Redmine是基于ROR框架开发的一套跨平台项目管理系统,是项目管理系统的后起之秀。Redmine存在远程代码执行漏洞,可能导致攻击者远程执行任意代码。
[+]info:
~~~~~~~~~
joernchen (Phenoelit)
[+]poc:
~~~~~~~~~
http://metasploit.com/redmine/projects/framework/repository/revisions/11406/entry/modules/exploits/unix/webapp/redmine_scm_exec.rb
[+]Reference:
~~~~~~~~~
http://eromang.zataz.com/2010/12/26/remote-code-execution-for-redmine/
http://metasploit.com/redmine/projects/framework/repository/revisions/11406/entry/modules/exploit
[+]info:
~~~~~~~~~
joernchen
[+]poc:
~~~~~~~~~
http://metasploit.com/redmine/projects/framework/repository/revisions/11406/entry/modules/exploits/unix/webapp/redmine_scm_exec.rb
[+]Reference:
~~~~~~~~~
http://eromang.zataz.com/2010/12/26/remote-code-execution-for-redmine/
http://metasploit.com/redmine/projects/framework/repository/revisions/11406/entry/modules/exploit
本文由站长原创或收集,不代表本站立场,如若转载,请注明出处:http://yesck.com/post/376/
赞(0)
赏
YesCK
电影非诚勿扰1和非诚勿扰2种子下载BT下载
上一篇
2010年12月28日 15:43
TOSEC 2011首届信息安全会议"即将开始啦!
下一篇
2010年12月28日 19:29
本文 暂无 评论