fc_binfile_a.rb +++ b/modules/exploits/windows/scada/realwin_on_fc_binfile_a.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-1563'], + [ 'OSVDB', '72826'], [ 'BID', '46937'], [ 'URL', 'http://aluigi.altervista.org/adv/realwin_5-adv.txt' ], [ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-11-110-01.pdf'] diff --git a/modules/exploits/windows/scada/realwin_on_fcs_login.rb b/modules/exploits/windows/scada/realwin_on_fcs_login.rb index 91929ae77b..2e3d2d7d07 100644 --- a/modules/exploits/windows/scada/realwin_on_fcs_login.rb +++ b/modules/exploits/windows/scada/realwin_on_fcs_login.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-1563'], + [ 'OSVDB', '72824'], [ 'URL', 'http://aluigi.altervista.org/adv/realwin_2-adv.txt' ], [ 'URL', 'http://www.dataconline.com/software/realwin.php' ], [ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-11-110-01.pdf'] diff --git a/modules/exploits/windows/scada/realwin_scpc_initialize.rb b/modules/exploits/windows/scada/realwin_scpc_initialize.rb index 834d67b57d..8a4bfd3ca0 100644 --- a/modules/exploits/windows/scada/realwin_scpc_initialize.rb +++ b/modules/exploits/windows/scada/realwin_scpc_initialize.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '68812' ], [ 'CVE', '2010-4142' ], [ 'URL', 'http://aluigi.altervista.org/adv/realwin_1-adv.txt' ], [ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-10-313-01.pdf'] diff --git a/modules/exploits/windows/scada/realwin_scpc_initialize_rf.rb b/modules/exploits/windows/scada/realwin_scpc_initialize_rf.rb index 157918014d..2791b5a283 100644 --- a/modules/exploits/windows/scada/realwin_scpc_initialize_rf.rb +++ b/modules/exploits/windows/scada/realwin_scpc_initialize_rf.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '68812' ], [ 'CVE', '2010-4142' ], [ 'URL', 'http://aluigi.altervista.org/adv/realwin_1-adv.txt' ], [ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-10-313-01.pdf'] diff --git a/modules/exploits/windows/scada/realwin_scpc_txtevent.rb b/modules/exploits/windows/scada/realwin_scpc_txtevent.rb index 8687120a63..4899cb1144 100644 --- a/modules/exploits/windows/scada/realwin_scpc_txtevent.rb +++ b/modules/exploits/windows/scada/realwin_scpc_txtevent.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2010-4142'], + [ 'OSVDB', '68812'], ], 'Privileged' => true, 'DefaultOptions' => diff --git a/modules/exploits/windows/scada/scadapro_cmdexe.rb b/modules/exploits/windows/scada/scadapro_cmdexe.rb index 216a97f877..9da0341ab1 100644 --- a/modules/exploits/windows/scada/scadapro_cmdexe.rb +++ b/modules/exploits/windows/scada/scadapro_cmdexe.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-3497'], + [ 'OSVDB', '75490'], [ 'BID', '49613'], [ 'URL', 'http://aluigi.altervista.org/adv/scadapro_1-adv.txt'], [ 'URL', 'http://us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf'], diff --git a/modules/exploits/windows/scada/sunway_force_control_netdbsrv.rb b/modules/exploits/windows/scada/sunway_force_control_netdbsrv.rb index 8d9faf710a..4002ed40d9 100644 --- a/modules/exploits/windows/scada/sunway_force_control_netdbsrv.rb +++ b/modules/exploits/windows/scada/sunway_force_control_netdbsrv.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ + [ 'OSVDB', '75798'], [ 'BID', '49747' ], [ 'URL', 'http://aluigi.altervista.org/adv/forcecontrol_1-adv.txt' ], ], diff --git a/modules/exploits/windows/scada/winlog_runtime.rb b/modules/exploits/windows/scada/winlog_runtime.rb index 4e9cb4fb93..d7ddb592f7 100644 --- a/modules/exploits/windows/scada/winlog_runtime.rb +++ b/modules/exploits/windows/scada/winlog_runtime.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2011-0517' ], + [ 'OSVDB', '70418'], [ 'URL', 'http://aluigi.org/adv/winlog_1-adv.txt' ], [ 'URL', 'http://www.us-cert.gov/control_systems/pdf/ICSA-11-017-02.pdf'] ], diff --git a/modules/exploits/windows/scada/winlog_runtime_2.rb b/modules/exploits/windows/scada/winlog_runtime_2.rb index a05bc0ae91..9de15b89fe 100644 --- a/modules/exploits/windows/scada/winlog_runtime_2.rb +++ b/modules/exploits/windows/scada/winlog_runtime_2.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'BID', '53811'], [ 'CVE', '2012-3815'], + [ 'OSVDB', '82654'], [ 'EDB', '18986'], [ 'URL', 'http://www.s3cur1ty.de/m1adv2012-001' ], [ 'URL', 'http://www.sielcosistemi.com/en/download/public/winlog_lite.html' ] diff --git a/modules/exploits/windows/sip/aim_triton_cseq.rb b/modules/exploits/windows/sip/aim_triton_cseq.rb index c5cc201df5..3802f613ea 100644 --- a/modules/exploits/windows/sip/aim_triton_cseq.rb +++ b/modules/exploits/windows/sip/aim_triton_cseq.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-3524'], + ['OSVDB', '27122' ], ['BID', '18906'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/sip/sipxezphone_cseq.rb b/modules/exploits/windows/sip/sipxezphone_cseq.rb index 39c19ad466..20e47d950e 100644 --- a/modules/exploits/windows/sip/sipxezphone_cseq.rb +++ b/modules/exploits/windows/sip/sipxezphone_cseq.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-3524'], + ['OSVDB', '27122'], ['BID', '18906'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/sip/sipxphone_cseq.rb b/modules/exploits/windows/sip/sipxphone_cseq.rb index 1c6ba7250b..1c21d15813 100644 --- a/modules/exploits/windows/sip/sipxphone_cseq.rb +++ b/modules/exploits/windows/sip/sipxphone_cseq.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-3524' ], + [ 'OSVDB', '27122' ], [ 'BID', '18906' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/smb/ipass_pipe_exec.rb b/modules/exploits/windows/smb/ipass_pipe_exec.rb index 0dd772849a..953fa13ed8 100644 --- a/modules/exploits/windows/smb/ipass_pipe_exec.rb +++ b/modules/exploits/windows/smb/ipass_pipe_exec.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2015-0925' ], + [ 'OSVDB', '117423' ], [ 'BID', '72265' ], [ 'URL', 'http://codewhitesec.blogspot.de/2015/02/how-i-could-ipass-your-client-security.html' ], ], diff --git a/modules/exploits/windows/smb/ms03_049_netapi.rb b/modules/exploits/windows/smb/ms03_049_netapi.rb index 6300392e1c..985fd2cbd7 100644 --- a/modules/exploits/windows/smb/ms03_049_netapi.rb +++ b/modules/exploits/windows/smb/ms03_049_netapi.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0812' ], + [ 'OSVDB', '11461' ], [ 'BID', '9011' ], [ 'MSB', 'MS03-049' ], ], diff --git a/modules/exploits/windows/smb/ms04_007_killbill.rb b/modules/exploits/windows/smb/ms04_007_killbill.rb index 4e184eae78..2a8565ddab 100644 --- a/modules/exploits/windows/smb/ms04_007_killbill.rb +++ b/modules/exploits/windows/smb/ms04_007_killbill.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0818'], + [ 'OSVDB', '3902' ], [ 'BID', '9633'], [ 'MSB', 'MS04-007'], diff --git a/modules/exploits/windows/smb/ms04_011_lsass.rb b/modules/exploits/windows/smb/ms04_011_lsass.rb index 3d59c85d5b..e2c4864fda 100644 --- a/modules/exploits/windows/smb/ms04_011_lsass.rb +++ b/modules/exploits/windows/smb/ms04_011_lsass.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0533' ], + [ 'OSVDB', '5248' ], [ 'BID', '10108' ], [ 'MSB', 'MS04-011' ], ], diff --git a/modules/exploits/windows/smb/ms04_031_netdde.rb b/modules/exploits/windows/smb/ms04_031_netdde.rb index 6211f30e74..30f78db495 100644 --- a/modules/exploits/windows/smb/ms04_031_netdde.rb +++ b/modules/exploits/windows/smb/ms04_031_netdde.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-0206'], + [ 'OSVDB', '10689'], [ 'BID', '11372'], [ 'MSB', 'MS04-031'], diff --git a/modules/exploits/windows/smb/ms05_039_pnp.rb b/modules/exploits/windows/smb/ms05_039_pnp.rb index a104413ce5..1e15f4dbe4 100644 --- a/modules/exploits/windows/smb/ms05_039_pnp.rb +++ b/modules/exploits/windows/smb/ms05_039_pnp.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-1983' ], + [ 'OSVDB', '18605' ], [ 'BID', '14513' ], [ 'MSB', 'MS05-039' ] ], diff --git a/modules/exploits/windows/smb/ms06_025_rasmans_reg.rb b/modules/exploits/windows/smb/ms06_025_rasmans_reg.rb index a0efed34f5..e62d26a6c1 100644 --- a/modules/exploits/windows/smb/ms06_025_rasmans_reg.rb +++ b/modules/exploits/windows/smb/ms06_025_rasmans_reg.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-2370' ], + [ 'OSVDB', '26437' ], [ 'BID', '18325' ], [ 'MSB', 'MS06-025' ] ], diff --git a/modules/exploits/windows/smb/ms06_025_rras.rb b/modules/exploits/windows/smb/ms06_025_rras.rb index 0e87f6c1d8..540a4b7b6f 100644 --- a/modules/exploits/windows/smb/ms06_025_rras.rb +++ b/modules/exploits/windows/smb/ms06_025_rras.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-2370' ], + [ 'OSVDB', '26437' ], [ 'BID', '18325' ], [ 'MSB', 'MS06-025' ] ], diff --git a/modules/exploits/windows/smb/ms06_040_netapi.rb b/modules/exploits/windows/smb/ms06_040_netapi.rb index b61764317f..a5f6e127f5 100644 --- a/modules/exploits/windows/smb/ms06_040_netapi.rb +++ b/modules/exploits/windows/smb/ms06_040_netapi.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-3439' ], + [ 'OSVDB', '27845' ], [ 'BID', '19409' ], [ 'MSB', 'MS06-040' ], ], diff --git a/modules/exploits/windows/smb/ms06_066_nwapi.rb b/modules/exploits/windows/smb/ms06_066_nwapi.rb index 384016df5e..59ddf4c93b 100644 --- a/modules/exploits/windows/smb/ms06_066_nwapi.rb +++ b/modules/exploits/windows/smb/ms06_066_nwapi.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-4688'], + [ 'OSVDB', '30260'], [ 'BID', '21023'], [ 'MSB', 'MS06-066'], diff --git a/modules/exploits/windows/smb/ms06_066_nwwks.rb b/modules/exploits/windows/smb/ms06_066_nwwks.rb index 5376c20d26..c081217b06 100644 --- a/modules/exploits/windows/smb/ms06_066_nwwks.rb +++ b/modules/exploits/windows/smb/ms06_066_nwwks.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-4688'], + [ 'OSVDB', '30260'], [ 'BID', '21023'], [ 'MSB', 'MS06-066'], diff --git a/modules/exploits/windows/smb/ms06_070_wkssvc.rb b/modules/exploits/windows/smb/ms06_070_wkssvc.rb index 44930a5c37..5d3cd7763f 100644 --- a/modules/exploits/windows/smb/ms06_070_wkssvc.rb +++ b/modules/exploits/windows/smb/ms06_070_wkssvc.rb @@ -36,6 +36,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-4691' ], + [ 'OSVDB', '30263' ], [ 'BID', '20985' ], [ 'MSB', 'MS06-070' ], ], diff --git a/modules/exploits/windows/smb/ms07_029_msdns_zonename.rb b/modules/exploits/windows/smb/ms07_029_msdns_zonename.rb index d3c29898dc..c81a58727b 100644 --- a/modules/exploits/windows/smb/ms07_029_msdns_zonename.rb +++ b/modules/exploits/windows/smb/ms07_029_msdns_zonename.rb @@ -33,6 +33,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2007-1748'], + ['OSVDB', '34100'], ['MSB', 'MS07-029'], ['URL', 'http://www.microsoft.com/technet/security/advisory/935964.mspx'] ], diff --git a/modules/exploits/windows/smb/ms08_067_netapi.rb b/modules/exploits/windows/smb/ms08_067_netapi.rb index 31493e8d61..f0523cc5aa 100644 --- a/modules/exploits/windows/smb/ms08_067_netapi.rb +++ b/modules/exploits/windows/smb/ms08_067_netapi.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ %w(CVE 2008-4250), + %w(OSVDB 49243), %w(MSB MS08-067), # If this vulnerability is found, ms08-67 is exposed as well ['URL', 'http://www.rapid7.com/vulndb/lookup/dcerpc-ms-netapi-netpathcanonicalize-dos'] diff --git a/modules/exploits/windows/smb/ms09_050_smb2_negotiate_func_index.rb b/modules/exploits/windows/smb/ms09_050_smb2_negotiate_func_index.rb index f8c6b064d0..f8e71f3b7e 100644 --- a/modules/exploits/windows/smb/ms09_050_smb2_negotiate_func_index.rb +++ b/modules/exploits/windows/smb/ms09_050_smb2_negotiate_func_index.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote [ 'MSB', 'MS09-050' ], [ 'CVE', '2009-3103' ], [ 'BID', '36299' ], + [ 'OSVDB', '57799' ], [ 'URL', 'http://seclists.org/fulldisclosure/2009/Sep/0039.html' ], [ 'URL', 'http://www.microsoft.com/technet/security/Bulletin/MS09-050.mspx' ] ], diff --git a/modules/exploits/windows/smb/ms10_046_shortcut_icon_dllloader.rb b/modules/exploits/windows/smb/ms10_046_shortcut_icon_dllloader.rb index ff6c8e4e2a..db5fdcb58e 100644 --- a/modules/exploits/windows/smb/ms10_046_shortcut_icon_dllloader.rb +++ b/modules/exploits/windows/smb/ms10_046_shortcut_icon_dllloader.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2010-2568'], + ['OSVDB', '66387'], ['MSB', 'MS10-046'], ['URL', 'http://www.microsoft.com/technet/security/advisory/2286198.mspx'], ['URL', 'https://github.com/rapid7/metasploit-framework/pull/4911'] # How to guide here diff --git a/modules/exploits/windows/smb/ms10_061_spoolss.rb b/modules/exploits/windows/smb/ms10_061_spoolss.rb index a681b62c23..69ce351e30 100644 --- a/modules/exploits/windows/smb/ms10_061_spoolss.rb +++ b/modules/exploits/windows/smb/ms10_061_spoolss.rb @@ -40,6 +40,7 @@ class MetasploitModule < Msf::Exploit::Remote 'Platform' => 'win', 'References' => [ + [ 'OSVDB', '67988' ], [ 'CVE', '2010-2729' ], [ 'MSB', 'MS10-061' ] ], diff --git a/modules/exploits/windows/smb/netidentity_xtierrpcpipe.rb b/modules/exploits/windows/smb/netidentity_xtierrpcpipe.rb index a43390217c..8796ac8402 100644 --- a/modules/exploits/windows/smb/netidentity_xtierrpcpipe.rb +++ b/modules/exploits/windows/smb/netidentity_xtierrpcpipe.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-1350' ], + [ 'OSVDB', '53351' ], [ 'BID', '34400' ], [ 'URL', 'http://www.reversemode.com/index.php?option=com_content&task=view&id=62&Itemid=1' ], ], diff --git a/modules/exploits/windows/smb/psexec.rb b/modules/exploits/windows/smb/psexec.rb index eb79044163..7b7418f2f0 100644 --- a/modules/exploits/windows/smb/psexec.rb +++ b/modules/exploits/windows/smb/psexec.rb @@ -51,6 +51,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '1999-0504'], # Administrator with no password (since this is the default) + [ 'OSVDB', '3106'], [ 'URL', 'http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx' ], [ 'URL', 'http://www.accuvant.com/blog/2012/11/13/owning-computers-without-shell-access' ], [ 'URL', 'http://sourceforge.net/projects/smbexec/' ] diff --git a/modules/exploits/windows/smb/psexec_psh.rb b/modules/exploits/windows/smb/psexec_psh.rb index d538b2eec8..1c912acdfa 100644 --- a/modules/exploits/windows/smb/psexec_psh.rb +++ b/modules/exploits/windows/smb/psexec_psh.rb @@ -59,6 +59,7 @@ class MetasploitModule < Msf::Exploit::Remote 'DisclosureDate' => 'Jan 01 1999', 'References' => [ [ 'CVE', '1999-0504'], # Administrator with no password (since this is the default) + [ 'OSVDB', '3106'], [ 'URL', 'http://www.accuvant.com/blog/2012/11/13/owning-computers-without-shell-access' ], [ 'URL', 'http://sourceforge.net/projects/smbexec/' ], [ 'URL', 'http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx' ] diff --git a/modules/exploits/windows/smb/smb_relay.rb b/modules/exploits/windows/smb/smb_relay.rb index 0ea06a454c..8f97d7ca0c 100644 --- a/modules/exploits/windows/smb/smb_relay.rb +++ b/modules/exploits/windows/smb/smb_relay.rb @@ -76,6 +76,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-4037'], + [ 'OSVDB', '49736'], [ 'MSB', 'MS08-068'], [ 'URL', 'http://blogs.technet.com/swi/archive/2008/11/11/smb-credential-reflection.aspx'], [ 'URL', 'http://en.wikipedia.org/wiki/SMBRelay' ], diff --git a/modules/exploits/windows/smb/timbuktu_plughntcommand_bof.rb b/modules/exploits/windows/smb/timbuktu_plughntcommand_bof.rb index 941e979e53..c7f1e9259d 100644 --- a/modules/exploits/windows/smb/timbuktu_plughntcommand_bof.rb +++ b/modules/exploits/windows/smb/timbuktu_plughntcommand_bof.rb @@ -37,6 +37,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-1394' ], + [ 'OSVDB', '55436' ], [ 'BID', '35496' ], [ 'URL', 'http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=809' ], ], diff --git a/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb b/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb index 02616350ed..05e183e82e 100644 --- a/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb +++ b/modules/exploits/windows/smtp/mailcarrier_smtp_ehlo.rb @@ -23,6 +23,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1638' ], + [ 'OSVDB', '11174' ], [ 'BID', '11535' ], [ 'EDB', '598' ], ], diff --git a/modules/exploits/windows/smtp/mercury_cram_md5.rb b/modules/exploits/windows/smtp/mercury_cram_md5.rb index e8a0548c06..36eba8502e 100644 --- a/modules/exploits/windows/smtp/mercury_cram_md5.rb +++ b/modules/exploits/windows/smtp/mercury_cram_md5.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-4440' ], + [ 'OSVDB', '39669' ], [ 'BID', '25357' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb b/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb index 2ec2de7de9..d045492849 100644 --- a/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb +++ b/modules/exploits/windows/smtp/ms03_046_exchange2000_xexch50.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote [ [ 'CVE', '2003-0714' ], [ 'BID', '8838' ], + [ 'OSVDB', '2674' ], [ 'MSB', 'MS03-046' ], [ 'EDB', '113' ], ], diff --git a/modules/exploits/windows/smtp/njstar_smtp_bof.rb b/modules/exploits/windows/smtp/njstar_smtp_bof.rb index 2ec92c113d..adcc1d5461 100644 --- a/modules/exploits/windows/smtp/njstar_smtp_bof.rb +++ b/modules/exploits/windows/smtp/njstar_smtp_bof.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + [ 'OSVDB', '76728' ], [ 'CVE', '2011-4040' ], [ 'URL', 'http://www.njstar.com/cms/njstar-communicator' ], [ 'EDB', '18057' ] diff --git a/modules/exploits/windows/smtp/wmailserver.rb b/modules/exploits/windows/smtp/wmailserver.rb index 3a48ea0127..6f91626838 100644 --- a/modules/exploits/windows/smtp/wmailserver.rb +++ b/modules/exploits/windows/smtp/wmailserver.rb @@ -22,6 +22,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-2287' ], + [ 'OSVDB', '17883' ], [ 'BID', '14213' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/smtp/ypops_overflow1.rb b/modules/exploits/windows/smtp/ypops_overflow1.rb index e9e195ab44..a0b88194a5 100644 --- a/modules/exploits/windows/smtp/ypops_overflow1.rb +++ b/modules/exploits/windows/smtp/ypops_overflow1.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1558'], + [ 'OSVDB', '10367'], [ 'BID', '11256'], [ 'URL', 'http://www.securiteam.com/windowsntfocus/5GP0M2KE0S.html'], ], diff --git a/modules/exploits/windows/ssh/freeftpd_key_exchange.rb b/modules/exploits/windows/ssh/freeftpd_key_exchange.rb index 7c950b4747..922a163785 100644 --- a/modules/exploits/windows/ssh/freeftpd_key_exchange.rb +++ b/modules/exploits/windows/ssh/freeftpd_key_exchange.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-2407'], + ['OSVDB', '25569'], ['BID', '17958'], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/ssh/freesshd_authbypass.rb b/modules/exploits/windows/ssh/freesshd_authbypass.rb index 289fcc20bd..07333700de 100644 --- a/modules/exploits/windows/ssh/freesshd_authbypass.rb +++ b/modules/exploits/windows/ssh/freesshd_authbypass.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2012-6066' ], + [ 'OSVDB', '88006' ], [ 'BID', '56785' ], [ 'URL', 'http://archives.neohapsis.com/archives/fulldisclosure/2012-12/0012.html' ], [ 'URL', 'http://seclists.org/fulldisclosure/2010/Aug/132' ] diff --git a/modules/exploits/windows/ssh/freesshd_key_exchange.rb b/modules/exploits/windows/ssh/freesshd_key_exchange.rb index b914b3067c..4204c26d58 100644 --- a/modules/exploits/windows/ssh/freesshd_key_exchange.rb +++ b/modules/exploits/windows/ssh/freesshd_key_exchange.rb @@ -23,7 +23,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-2407'], - ['BID', '17958'] + ['OSVDB', '25463'], + ['BID', '17958'], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/ssh/putty_msg_debug.rb b/modules/exploits/windows/ssh/putty_msg_debug.rb index 0892df4919..117a781436 100644 --- a/modules/exploits/windows/ssh/putty_msg_debug.rb +++ b/modules/exploits/windows/ssh/putty_msg_debug.rb @@ -21,8 +21,9 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2002-1359' ], + [ 'OSVDB', '8044'], [ 'URL', 'http://www.rapid7.com/advisories/R7-0009.html' ], - [ 'BID', '6407'] + [ 'BID', '6407'], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/ssh/securecrt_ssh1.rb b/modules/exploits/windows/ssh/securecrt_ssh1.rb index dc98afe751..fd8cfaf959 100644 --- a/modules/exploits/windows/ssh/securecrt_ssh1.rb +++ b/modules/exploits/windows/ssh/securecrt_ssh1.rb @@ -24,7 +24,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2002-1059' ], - [ 'BID', '5287' ] + [ 'OSVDB', '4991' ], + [ 'BID', '5287' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/ssh/sysax_ssh_username.rb b/modules/exploits/windows/ssh/sysax_ssh_username.rb index 736a7eb739..344a6e8ba6 100644 --- a/modules/exploits/windows/ssh/sysax_ssh_username.rb +++ b/modules/exploits/windows/ssh/sysax_ssh_username.rb @@ -28,6 +28,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '79689'], ['URL', 'http://www.pwnag3.com/2012/02/sysax-multi-server-ssh-username-exploit.html'], ['EDB', '18535'] ], diff --git a/modules/exploits/windows/ssl/ms04_011_pct.rb b/modules/exploits/windows/ssl/ms04_011_pct.rb index 6d46e8565f..278eebb500 100644 --- a/modules/exploits/windows/ssl/ms04_011_pct.rb +++ b/modules/exploits/windows/ssl/ms04_011_pct.rb @@ -33,8 +33,9 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2003-0719'], + [ 'OSVDB', '5250'], [ 'BID', '10116'], - [ 'MSB', 'MS04-011'] + [ 'MSB', 'MS04-011'], ], 'Privileged' => true, diff --git a/modules/exploits/windows/telnet/gamsoft_telsrv_username.rb b/modules/exploits/windows/telnet/gamsoft_telsrv_username.rb index acc638d801..4f7ccaf5fc 100644 --- a/modules/exploits/windows/telnet/gamsoft_telsrv_username.rb +++ b/modules/exploits/windows/telnet/gamsoft_telsrv_username.rb @@ -24,8 +24,9 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2000-0665'], + [ 'OSVDB', '373'], [ 'BID', '1478'], - [ 'URL', 'http://cdn.simtel.net/pub/simtelnet/win95/inetmisc/telsrv15.zip'] + [ 'URL', 'http://cdn.simtel.net/pub/simtelnet/win95/inetmisc/telsrv15.zip'], ], 'Privileged' => false, 'DefaultOptions' => diff --git a/modules/exploits/windows/telnet/goodtech_telnet.rb b/modules/exploits/windows/telnet/goodtech_telnet.rb index 43bf37de4f..05787a086f 100644 --- a/modules/exploits/windows/telnet/goodtech_telnet.rb +++ b/modules/exploits/windows/telnet/goodtech_telnet.rb @@ -24,7 +24,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2005-0768' ], - [ 'BID', '12815' ] + [ 'OSVDB', '14806'], + [ 'BID', '12815' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/tftp/attftp_long_filename.rb b/modules/exploits/windows/tftp/attftp_long_filename.rb index 1583fa7090..5e870c2a45 100644 --- a/modules/exploits/windows/tftp/attftp_long_filename.rb +++ b/modules/exploits/windows/tftp/attftp_long_filename.rb @@ -21,6 +21,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-6184'], + ['OSVDB', '11350'], ['BID', '21320'], ['EDB', '2887'] ], diff --git a/modules/exploits/windows/tftp/distinct_tftp_traversal.rb b/modules/exploits/windows/tftp/distinct_tftp_traversal.rb index 9ab8609058..117490b420 100644 --- a/modules/exploits/windows/tftp/distinct_tftp_traversal.rb +++ b/modules/exploits/windows/tftp/distinct_tftp_traversal.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Exploit::Remote ], 'References' => [ + ['OSVDB', '80984'], ['EDB', '18718'], ['URL', 'http://www.spentera.com/advisories/2012/SPN-01-2012.pdf'], ['CVE', '2012-6664'] diff --git a/modules/exploits/windows/tftp/dlink_long_filename.rb b/modules/exploits/windows/tftp/dlink_long_filename.rb index f5f70ead0f..1809d64ee3 100644 --- a/modules/exploits/windows/tftp/dlink_long_filename.rb +++ b/modules/exploits/windows/tftp/dlink_long_filename.rb @@ -27,7 +27,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2007-1435' ], - [ 'BID', '22923' ] + [ 'OSVDB', '33977' ], + [ 'BID', '22923' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/tftp/futuresoft_transfermode.rb b/modules/exploits/windows/tftp/futuresoft_transfermode.rb index 029beb195d..27117793e5 100644 --- a/modules/exploits/windows/tftp/futuresoft_transfermode.rb +++ b/modules/exploits/windows/tftp/futuresoft_transfermode.rb @@ -27,6 +27,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-1812'], + ['OSVDB', '16954'], ['BID', '13821'] ], diff --git a/modules/exploits/windows/tftp/netdecision_tftp_traversal.rb b/modules/exploits/windows/tftp/netdecision_tftp_traversal.rb index 065d9d6dab..935f681953 100644 --- a/modules/exploits/windows/tftp/netdecision_tftp_traversal.rb +++ b/modules/exploits/windows/tftp/netdecision_tftp_traversal.rb @@ -30,6 +30,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2009-1730'], + ['OSVDB', '54607'], ['BID', '35002'] ], 'Payload' => diff --git a/modules/exploits/windows/tftp/opentftp_error_code.rb b/modules/exploits/windows/tftp/opentftp_error_code.rb index 229ce4c2fc..fa1734b983 100644 --- a/modules/exploits/windows/tftp/opentftp_error_code.rb +++ b/modules/exploits/windows/tftp/opentftp_error_code.rb @@ -31,6 +31,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2008-2161'], + ['OSVDB', '44904'], ['BID', '29111'], ['URL', 'http://downloads.securityfocus.com/vulnerabilities/exploits/29111.pl'] ], diff --git a/modules/exploits/windows/tftp/quick_tftp_pro_mode.rb b/modules/exploits/windows/tftp/quick_tftp_pro_mode.rb index 5a198d4f3d..57e3bfa02b 100644 --- a/modules/exploits/windows/tftp/quick_tftp_pro_mode.rb +++ b/modules/exploits/windows/tftp/quick_tftp_pro_mode.rb @@ -23,8 +23,9 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2008-1610'], + ['OSVDB', '43784'], ['BID', '28459'], - ['URL', 'http://secunia.com/advisories/29494'] + ['URL', 'http://secunia.com/advisories/29494'], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/tftp/tftpd32_long_filename.rb b/modules/exploits/windows/tftp/tftpd32_long_filename.rb index ff7c39f006..62659e76db 100644 --- a/modules/exploits/windows/tftp/tftpd32_long_filename.rb +++ b/modules/exploits/windows/tftp/tftpd32_long_filename.rb @@ -23,7 +23,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2002-2226'], - ['BID', '6199'] + ['OSVDB', '45903'], + ['BID', '6199'], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/tftp/tftpdwin_long_filename.rb b/modules/exploits/windows/tftp/tftpdwin_long_filename.rb index e229c3db90..436e4b922e 100644 --- a/modules/exploits/windows/tftp/tftpdwin_long_filename.rb +++ b/modules/exploits/windows/tftp/tftpdwin_long_filename.rb @@ -21,8 +21,9 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-4948' ], + [ 'OSVDB', '29032' ], [ 'BID', '20131' ], - [ 'EDB', '3132' ] + [ 'EDB', '3132' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/tftp/tftpserver_wrq_bof.rb b/modules/exploits/windows/tftp/tftpserver_wrq_bof.rb index 454505cf21..b1ac37baa9 100644 --- a/modules/exploits/windows/tftp/tftpserver_wrq_bof.rb +++ b/modules/exploits/windows/tftp/tftpserver_wrq_bof.rb @@ -35,6 +35,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-1611' ], + [ 'OSVDB', '43785' ], [ 'BID', '18345' ], [ 'EDB', '5314' ] ], diff --git a/modules/exploits/windows/tftp/threectftpsvc_long_mode.rb b/modules/exploits/windows/tftp/threectftpsvc_long_mode.rb index 20c9fa0083..5af0ab3918 100644 --- a/modules/exploits/windows/tftp/threectftpsvc_long_mode.rb +++ b/modules/exploits/windows/tftp/threectftpsvc_long_mode.rb @@ -23,8 +23,9 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2006-6183'], + ['OSVDB', '30758'], ['BID', '21301'], - ['URL', 'http://secunia.com/advisories/23113/'] + ['URL', 'http://secunia.com/advisories/23113/'], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/unicenter/cam_log_security.rb b/modules/exploits/windows/unicenter/cam_log_security.rb index 2ef2661ed4..3616ae558c 100644 --- a/modules/exploits/windows/unicenter/cam_log_security.rb +++ b/modules/exploits/windows/unicenter/cam_log_security.rb @@ -24,7 +24,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ ['CVE', '2005-2668'], - ['BID', '14622'] + ['OSVDB', '18916'], + ['BID', '14622'], ], 'Privileged' => true, 'Payload' => diff --git a/modules/exploits/windows/vnc/realvnc_client.rb b/modules/exploits/windows/vnc/realvnc_client.rb index 8c0e664848..aa4f88043f 100644 --- a/modules/exploits/windows/vnc/realvnc_client.rb +++ b/modules/exploits/windows/vnc/realvnc_client.rb @@ -19,7 +19,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2001-0167' ], - [ 'BID', '2305' ] + [ 'OSVDB', '6281' ], + [ 'BID', '2305' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/vnc/ultravnc_client.rb b/modules/exploits/windows/vnc/ultravnc_client.rb index 870802bf58..9b513c571a 100644 --- a/modules/exploits/windows/vnc/ultravnc_client.rb +++ b/modules/exploits/windows/vnc/ultravnc_client.rb @@ -20,7 +20,8 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2006-1652' ], - [ 'BID', '17378' ] + [ 'OSVDB', '24456' ], + [ 'BID', '17378' ], ], 'DefaultOptions' => { diff --git a/modules/exploits/windows/vnc/ultravnc_viewer_bof.rb b/modules/exploits/windows/vnc/ultravnc_viewer_bof.rb index 681fb92913..6ed96a1fab 100644 --- a/modules/exploits/windows/vnc/ultravnc_viewer_bof.rb +++ b/modules/exploits/windows/vnc/ultravnc_viewer_bof.rb @@ -25,6 +25,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2008-0610' ], + [ 'OSVDB', '42840' ], [ 'BID', '27561' ], ], 'DefaultOptions' => diff --git a/modules/exploits/windows/vnc/winvnc_http_get.rb b/modules/exploits/windows/vnc/winvnc_http_get.rb index e4e7fb65ac..b632b9c800 100644 --- a/modules/exploits/windows/vnc/winvnc_http_get.rb +++ b/modules/exploits/windows/vnc/winvnc_http_get.rb @@ -25,6 +25,7 @@ require 'msf/core' 'References' => [ [ 'BID', '2306' ], + [ 'OSVDB', '6280' ], [ 'CVE', '2001-0168' ], ], 'Privileged' => true, diff --git a/modules/exploits/windows/vpn/safenet_ike_11.rb b/modules/exploits/windows/vpn/safenet_ike_11.rb index 202ed0041a..d6edf7d1fe 100644 --- a/modules/exploits/windows/vpn/safenet_ike_11.rb +++ b/modules/exploits/windows/vpn/safenet_ike_11.rb @@ -24,6 +24,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2009-1943' ], + [ 'OSVDB', '54831' ], [ 'BID', '35154' ], [ 'URL', 'http://reversemode.com/index.php?option=com_content&task=view&id=63&Itemid=1' ], ], diff --git a/modules/exploits/windows/wins/ms04_045_wins.rb b/modules/exploits/windows/wins/ms04_045_wins.rb index fade958760..c47f62277d 100644 --- a/modules/exploits/windows/wins/ms04_045_wins.rb +++ b/modules/exploits/windows/wins/ms04_045_wins.rb @@ -26,6 +26,7 @@ class MetasploitModule < Msf::Exploit::Remote 'References' => [ [ 'CVE', '2004-1080'], + [ 'OSVDB', '12378'], [ 'BID', '11763'], [ 'MSB', 'MS04-045'], diff --git a/modules/post/multi/escalate/cups_root_file_read.rb b/modules/post/multi/escalate/cups_root_file_read.rb index 3136699019..195d8fe714 100644 --- a/modules/post/multi/escalate/cups_root_file_read.rb +++ b/modules/post/multi/escalate/cups_root_file_read.rb @@ -32,6 +32,7 @@ class MetasploitModule < Msf::Post 'References' => [ ['CVE', '2012-5519'], + ['OSVDB', '87635'], ['URL', 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692791'] ], 'License' => MSF_LICENSE, diff --git a/modules/post/windows/escalate/ms10_073_kbdlayout.rb b/modules/post/windows/escalate/ms10_073_kbdlayout.rb index 37a0f946e9..4aadfeb3fe 100644 --- a/modules/post/windows/escalate/ms10_073_kbdlayout.rb +++ b/modules/post/windows/escalate/ms10_073_kbdlayout.rb @@ -29,6 +29,7 @@ class MetasploitModule < Msf::Post 'SessionTypes' => [ 'meterpreter' ], 'References' => [ + [ 'OSVDB', '68552' ], [ 'CVE', '2010-2743' ], [ 'MSB', 'MS10-073' ], [ 'URL', 'http://www.reversemode.com/index.php?option=com_content&task=view&id=71&Itemid=1' ], diff --git a/scripts/meterpreter/srt_webdrive_priv.rb b/scripts/meterpreter/srt_webdrive_priv.rb index 92ef4dcf88..8d1f683124 100644 --- a/scripts/meterpreter/srt_webdrive_priv.rb +++ b/scripts/meterpreter/srt_webdrive_priv.rb @@ -21,6 +21,7 @@ # - http://retrogod.altervista.org/9sg_south_river_priv.html # - http://www.rec-sec.com/2010/01/26/srt-webdrive-privilege-escalation/ # - http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-4606 +# - http://osvdb.org/show/osvdb/59080 # # mtrancer[@]gmail.com # http://www.rec-sec.com diff --git a/scripts/resource/autoexploit.rc b/scripts/resource/autoexploit.rc index 4a227694dd..52b7c7cd63 100644 --- a/scripts/resource/autoexploit.rc +++ b/scripts/resource/autoexploit.rc @@ -55,6 +55,7 @@ def ref_has_match(vuln_refs, exp_refs) vuln_refs.each do |ref| n = ref.name n = n.gsub(/^CVE\-/, '') + n = n.gsub(/^OSVDB\-/, '') n = n.gsub(/^MSB\-/, '') n = n.gsub(/^EDB-/, '') diff --git a/spec/support/shared/examples/msf/db_manager/module_cache.rb b/spec/support/shared/examples/msf/db_manager/module_cache.rb index d1c44ad302..7c9d2cdadc 100644 --- a/spec/support/shared/examples/msf/db_manager/module_cache.rb +++ b/spec/support/shared/examples/msf/db_manager/module_cache.rb @@ -301,6 +301,8 @@ RSpec.shared_examples_for 'Msf::DBManager::ModuleCache' do it_should_behave_like 'Msf::DBManager#search_modules Mdm::Module::Platform#name or Mdm::Module::Target#name keyword', :os + it_should_behave_like 'Msf::DBManager#search_modules Mdm::Module::Ref#name keyword', :osvdb + it_should_behave_like 'Msf::DBManager#search_modules Mdm::Module::Platform#name or Mdm::Module::Target#name keyword', :platform context 'with ref keyword' do diff --git a/spec/support/shared/examples/msf/module/search.rb b/spec/support/shared/examples/msf/module/search.rb index f504b23eb9..18d8cb1c1e 100644 --- a/spec/support/shared/examples/msf/module/search.rb +++ b/spec/support/shared/examples/msf/module/search.rb @@ -1,6 +1,6 @@ RSpec.shared_examples_for 'Msf::Module::Search' do describe '#search_filter' do - REF_TYPES = %w(CVE BID EDB) + REF_TYPES = %w(CVE BID OSVDB EDB) shared_examples "search_filter" do |opts| accept = opts[:accept] || [] diff --git a/test/modules/auxiliary/test/check.rb b/test/modules/auxiliary/test/check.rb index 07407052b4..09138e7dcb 100644 --- a/test/modules/auxiliary/test/check.rb +++ b/test/modules/auxiliary/test/check.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ - [ 'CVE', '0' ] + [ 'OSVDB', '0' ] ], 'Author' => [ diff --git a/test/modules/auxiliary/test/space-check.rb b/test/modules/auxiliary/test/space-check.rb index 6aa2f0e008..aaa7ae5f5a 100644 --- a/test/modules/auxiliary/test/space-check.rb +++ b/test/modules/auxiliary/test/space-check.rb @@ -18,7 +18,7 @@ class MetasploitModule < Msf::Auxiliary }, 'References' => [ - [ 'CVE', '0' ] + [ 'OSVDB', '0' ] ], 'Author' => [ diff --git a/test/modules/exploits/test/check.rb b/test/modules/exploits/test/check.rb index 44951b4aef..5520014680 100644 --- a/test/modules/exploits/test/check.rb +++ b/test/modules/exploits/test/check.rb @@ -15,7 +15,7 @@ class MetasploitModule < Msf::Exploit }, 'References' => [ - [ 'CVE', '0' ] + [ 'OSVDB', '0' ] ], 'Author' => [ diff --git a/tools/dev/msftidy.rb b/tools/dev/msftidy.rb index a2f8f2e62e..790f1eb224 100755 --- a/tools/dev/msftidy.rb +++ b/tools/dev/msftidy.rb @@ -178,6 +178,8 @@ class Msftidy case identifier when 'CVE' warn("Invalid CVE format: '#{value}'") if value !~ /^\d{4}\-\d{4,}$/ + when 'OSVDB' + warn("Invalid OSVDB format: '#{value}'") if value !~ /^\d+$/ when 'BID' warn("Invalid BID format: '#{value}'") if value !~ /^\d+$/ when 'MSB' @@ -195,7 +197,9 @@ class Msftidy when 'PACKETSTORM' warn("Invalid PACKETSTORM reference") if value !~ /^\d+$/ when 'URL' - if value =~ /^http:\/\/cvedetails\.com\/cve/ + if value =~ /^http:\/\/www\.osvdb\.org/ + warn("Please use 'OSVDB' for '#{value}'") + elsif value =~ /^http:\/\/cvedetails\.com\/cve/ warn("Please use 'CVE' for '#{value}'") elsif value =~ /^http:\/\/www\.securityfocus\.com\/bid\// warn("Please use 'BID' for '#{value}'") diff --git a/tools/modules/module_reference.rb b/tools/modules/module_reference.rb index 6d4d32ba2a..e4bfe88d9a 100755 --- a/tools/modules/module_reference.rb +++ b/tools/modules/module_reference.rb @@ -24,6 +24,7 @@ require 'uri' def types { 'ALL' => '', + 'OSVDB' => 'http://www.osvdb.org/#{in_ctx_val}', 'CVE' => 'http://cvedetails.com/cve/#{in_ctx_val}/', 'CWE' => 'http://cwe.mitre.org/data/definitions/#{in_ctx_val}.html', 'BID' => 'http://www.securityfocus.com/bid/#{in_ctx_val}',