Land rapid7#3196, release fixes

Author: wvu

modules/auxiliary/gather/alienvault_iso27001_sqli.rb

@@ -15,7 +15,7 @@ def initialize(info={})
       'Description'    => %q{
         AlienVault 4.5.0 is susceptible to an authenticated SQL injection attack via a PNG
         generation PHP file. This module exploits this to read an arbitrary file from
-        the file system. Any authenticated user should be able to exploit it. Administration
+        the file system. Any authenticated user is able to exploit it, as administrator
         privileges aren't required.
       },
       'License'        => MSF_LICENSE,

modules/auxiliary/scanner/http/oracle_demantra_file_retrieval.rb

@@ -15,9 +15,11 @@ def initialize(info = {})
     super(update_info(info,
       'Name'           => 'Oracle Demantra Arbitrary File Retrieval with Authentication Bypass',
       'Description'    => %q{
-       This module exploits a file downlad vulnerability found in Oracle Demantra 12.2.1 in
-       combination with an authentication bypass. This way an unauthenticated user can retreive
-       any file on the system by referencing the full file path to any file a vulnerable machine.
+        This module exploits a file downlad vulnerability found in Oracle
+        Demantra 12.2.1 in combination with an authentication bypass. By
+        combining these exposures, an unauthenticated user can retreive any file
+        on the system by referencing the full file path to any file a vulnerable
+        machine.
       },
       'References'     =>
         [

modules/encoders/generic/eicar.rb

@@ -16,8 +16,8 @@ def initialize
     super(
       'Name'             => 'The EICAR Encoder',
       'Description'      => %q{
-        This encoder merely tacks the EICAR test string to the beginning of
-        the payload. Note, this is sure to ruin your payload.
+        This encoder merely replaces the given payload with the EICAR test string.
+        Note, this is sure to ruin your payload.
 
         Any content-aware firewall, proxy, IDS, or IPS that follows anti-virus
         standards should alert and do what it would normally do when malware is

modules/exploits/linux/http/linksys_themoon_exec.rb

@@ -16,9 +16,9 @@ def initialize(info = {})
       'Name'        => 'Linksys E-Series TheMoon Remote Command Injection',
       'Description' => %q{
         Some Linksys E-Series Routers are vulnerable to an unauthenticated OS command
-        injection. This vulnerability was used from the so called "TheMoon" worm. There
-        are many Linksys systems that might be vulnerable including E4200, E3200, E3000,
-        E2500, E2100L, E2000, E1550, E1500, E1200, E1000, E900. This module was tested
+        injection. This vulnerability was used from the so-called "TheMoon" worm. There
+        are many Linksys systems that are potentially vulnerable, including E4200, E3200, E3000,
+        E2500, E2100L, E2000, E1550, E1500, E1200, E1000, and E900. This module was tested
         successfully against an E1500 v1.0.5.
       },
       'Author'      =>

modules/exploits/windows/fileformat/winrar_name_spoofing.rb

@@ -20,7 +20,7 @@ def initialize(info = {})
         when opening ZIP files. The file names showed in WinRAR when opening a ZIP file come from
         the central directory, but the file names used to extract and open contents come from the
         Local File Header. This inconsistency allows to spoof file names when opening ZIP files
-        with WiRAR, which can be abused to execute arbitrary code, like exploited in the wild in
+        with WinRAR, which can be abused to execute arbitrary code, as exploited in the wild in
         March 2014
       },
       'License'        => MSF_LICENSE,