Subscribe via feed.

Alienvault OSSIM av-centerd Util.pm sync_rserver Command Execution

Posted by deepcore on September 15, 2017 – 8:53 am

This Metasploit module exploits a command injection vulnerability found within the sync_rserver function in Util.pm. The vulnerability is triggered due to an incomplete blacklist during the parsing of the $uuid parameter. This allows for the escaping of a system command allowing for arbitrary command execution as root.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.