RSS   Podatności dla 'Metasploit framework'   RSS

2011-02-21
 
CVE-2011-1057

CWE-264
 

 
The installer for Metasploit Framework 3.5.1, when running on Windows, uses weak inherited permissions for the Metasploit installation directory, which allows local users to gain privileges by replacing critical files with a Trojan horse.

 
 
CVE-2011-1056

CWE-264
 

 
The installer for Metasploit Framework 3.5.1, when running on Windows, uses weak inherited permissions for the Metasploit installation directory, which allows local users to gain privileges by replacing critical files with a Trojan horse.

 
2005-08-07
 
CVE-2005-2482

 

 
The StateToOptions function in msfweb in Metasploit Framework 2.4 and earlier, when running with the -D option (defanged mode), allows attackers to modify temporary environment variables before the "_Defanged" environment option is checked when processing the Exploit command.

 


Copyright 2024, cxsecurity.com

 

Back to Top