lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <e3848b87281ee617489dee48b9dde008@redtimmy.com> Date: Fri, 13 Mar 2020 21:29:47 +0100 From: Red Timmy Security <publications@...timmy.com> To: fulldisclosure@...lists.org Subject: [FD] RichFaces exploitation toolkit Hi, The RichFaces library has been vulnerable to many Java deserialization and EL injection vulnerabilities. This infamous library is included with many JSF web applications for providing advanced UI elements beyond the (very limited) set that is built-in with the framework. Therefore, many websites using JSF are vulnerable to exploitation. Until now, the vulnerabilities had to be exploited manually. Richsploit is a toolkit that can exploit multiple versions of RichFaces: RichFaces 3 3.1.0 ≤ 3.3.3 CVE-2013-2165 3.1.0 ≤ 3.3.4 CVE-2018-12533 3.1.0 ≤ 3.3.4 CVE-2018-14667 RichFaces 4 4.0.0 ≤ 4.3.2 CVE-2013-2165 4.0.0 ≤ 4.5.4 CVE-2015-0279 4.5.3 ≤ 4.5.17 CVE-2018-12532 For more information, please read our blog post at: https://www.redtimmy.com/java-hacking/richsploit-one-tool-to-exploit-all-versions-of-richfaces-ever-released/ The tool can be downloaded from GitHub: https://github.com/redtimmy/Richsploit Regards, Red Timmy Security _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists