adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

automatic module_metadata_base.json update

Browse Source
This commit is contained in:
Metasploit
2020-12-14 08:25:59 -06:00
parent 5e84dfec15
commit fc701733f9
1 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
db/modules_metadata_base.json
+11 -3
View File
@@ -135620,15 +135620,23 @@
"type": "exploit",
"author": [
"Chris Lyne",
"Matteo Malvica",
"bcoles <bcoles@gmail.com>"
],
"description": "Druva inSync client for Windows exposes a network service on TCP port\n 6064 on the local network interface. inSync versions 6.5.2 and prior\n do not validate user-supplied program paths in RPC type 5 messages,\n allowing execution of arbitrary commands as SYSTEM.\n This module has been tested successfully on inSync version\n 6.5.2r99097 on Windows 7 SP1 (x64).",
"description": "Druva inSync client for Windows exposes a network service on TCP\n port 6064 on the local network interface. inSync versions 6.6.3\n and prior do not properly validate user-supplied program paths\n in RPC type 5 messages, allowing execution of arbitrary commands\n as SYSTEM.\n\n This module has been tested successfully on inSync versions\n 6.5.2r99097 and 6.6.3r102156 on Windows 7 SP1 (x64).",
"references": [
"CVE-2019-3999",
"CVE-2020-5752",
"EDB-48400",
"EDB-48505",
"EDB-49211",
"PACKETSTORM-157493",
"PACKETSTORM-157802",
"PACKETSTORM-160404",
"URL-https://www.tenable.com/security/research/tra-2020-12",
"URL-https://github.com/tenable/poc/blob/master/druva/inSync/druva_win_cphwnet64.py"
"URL-https://www.tenable.com/security/research/tra-2020-34",
"URL-https://github.com/tenable/poc/blob/master/druva/inSync/druva_win_cphwnet64.py",
"URL-https://www.matteomalvica.com/blog/2020/05/21/lpe-path-traversal/"
],
"platform": "Windows",
"arch": "",
@@ -135642,7 +135650,7 @@
"targets": [
"Automatic"
],
"mod_time": "2020-05-06 14:09:46 +0000",
"mod_time": "2020-12-10 12:14:47 +0000",
"path": "/modules/exploits/windows/local/druva_insync_insynccphwnet64_rcp_type_5_priv_esc.rb",
"is_install_path": true,
"ref_name": "windows/local/druva_insync_insynccphwnet64_rcp_type_5_priv_esc",