Metasploit modules that can be used to exploit Gentoo products
-
Webmin /file/show.cgi Remote Command Execution
Disclosure Date: 2012-09-06First seen: 2020-04-26exploit/unix/webapp/webmin_show_cgi_execThis module exploits an arbitrary command execution vulnerability in Webmin 1.580. The vulnerability exists in the /file/show.cgi component and allows an authenticated user, with access to the File Manager Module, to execute arbitrary commands with root privileges. The module has been tested successfully with Webmin 1.580 over Ubuntu 10.04. Authors: - Unknown - juan vazquez <juan.vazquez@metasploit.com> -
Webmin edit_html.cgi file Parameter Traversal Arbitrary File Access
Disclosure Date: 2012-09-06First seen: 2020-04-26auxiliary/admin/webmin/edit_html_fileaccessThis module exploits a directory traversal in Webmin 1.580. The vulnerability exists in the edit_html.cgi component and allows an authenticated user with access to the File Manager Module to access arbitrary files with root privileges. The module has been tested successfully with Webmin 1.580 over Ubuntu 10.04. Authors: - Unknown - juan vazquez <juan.vazquez@metasploit.com> -
TWiki Search Function Arbitrary Command Execution
Disclosure Date: 2004-10-01First seen: 2020-04-26exploit/unix/webapp/twiki_searchThis module exploits a vulnerability in the search component of TWiki. By passing a 'search' parameter containing shell metacharacters to the 'WebSearch' script, an attacker can execute arbitrary OS commands. Authors: - jduck <jduck@metasploit.com> -
Unreal Tournament 2004 "secure" Overflow (Linux)
Disclosure Date: 2004-06-18First seen: 2020-04-26exploit/linux/games/ut2004_secureThis is an exploit for the GameSpy secure query in the Unreal Engine. This exploit only requires one UDP packet, which can be both spoofed and sent to a broadcast address. Usually, the GameSpy query server listens on port 7787, but you can manually specify the port as well. The RunServer.sh script will automatically restart the server upon a crash, giving us the ability to bruteforce the service and exploit it multiple times. Authors: - onetwo -
Unreal Tournament 2004 "secure" Overflow (Win32)
Disclosure Date: 2004-06-18First seen: 2020-04-26exploit/windows/games/ut2004_secureThis is an exploit for the GameSpy secure query in the Unreal Engine. This exploit only requires one UDP packet, which can be both spoofed and sent to a broadcast address. Usually, the GameSpy query server listens on port 7787, but you can manually specify the port as well. The RunServer.sh script will automatically restart the server upon a crash, giving us the ability to bruteforce the service and exploit it multiple times. Authors: - stinko <vinnie@metasploit.com> -
Sendmail SMTP Address prescan Memory Corruption
Disclosure Date: 2003-09-17First seen: 2020-04-26auxiliary/dos/smtp/sendmail_prescanThis is a proof of concept denial of service module for Sendmail versions 8.12.8 and earlier. The vulnerability is within the prescan() method when parsing SMTP headers. Due to the prescan function, only 0x5c and 0x00 bytes can be used, limiting the likelihood for arbitrary code execution. Authors: - aushack <patrick@osisecurity.com.au>
6 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details