This Metasploit module attempts to gain root privileges by exploiting a vulnerability in ktsuss versions 1.4 and prior. The ktsuss executable is setuid root and does not drop privileges prior to executing user specified commands, resulting in command execution with root privileges. This module has been tested successfully on ktsuss 1.3 on SparkyLinux 6 (2019.08) (LXQT) (x64) and ktsuss 1.3 on SparkyLinux 5.8 (LXQT) (x64).
60b05f9c8dd9618a16984179687837c73ed7d9f5164d7df7821f81dfa103046c
This Metasploit module exploits a serialization flaw in MovableType before 5.2.12 to execute arbitrary code. The default nondestructive mode depends on the target server having the Object::MultiType and DateTime Perl modules installed in Perl's @INC paths. The destructive mode of operation uses only required MovableType dependencies, but it will noticeably corrupt the MovableType installation.
17bd25538ea89d3859076c963f08d57cc0e1cb2c94aab6ad5023702b569a06b8
This advisory alerts you of a potential security issue with your Foswiki installation. A vulnerability has been reported against the core Perl module CPAN:Locale::Maketext, which Foswiki uses to provide translations when {UserInterfaceInternationalization} is enabled in the configuration. Because of this vulnerability it may be possible for a user to invoke arbitrary perl modules on the server through a crafted macro.
023db9151bd2be81fe7fb2120f8132f7dc0869271e0ab523331a0d259b93ee55