Service Upstart Persistence

This module will create a service on the box, and mark it for auto-restart. We need enough access to write service files and potentially restart services Targets: CentOS 6 Fedora = 9, = 9.10, use exploit/linux/persistence/initupstart msf exploitinitupstart show targets ...targets... msf...

CentOS 6 : chromium-browser (RHSA-2020:0738)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0738 advisory. - An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer...

CentOS 6 : chromium-browser (RHSA-2020:5165)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5165 advisory. - Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a...

CentOS 6 : thunderbird (RHSA-2020:2966)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2966 advisory. - Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This...

CentOS 6 : thunderbird (RHSA-2020:5164)

The remote CentOS Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:5164 advisory. - In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This...

CentOS 6 : chromium-browser (RHSA-2020:0779)

The remote CentOS Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0779 advisory. - Insufficient policy enforcement in media in Google Chrome prior to 80.0.3987.132 allowed a remote attacker to bypass same origin policy via a crafted HTML pag...

CentOS 6 : tomcat6 (RHSA-2020:2529)

The remote CentOS Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2529 advisory. - When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the...

CentOS 6 : kernel (RHSA-2020:2933)

The remote CentOS Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2933 advisory. - The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka...

CentOS 6 : flash-plugin (RHSA-2020:2547)

The remote CentOS Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2547 advisory. - Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft...

CentOS 6 : chromium-browser (RHSA-2020:2643)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2643 advisory. - Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML...

CentOS 6 : chromium-browser (RHSA-2020:3377)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3377 advisory. - Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via ...

CentOS 6 : flash-plugin (RHSA-2020:0513)

The remote CentOS Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0513 advisory. - Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion...

CentOS 6 : thunderbird (RHSA-2020:5238)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5238 advisory. - Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted...

CentOS 6 : chromium-browser (RHSA-2020:3723)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3723 advisory. - Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a...

CentOS 6 : chromium-browser (RHSA-2020:3740)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3740 advisory. - Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to...

CentOS 6 : firefox (RHSA-2020:5104)

The remote CentOS Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:5104 advisory. - In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This...

CentOS 6 : chromium-browser (RHSA-2020:4351)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4351 advisory. - Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a craft...

CentOS 6 : chromium-browser (RHSA-2020:0514)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0514 advisory. - In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to...

CentOS 6 : thunderbird (RHSA-2020:4158)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4158 advisory. - Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption an...

CentOS 6 : java-1.7.1-ibm (RHSA-2020:2236)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2236 advisory. - Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 a...