Land rapid7#2593, updated refs for @brandonprry's stuff

wvu · wvu · commit b3c4dfcb04fb · 2013-10-30T12:29:47.000-05:00
diff --git a/modules/auxiliary/admin/http/openbravo_xxe.rb b/modules/auxiliary/admin/http/openbravo_xxe.rb
@@ -27,6 +27,11 @@ def initialize(info = {})
         [
           'Brandon Perry <bperry.volatile[at]gmail.com>' # Discovery / msf module
         ],
+      'References' =>
+        [
+          ['CVE', '2013-3617'],
+          ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats']
+        ],
       'License' => MSF_LICENSE,
       'DisclosureDate' => 'Oct 30 2013'
     ))
diff --git a/modules/exploits/multi/http/ispconfig_php_exec.rb b/modules/exploits/multi/http/ispconfig_php_exec.rb
@@ -27,7 +27,8 @@ def initialize(info = {})
       'License' => MSF_LICENSE,
       'References' =>
         [
-          ['CVE', '2013-3629']
+          ['CVE', '2013-3629'],
+          ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats']
         ],
       'Privileged' => false,
       'Platform'	 => ['php'],
diff --git a/modules/exploits/multi/http/moodle_cmd_exec.rb b/modules/exploits/multi/http/moodle_cmd_exec.rb
@@ -35,8 +35,9 @@ def initialize(info={})
       ],
     'References'     =>
       [
-        ['URL', 'http://www.exploit-db.com/exploits/28174/'], #xss vuln allowing sesskey of admins to be stolen
-        ['CVE', '2013-3630']
+        ['CVE', '2013-3630'],
+        ['EDB', '28174'], #xss vuln allowing sesskey of admins to be stolen
+        ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats']
       ],
     'Payload'        =>
     {
diff --git a/modules/exploits/multi/http/nas4free_php_exec.rb b/modules/exploits/multi/http/nas4free_php_exec.rb
@@ -26,7 +26,8 @@ def initialize(info = {})
       'License'        => MSF_LICENSE,
       'References'     =>
         [
-          ['CVE', '2013-3631']
+          ['CVE', '2013-3631'],
+          ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats']
         ],
       'Payload'	=>
         {
diff --git a/modules/exploits/multi/http/openmediavault_cmd_exec.rb b/modules/exploits/multi/http/openmediavault_cmd_exec.rb
@@ -25,7 +25,8 @@ def initialize(info={})
         ],
       'References'     =>
         [
-          ['CVE', '2013-3632']
+          ['CVE', '2013-3632'],
+          ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats']
         ],
       'Privileged' => true,
       'DefaultOptions' => { 'WfsDelay' => 60 },
diff --git a/modules/exploits/multi/http/vtiger_php_exec.rb b/modules/exploits/multi/http/vtiger_php_exec.rb
@@ -27,6 +27,7 @@ def initialize(info = {})
       'License' => MSF_LICENSE,
       'References' =>
         [
+          ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats']
         ],
       'Privileged' => false,
       'Platform'   => ['php'],
diff --git a/modules/exploits/multi/http/zabbix_script_exec.rb b/modules/exploits/multi/http/zabbix_script_exec.rb
@@ -27,7 +27,8 @@ def initialize(info={})
         ],
       'References'     =>
         [
-          ['CVE', '2013-3628']
+          ['CVE', '2013-3628'],
+          ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats']
         ],
       'Payload'        =>
       {

Original file line number	Diff line number	Diff line change
`@@ -35,8 +35,9 @@ def initialize(info={})`
`35`	`35`	`],`
`36`	`36`	`'References' =>`
`37`	`37`	`[`
`38`		`- ['URL', 'http://www.exploit-db.com/exploits/28174/'], #xss vuln allowing sesskey of admins to be stolen`
`39`		`- ['CVE', '2013-3630']`
	`38`	`+ ['CVE', '2013-3630'],`
	`39`	`+ ['EDB', '28174'], #xss vuln allowing sesskey of admins to be stolen`
	`40`	`+ ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats']`
`40`	`41`	`],`
`41`	`42`	`'Payload' =>`
`42`	`43`	`{`
Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,8 @@ def initialize(info = {})`
`26`	`26`	`'License' => MSF_LICENSE,`
`27`	`27`	`'References' =>`
`28`	`28`	`[`
`29`		`- ['CVE', '2013-3631']`
	`29`	`+ ['CVE', '2013-3631'],`
	`30`	`+ ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats']`
`30`	`31`	`],`
`31`	`32`	`'Payload' =>`
`32`	`33`	`{`
Original file line number	Diff line number	Diff line change
`@@ -27,6 +27,7 @@ def initialize(info = {})`
`27`	`27`	`'License' => MSF_LICENSE,`
`28`	`28`	`'References' =>`
`29`	`29`	`[`
	`30`	`+ ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats']`
`30`	`31`	`],`
`31`	`32`	`'Privileged' => false,`
`32`	`33`	`'Platform' => ['php'],`
Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,8 @@ def initialize(info={})`
`27`	`27`	`],`
`28`	`28`	`'References' =>`
`29`	`29`	`[`
`30`		`- ['CVE', '2013-3628']`
	`30`	`+ ['CVE', '2013-3628'],`
	`31`	`+ ['URL', 'https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats']`
`31`	`32`	`],`
`32`	`33`	`'Payload' =>`
`33`	`34`	`{`