Land rapid7#12310, Add CVE info for jboss_vulnscan and jboss_status

jboss_vulnscan and jboss_status: add CVE information
snotsbubble · Sep 11, 2019 · cfeaca6 · cfeaca6
2 parents 3483881 + b460dc1
commit cfeaca6
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/modules/auxiliary/scanner/http/jboss_status.rb b/modules/auxiliary/scanner/http/jboss_status.rb
@@ -19,6 +19,7 @@ def initialize
       'References'  =>
         [
           ['CVE', '2008-3273'],
+          ['CVE', '2010-1429'], # regression
           ['URL', 'https://seclists.org/fulldisclosure/2011/Sep/139'],
           ['URL', 'https://www.owasp.org/images/a/a9/OWASP3011_Luca.pdf'],
           ['URL', 'http://www.slideshare.net/chrisgates/lares-fromlowtopwned']

diff --git a/modules/auxiliary/scanner/http/jboss_vulnscan.rb b/modules/auxiliary/scanner/http/jboss_vulnscan.rb
@@ -23,8 +23,11 @@ def initialize(info = {})
         ],
       'References'            =>
         [
-          [ 'CVE', '2010-0738' ], # VERB auth bypass
-          [ 'CVE', '2017-12149' ]
+          [ 'CVE', '2008-3273' ], # info disclosure via unauthenticated access to "/status"
+          [ 'CVE', '2010-1429' ], # info disclosure via unauthenticated access to "/status" (regression)
+          [ 'CVE', '2010-0738' ], # VERB auth bypass on "JMX-Console": /jmx-console/
+          [ 'CVE', '2010-1428' ], # VERB auth bypass on "Web Console": /web-console/
+          [ 'CVE', '2017-12149' ] # deserialization: "/invoker/readonly"
         ],
       'License'               => BSD_LICENSE
       ))