mirror of
https://github.com/cliffe/SecGen.git
synced 2026-02-21 19:28:02 +00:00
80 lines
1.6 KiB
XML
80 lines
1.6 KiB
XML
<vulnerabilities>
|
|
<vulnerability
|
|
type="ftp"
|
|
cve=""
|
|
privilege="user"
|
|
access="remote"
|
|
details="Anonymous FTP has been installed on this host">
|
|
<puppets>
|
|
<puppet>ftp</puppet>
|
|
</puppets>
|
|
</vulnerability>
|
|
<vulnerability
|
|
type="www"
|
|
cve=""
|
|
privilege="user"
|
|
access="remote"
|
|
details="command injection from webserver /var/www/commandinjection">
|
|
<ports>
|
|
<port>80</port>
|
|
</ports>
|
|
<puppets>
|
|
<puppet>commandinjection</puppet>
|
|
</puppets>
|
|
</vulnerability>
|
|
<vulnerability
|
|
type="nfs"
|
|
cve=""
|
|
privilege="user"
|
|
access="remote"
|
|
details="open NFS mount, can mount entire OS">
|
|
<puppets>
|
|
<puppet>nfs</puppet>
|
|
</puppets>
|
|
</vulnerability>
|
|
<vulnerability
|
|
type="smb"
|
|
cve=""
|
|
privilege="user"
|
|
access="remote"
|
|
details="Open samba share">
|
|
<puppets>
|
|
<puppet>samba</puppet>
|
|
</puppets>
|
|
</vulnerability>
|
|
<vulnerability
|
|
type="local-config"
|
|
cve=""
|
|
privilege="root"
|
|
access="local"
|
|
details="This puppet module edits the chmod of the shadow file to 777.">
|
|
<puppets>
|
|
<puppet>writeableshadow</puppet>
|
|
</puppets>
|
|
</vulnerability>
|
|
|
|
<vulnerability
|
|
type="ftp"
|
|
cve=""
|
|
privilege="user"
|
|
access="remote"
|
|
details="ftpbackdoor smiley face backdoor exploit">
|
|
<puppets>
|
|
<puppet>ftpbackdoor</puppet>
|
|
</puppets>
|
|
</vulnerability>
|
|
<vulnerability
|
|
type="www"
|
|
cve=""
|
|
privilege="user"
|
|
access="remote"
|
|
details="sqlinjection 'isn't 100% automated you stil need to set up the tables. viewable from /var/www/sqlinjection">
|
|
<ports>
|
|
<port>80</port>
|
|
</ports>
|
|
<puppets>
|
|
<puppet>sqlinjection</puppet>
|
|
</puppets>
|
|
</vulnerability>
|
|
</vulnerabilities>
|