automatic module_metadata_base.json update

2019-12-26 13:59:49 -06:00
parent f4a0ef2ee9
commit d2e2dcf85e
1 changed files with 49 additions and 2 deletions
@@ -10101,6 +10101,53 @@
    },
    "needs_cleanup": false
  },
+  "auxiliary_dos/http/metasploit_httphandler_dos": {
+    "name": "Metasploit HTTP(S) handler DoS",
+    "fullname": "auxiliary/dos/http/metasploit_httphandler_dos",
+    "aliases": [
+
+    ],
+    "rank": 300,
+    "disclosure_date": "2019-09-04",
+    "type": "auxiliary",
+    "author": [
+      "Jose Garduno, Dreamlab Technologies AG",
+      "Angelo Seiler, Dreamlab Technologies AG"
+    ],
+    "description": "This module exploits the Metasploit HTTP(S) handler by sending\n        a specially crafted HTTP request that gets added as a resource handler.\n        Resources (which come from the external connections) are evaluated as RegEx\n        in the handler server. Specially crafted input can trigger Gentle, Soft and Hard DoS.\n\n        Tested against Metasploit 5.0.20.",
+    "references": [
+      "CVE-2019-5645"
+    ],
+    "platform": "",
+    "arch": "",
+    "rport": 80,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": null,
+    "mod_time": "2019-12-26 13:31:38 +0000",
+    "path": "/modules/auxiliary/dos/http/metasploit_httphandler_dos.rb",
+    "is_install_path": true,
+    "ref_name": "dos/http/metasploit_httphandler_dos",
+    "check": false,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+    },
+    "needs_cleanup": false
+  },
  "auxiliary_dos/http/monkey_headers": {
    "name": "Monkey HTTPD Header Parsing Denial of Service (DoS)",
    "fullname": "auxiliary/dos/http/monkey_headers",
@@ -59704,7 +59751,7 @@
      "jannh <jannh@google.com>",
      "h00die <mike@shorebreaksecurity.com>"
    ],
-    "description": "Linux kernel 4.4 < 4.5.5 extended Berkeley Packet Filter (eBPF)\n        does not properly reference count file descriptors, resulting\n        in a use-after-free, which can be abused to escalate privileges.\n\n        The target system must be compiled with `CONFIG_BPF_SYSCALL`\n        and must not have `kernel.unprivileged_bpf_disabled` set to 1.\n\n        This module has been tested successfully on:\n\n        Ubuntu 16.04 (x64) kernel 4.4.0-21-generic (default kernel);\n        Ubuntu 16.04 (x64) kernel 4.4.0-38-generic;\n        Ubuntu 16.04 (x64) kernel 4.4.0-42-generic;\n        Ubuntu 16.04 (x64) kernel 4.4.0-98-generic;\n        Ubuntu 16.04 (x64) kernel 4.4.0-140-generic.",
+    "description": "Linux kernel 4.4 < 4.5.5 extended Berkeley Packet Filter (eBPF)\n        does not properly reference count file descriptors, resulting\n        in a use-after-free, which can be abused to escalate privileges.\n\n        The target system must be compiled with `CONFIG_BPF_SYSCALL`\n        and must not have `kernel.unprivileged_bpf_disabled` set to 1.\n\n        Note, this module will overwrite the first few lines\n        of `/etc/crontab` with a new cron job. The job will\n        need to be manually removed.\n\n        This module has been tested successfully on Ubuntu 16.04 (x64)\n        kernel 4.4.0-21-generic (default kernel).",
    "references": [
      "BID-90309",
      "CVE-2016-4557",
@@ -59729,7 +59776,7 @@
      "Linux x86",
      "Linux x64"
    ],
-    "mod_time": "2018-12-15 05:39:50 +0000",
+    "mod_time": "2019-12-26 16:21:44 +0000",
    "path": "/modules/exploits/linux/local/bpf_priv_esc.rb",
    "is_install_path": true,
    "ref_name": "linux/local/bpf_priv_esc",