FreeBSD : Template::Toolkit -- Directory traversal on write (2bab995f-36d4-11ea-9dad-002590acae31) - Nessus

Critical Plugin ID: 132879

This page contains detailed information about the FreeBSD : Template::Toolkit -- Directory traversal on write (2bab995f-36d4-11ea-9dad-002590acae31) Nessus plugin including available exploits and PoCs found on GitHub, in Metasploit or Exploit-DB for verifying of this vulnerability.

Table Of Contents

hide

Plugin Overview
Vulnerability Information

Synopsis
Description
Solution

Public Exploits
Risk Information
Plugin Source
How to Run
References
Version

Plugin Overview

ID: 132879
Name: FreeBSD : Template::Toolkit -- Directory traversal on write (2bab995f-36d4-11ea-9dad-002590acae31)
Filename: freebsd_pkg_2bab995f36d411ea9dad002590acae31.nasl
Vulnerability Published: 2019-12-13
This Plugin Published: 2020-01-15
Last Modification Time: 2022-02-25
Plugin Version: 1.8
Plugin Type: local
Plugin Family: FreeBSD Local Security Checks
Dependencies: ssh_get_info.nasl
Required KB Items [?]: Host/FreeBSD/pkg_info, Host/FreeBSD/release, Host/local_checks_enabled

Vulnerability Information

Severity: Critical
Vulnerability Published: 2019-12-13
Patch Published: 2020-01-14
CVE [?]: CVE-2019-19781
CPE [?]: cpe:/o:freebsd:freebsd, p-cpe:/a:freebsd:freebsd:p5-Template-Toolkit
Exploited by Malware: True

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Art Manion and Will Dormann report :

By using an older and less-secure form of open(), it is possible for untrusted template files to cause reads/writes outside of the template directories. This vulnerability is a component of the recent Citrix exploit.

Solution

Update the affected package.

Public Exploits

Target Network Port(s): N/A
Target Asset(s): N/A
Exploit Available: True (Metasploit Framework, Exploit-DB, GitHub, Immunity Canvas)
Exploit Ease: Exploits are available

Here's the list of publicly known exploits and PoCs for verifying the FreeBSD : Template::Toolkit -- Directory traversal on write (2bab995f-36d4-11ea-9dad-002590acae31) vulnerability:

Metasploit: exploit/freebsd/http/citrix_dir_traversal_rce
[Citrix ADC (NetScaler) Directory Traversal RCE]
Metasploit: auxiliary/scanner/http/citrix_dir_traversal
[Citrix ADC (NetScaler) Directory Traversal Scanner]
Exploit-DB: exploits/multiple/webapps/47901.sh
[EDB-47901: Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution (PoC)]
Exploit-DB: exploits/multiple/webapps/47902.py
[EDB-47902: Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution]
Exploit-DB: exploits/multiple/webapps/47913.rb
[EDB-47913: Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution (Metasploit)]
Exploit-DB: exploits/multiple/webapps/47930.txt
[EDB-47930: Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal]
GitHub: https://github.com/0ps/pocassistdb
[CVE-2019-19781]
GitHub: https://github.com/AnonVulc/Pentest-Tools
[CVE-2019-19781]
GitHub: https://github.com/Astrogeorgeonethree/Starred
[CVE-2019-19781]
GitHub: https://github.com/Castaldio86/Detect-CVE-2019-19781
[CVE-2019-19781]
GitHub: https://github.com/DIVD-NL/Citrix-CVE-2019-19781
[CVE-2019-19781]
GitHub: https://github.com/GuardaCyber/covid19-response
[CVE-2019-19781]
GitHub: https://github.com/Jabo-SCO/Shitrix-CVE-2019-19781
[CVE-2019-19781: My working exploit script for Shitrix (CVE-2019-19781)]
GitHub: https://github.com/JamesG-Zero/Shitrix-CVE-2019-19781
[CVE-2019-19781]
GitHub: https://github.com/Jean-Francois-C/Windows-Penetration-Testing
[CVE-2019-19781]
GitHub: https://github.com/Jerry-Swift/CVE-2019-19781-scanner
[CVE-2019-19781: judge vulnerability of the target]
GitHub: https://github.com/MrSeccubus/jekyll-secinfo
[CVE-2019-19781]
GitHub: https://github.com/Mr-xn/Penetration_Testing_POC
[CVE-2019-19781]
GitHub: https://github.com/Roshi99/Remote-Code-Execution-Exploit-for-Citrix-Application-Delivery-Controller-and-Citrix-Gateway-CVE-201
[CVE-2019-19781: This document explain Remote Code Execution Exploit for Citrix Application Delivery ...]
GitHub: https://github.com/S3cur3Th1sSh1t/Pentest-Tools
[CVE-2019-19781]
GitHub: https://github.com/SexyBeast233/SecBooks
[CVE-2019-19781]
GitHub: https://github.com/SharpHack/CVE-2019-19781
[CVE-2019-19781]
GitHub: https://github.com/Staubgeborener/stars
[CVE-2019-19781]
GitHub: https://github.com/VDISEC/CVE-2019-19871-AuditGuide
[CVE-2019-19781]
GitHub: https://github.com/VladRico/CVE-2019-19781
[CVE-2019-19781: Shitrix : CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit]
GitHub: https://github.com/Vulnmachines/Ctirix_RCE-CVE-2019-19781
[CVE-2019-19781: Citrix ADC RCE cve-2019-19781]
GitHub: https://github.com/amcai/myscan
[CVE-2019-19781]
GitHub: https://github.com/andripwn/CVE-2019-19781
[CVE-2019-19781: Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from Shodan API.]
GitHub: https://github.com/azams/go-citrixmash
[CVE-2019-19781]
GitHub: https://github.com/bhassani/Recent-CVE
[CVE-2019-19781]
GitHub: https://github.com/cisagov/check-your-pulse
[CVE-2019-19781]
GitHub: https://github.com/darren646/CVE-2019-19781POC
[CVE-2019-19781]
GitHub: https://github.com/dnif/content
[CVE-2019-19781]
GitHub: https://github.com/faisal6me/DFIR-Note
[CVE-2019-19781]
GitHub: https://github.com/fcp999/centos
[CVE-2019-19781]
GitHub: https://github.com/fengjixuchui/RedTeamer
[CVE-2019-19781]
GitHub: https://github.com/fireeye/ioc-scanner-CVE-2019-19781
[CVE-2019-19781: Indicator of Compromise Scanner for CVE-2019-19781]
GitHub: https://github.com/gobysec/Goby
[CVE-2019-19781]
GitHub: https://github.com/hackingyseguridad/nmap
[CVE-2019-19781]
GitHub: https://github.com/inveteck/citrix-vuln-checker
[CVE-2019-19781]
GitHub: https://github.com/itsreallynick/pcap
[CVE-2019-19781]
GitHub: https://github.com/jiangsir404/POC-S
[CVE-2019-19781]
GitHub: https://github.com/juan157/noqsg.github.io
[CVE-2019-19781]
GitHub: https://github.com/jweny/pocassistdb
[CVE-2019-19781]
GitHub: https://github.com/krayzpipes/trickt
[CVE-2019-19781]
GitHub: https://github.com/k-fire/CVE-2019-19781-exploit
[CVE-2019-19781]
GitHub: https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection
[CVE-2019-19781]
GitHub: https://github.com/mekoko/CVE-2019-19781
[CVE-2019-19781]
GitHub: https://github.com/ptresearch/Pentest-Detections
[CVE-2019-19781]
GitHub: https://github.com/pwn3z/CVE-2019-19781-Citrix
[CVE-2019-19781]
GitHub: https://github.com/qiong-qi/CVE-2019-19781-poc
[CVE-2019-19781: 修改的poc，适用于python3]
GitHub: https://github.com/r0eXpeR/supplier
[CVE-2019-19781]
GitHub: https://github.com/severnake/Pentest-Tools
[CVE-2019-19781]
GitHub: https://github.com/tdtc7/qps
[CVE-2019-19781]
GitHub: https://github.com/theyoge/AD-Pentesting-Tools
[CVE-2019-19781]
GitHub: https://github.com/whoadmin/pocs
[CVE-2019-19781]
GitHub: https://github.com/x1sec/xpasn
[CVE-2019-19781]
GitHub: https://github.com/yukar1z0e/CVE-2019-19781
[CVE-2019-19781]
GitHub: https://github.com/zenturacp/cve-2019-19781-web
[CVE-2019-19781]
GitHub: https://github.com/0xams/citrixvulncheck
[CVE-2019-19781: A script to look for CVE-2019-19781 Vulnerability within a domain and it's subdomains ...]
GitHub: https://github.com/aqhmal/CVE-2019-19781
[CVE-2019-19781: Automated script for Citrix ADC scanner (CVE-2019-19781) using hosts retrieved from ...]
GitHub: https://github.com/Azeemering/CVE-2019-19781-DFIR-Notes
[CVE-2019-19781: My Citrix ADC NetScaler CVE-2019-19781 Vulnerability DFIR notes.]
GitHub: https://github.com/b510/CVE-2019-19781
[CVE-2019-19781: 批量概念驗證用]
GitHub: https://github.com/becrevex/Citrix_CVE-2019-19781
[CVE-2019-19781: Took at stab at an NSE discovery script for CVE-2019-19781.]
GitHub: https://github.com/cisagov/check-cve-2019-19781
[CVE-2019-19781: Test a host for susceptibility to CVE-2019-19781]
GitHub: https://github.com/citrix/ioc-scanner-CVE-2019-19781
[CVE-2019-19781: Indicator of Compromise Scanner for CVE-2019-19781]
GitHub: https://github.com/DanielWep/CVE-NetScalerFileSystemCheck
[CVE-2019-19781: This script checks the Citrix Netscaler if it has been compromised by CVE-2019-19781 ...]
GitHub: https://github.com/digitalgangst/massCitrix
[CVE-2019-19781: Código desenvolvido para a verificação em massa da vulnerabilidade CVE-2019-19781 ...]
GitHub: https://github.com/digitalshadows/CVE-2019-19781_IOCs
[CVE-2019-19781: IOCs for CVE-2019-19781]
GitHub: https://github.com/hollerith/CVE-2019-19781
[CVE-2019-19781: Citrix Netscaler RCE]
GitHub: https://github.com/ianxtianxt/CVE-2019-19781
[CVE-2019-19781: Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix ...]
GitHub: https://github.com/j81blog/ADC-19781
[CVE-2019-19781: Check ADC for CVE-2019-19781]
GitHub: https://github.com/jamesjguthrie/Shitrix-CVE-2019-19781
[CVE-2019-19781: My working exploit script for Shitrix (CVE-2019-19781)]
GitHub: https://github.com/jas502n/CVE-2019-19781
[CVE-2019-19781: Citrix ADC Remote Code Execution]
GitHub: https://github.com/L4r1k/CitrixNetscalerAnalysis
[CVE-2019-19781: :microscope: Jupyter notebook to help automate some of the forensic analysis related ...]
GitHub: https://github.com/LeapBeyond/cve_2019_19781
[CVE-2019-19781: Simple tool for testing vulnerability to CVE 2019-19781]
GitHub: https://github.com/MalwareTech/CitrixHoneypot
[CVE-2019-19781: Detect and log CVE-2019-19781 scan and exploitation attempts.]
GitHub: https://github.com/mandiant/ioc-scanner-CVE-2019-19781
[CVE-2019-19781: Indicator of Compromise Scanner for CVE-2019-19781]
GitHub: https://github.com/mekhalleh/citrix_dir_traversal_rce
[CVE-2019-19781: The exploitation module for the CVE-2019-19781 #Shitrix (Vulnerability in Citrix ...]
GitHub: https://github.com/mpgn/CVE-2019-19781
[CVE-2019-19781: CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit]
GitHub: https://github.com/nmanzi/webcvescanner
[CVE-2019-19781: Gather a list of Citrix appliances in a country / state pair, and check if they're ...]
GitHub: https://github.com/onSec-fr/CVE-2019-19781-Forensic
[CVE-2019-19781: Automated forensic script hunting for cve-2019-19781]
GitHub: https://github.com/oways/CVE-2019-19781
[CVE-2019-19781: CVE-2019-19781 Citrix RCE]
GitHub: https://github.com/projectzeroindia/CVE-2019-19781
[CVE-2019-19781: Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix ...]
GitHub: https://github.com/RaulCalvoLaorden/CVE-2019-19781
[CVE-2019-19781: Python CVE-2019-19781 exploit]
GitHub: https://github.com/redscan/CVE-2019-19781
[CVE-2019-19781: CVE-2019-19781 Attack Triage Script]
GitHub: https://github.com/trustedsec/cve-2019-19781
[CVE-2019-19781: This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only ...]
GitHub: https://github.com/unknowndevice64/Exploits_CVE-2019-19781
[CVE-2019-19781: All Working Exploits]
GitHub: https://github.com/w4fz5uck5/CVE-2019-19781-CitrixRCE
[CVE-2019-19781: Citrix Unauthorized Remote Code Execution Attacker - CVE-2019-19781]
GitHub: https://github.com/x1sec/citrix-honeypot
[CVE-2019-19781: Citrix ADC (NetScaler) Honeypot. Supports detection for CVE-2019-19781 and login ...]
GitHub: https://github.com/x1sec/citrixmash_scanner
[CVE-2019-19781: A fast multi threaded scanner for Citrix ADC (NetScaler) CVE-2019-19781 - Citrixmash ...]
GitHub: https://github.com/x1sec/CVE-2019-19781
[CVE-2019-19781: DFIR notes for Citrix ADC (NetScaler) appliances vulnerable to CVE-2019-19781]
GitHub: https://github.com/ynsmroztas/citrix.sh
[CVE-2019-19781: CVE-2019-19781 bash exploit]
GitHub: https://github.com/zgelici/CVE-2019-19781-Checker
[CVE-2019-19781: Check your website for CVE-2019-19781 Vulnerable]
GitHub: https://github.com/5l1v3r1/Citrix_CVE-2019-19781
[CVE-2019-19781: Citrix adc rce]
Immunity Canvas: CANVAS

Before running any exploit against any system, make sure you are authorized by the owner of the target system(s) to perform such activity. In any other case, this would be considered as an illegal activity.

WARNING: Beware of using unverified exploits from sources such as GitHub or Exploit-DB. These exploits and PoCs could contain malware. For more information, see how to use exploits safely.

Risk Information

CVSS V2 Vector [?]: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C

CVSS Base Score:	7.5 (High)
Impact Subscore:	6.4
Exploitability Subscore:	10.0
CVSS Temporal Score:	6.5 (Medium)
CVSS Environmental Score:	NA (None)
Modified Impact Subscore:	NA
Overall CVSS Score:	6.5 (Medium)

CVSS V3 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C

CVSS Base Score:	9.8 (Critical)
Impact Subscore:	5.9
Exploitability Subscore:	3.9
CVSS Temporal Score:	9.4 (Critical)
CVSS Environmental Score:	NA (None)
Modified Impact Subscore:	NA
Overall CVSS Score:	9.4 (Critical)

Go back to menu.

Plugin Source

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from the FreeBSD VuXML database :
#
# Copyright 2003-2021 Jacques Vidrine and contributors
#
# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
# HTML, PDF, PostScript, RTF and so forth) with or without modification,
# are permitted provided that the following conditions are met:
# 1. Redistributions of source code (VuXML) must retain the above
#    copyright notice, this list of conditions and the following
#    disclaimer as the first lines of this file unmodified.
# 2. Redistributions in compiled form (transformed to other DTDs,
#    published online in any format, converted to PDF, PostScript,
#    RTF and other formats) must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer
#    in the documentation and/or other materials provided with the
#    distribution.
# 
# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#

include("compat.inc");

if (description)
{
  script_id(132879);
  script_version("1.8");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/02/25");

  script_cve_id("CVE-2019-19781");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/05/03");
  script_xref(name:"CISA-NCAS", value:"AA22-011A");

  script_name(english:"FreeBSD : Template::Toolkit -- Directory traversal on write (2bab995f-36d4-11ea-9dad-002590acae31)");
  script_summary(english:"Checks for updated package in pkg_info output");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote FreeBSD host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description",
    value:
"Art Manion and Will Dormann report :

By using an older and less-secure form of open(), it is possible for
untrusted template files to cause reads/writes outside of the template
directories. This vulnerability is a component of the recent Citrix
exploit."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.kb.cert.org/vuls/id/619785/"
  );
  # https://vuxml.freebsd.org/freebsd/2bab995f-36d4-11ea-9dad-002590acae31.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?e74959bf"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Citrix ADC (NetScaler) Directory Traversal RCE');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'CANVAS');

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:p5-Template-Toolkit");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/01/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"FreeBSD Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");

  exit(0);
}


include("audit.inc");
include("freebsd_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;

if (pkg_test(save_report:TRUE, pkg:"p5-Template-Toolkit<3.004")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

The latest version of this script can be found in these locations depending on your platform:

Linux / Unix:
/opt/nessus/lib/nessus/plugins/freebsd_pkg_2bab995f36d411ea9dad002590acae31.nasl
Windows:
C:\ProgramData\Tenable\Nessus\nessus\plugins\freebsd_pkg_2bab995f36d411ea9dad002590acae31.nasl
Mac OS X:
/Library/Nessus/run/lib/nessus/plugins/freebsd_pkg_2bab995f36d411ea9dad002590acae31.nasl

Go back to menu.

How to Run

Here is how to run the FreeBSD : Template::Toolkit -- Directory traversal on write (2bab995f-36d4-11ea-9dad-002590acae31) as a standalone plugin via the Nessus web user interface (https://localhost:8834/):

Click to start a New Scan.
Select Advanced Scan.
Navigate to the Plugins tab.
On the top right corner click to Disable All plugins.
On the left side table select FreeBSD Local Security Checks plugin family.
On the right side table select FreeBSD : Template::Toolkit -- Directory traversal on write (2bab995f-36d4-11ea-9dad-002590acae31) plugin ID 132879.
Specify the target on the Settings tab and click to Save the scan.
Run the scan.

Here are a few examples of how to run the plugin in the command line. Note that the examples below demonstrate the usage on the Linux / Unix platform.

Basic usage:

/opt/nessus/bin/nasl freebsd_pkg_2bab995f36d411ea9dad002590acae31.nasl -t <IP/HOST>

Run the plugin with audit trail message on the console:

/opt/nessus/bin/nasl -a freebsd_pkg_2bab995f36d411ea9dad002590acae31.nasl -t <IP/HOST>

Run the plugin with trace script execution written to the console (useful for debugging):

/opt/nessus/bin/nasl -T - freebsd_pkg_2bab995f36d411ea9dad002590acae31.nasl -t <IP/HOST>

Run the plugin with using a state file for the target and updating it (useful for running multiple plugins on the target):

/opt/nessus/bin/nasl -K /tmp/state freebsd_pkg_2bab995f36d411ea9dad002590acae31.nasl -t <IP/HOST>

Go back to menu.

References

See also:

Similar and related Nessus plugins:

132397 - Citrix ADC and Citrix NetScaler Gateway Arbitrary Code Execution (CTX267027)
132752 - Citrix ADC and Citrix NetScaler Gateway Arbitrary Code Execution (CTX267027) (Direct Check)

Version

This page has been produced using Nessus Professional 10.1.2 (#68) LINUX, Plugin set 202205072148.
Plugin file freebsd_pkg_2bab995f36d411ea9dad002590acae31.nasl version 1.8. For more plugins, visit the Nessus Plugin Library.

Go back to menu.

FreeBSD : Template::Toolkit -- Directory traversal on write (2bab995f-36d4-11ea-9dad-002590acae31) - Nessus

Plugin Overview

Vulnerability Information

Synopsis

Description

Solution

Public Exploits

Risk Information

Plugin Source

How to Run

References

Version

Nessus Plugin Library

Solving Problems with Office 365 Email from GoDaddy

Empire Module Library

CrackMapExec Module Library

Metasploit Android Modules

Top 16 Active Directory Vulnerabilities

Top 10 Vulnerabilities: Internal Infrastructure Pentest

Terminal Escape Injection

Cisco Password Cracking and Decrypting Guide

Capture Passwords using Wireshark

SSH Brute Force Attack Tool using PuTTY / Plink (ssh-putty-brute.ps1)

SMB Brute Force Attack Tool in PowerShell (SMBLogin.ps1)

Port Scanner in PowerShell (TCP/UDP)

Nessus CSV Parser and Extractor

Default Password Scanner (default-http-login-hunter.sh)