16 matches found
Graphite Web Unsafe Pickle Handling
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
Graphite Web Unsafe Module Handling Code Execution (CVE-2013-5093)
A command injection vulnerability has been reported in Graphite Web...
CVE-2013-5093
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...
CVE-2013-5093
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...
CVE-2013-5942
Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to 1 remotestorage.py, 2 storage.py, 3 render/datalib.py, and 4 whitelist/views.py, a different vulnerability than CVE-2013-5093...
Design/Logic Flaw
Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to 1 remotestorage.py, 2 storage.py, 3 render/datalib.py, and 4 whitelist/views.py, a different vulnerability than CVE-2013-5093...
CVE-2013-5093
Graphite Web (graphite-web) versions 0.9.5–0.9.10 are affected by an unsafe use of pickle in renderLocalView (render/views.py) that enables remote code execution via a crafted serialized object. Connected advisories corroborate a remote code execution vulnerability in graphite-web involving the p...
CVE-2013-5093
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...
Fedora Update for graphite-web FEDORA-2013-15713
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for graphite-web FEDORA-2013-15710
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 18 : graphite-web-0.9.12-1.fc18 (2013-15713)
This is both an update to 0.9.12 and to address CVE-2013-5093. Correctly pull in fonts. Initial package import. Initial package import. Initial package import. Initial package import. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora securit...
Fedora 19 : graphite-web-0.9.12-1.fc19 (2013-15710)
This is both an update to 0.9.12 and to address CVE-2013-5093. Correctly pull in fonts. Initial package import. Initial package import. Initial package import. Initial package import. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora securit...
CVE-2013-5093
creationtimestamp| type| source ---|---|--- 2013-08-21 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/27752 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/graphitepickleexec.rb 2025-02-06 03:13:41+00:00| see...
Graphite Web Unsafe Pickle Handling
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Graphite Web Unsafe Pickle Handling',...
Graphite Web - Unsafe Pickle Handling (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Graphite Web Unsafe Pickle Handling',...
Graphite Web Unsafe Pickle Handling
This module exploits a remote code execution vulnerability in the pickle handling of the rendering code in the Graphite Web project between version 0.9.5 and 0.9.10 both included. This module requires Metasploit: https://metasploit.com/download Current source:...