mirror of
https://github.com/cliffe/SecGen.git
synced 2026-02-20 13:50:45 +00:00
50 lines
1.7 KiB
XML
50 lines
1.7 KiB
XML
<?xml version="1.0"?>
|
|
|
|
<vulnerability xmlns="http://www.github/cliffe/SecGen/vulnerability"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://www.github/cliffe/SecGen/vulnerability">
|
|
<name>DistCC Daemon Command Execution</name>
|
|
<author>Lewis Ardern</author>
|
|
<module_license>MIT</module_license>
|
|
<description>Distcc has a documented security weakness that enables remote code execution.</description>
|
|
|
|
<type>distcc</type>
|
|
<privilege>user_rwx</privilege>
|
|
<access>remote</access>
|
|
<platform>unix</platform>
|
|
|
|
<read_fact>strings_to_leak</read_fact>
|
|
<read_fact>leaked_filename</read_fact>
|
|
|
|
<default_input into="strings_to_leak">
|
|
<generator type="message_generator"/>
|
|
<generator type="message_generator"/>
|
|
</default_input>
|
|
|
|
<default_input into="leaked_filename">
|
|
<generator module_path="generators/filenames/leaked_filename"/>
|
|
</default_input>
|
|
|
|
<!--optional vulnerability details-->
|
|
<difficulty>medium</difficulty>
|
|
<cve>CVE-2004-2687</cve>
|
|
<cvss_base_score>9.3</cvss_base_score>
|
|
<cvss_vector>AV:N/AC:M/Au:N/C:C/I:C/A:C</cvss_vector>
|
|
<reference>https://www.rapid7.com/db/modules/exploit/unix/misc/distcc_exec</reference>
|
|
<reference>OSVDB-13378</reference>
|
|
<software_name>distcc</software_name>
|
|
<software_license>GPLv2</software_license>
|
|
|
|
<!--optional breadcrumb (info that is leaked and required to exploit)-->
|
|
<!--<breadcrumb></breadcrumb>-->
|
|
|
|
<!--optional hints-->
|
|
<msf_module>exploit/unix/misc/distcc_exec</msf_module>
|
|
<hint>On a non-standard port</hint>
|
|
<solution>Distcc is vulnerable, and on a high port number.</solution>
|
|
|
|
<!--Cannot co-exist with other installations-->
|
|
<conflict>
|
|
<software_name>distcc</software_name>
|
|
</conflict>
|
|
</vulnerability> |