CVE-2015-8103

Related Files

Jenkins-CI Unauthenticated Script-Console Scanner

Posted Sep 1, 2024

Authored by altonjx, Jeffrey Cap | Site metasploit.com

This Metasploit module scans for unauthenticated Jenkins-CI script consoles and executes the specified command.

tags | exploit

advisories | CVE-2015-8103

SHA-256 | 53d9d1136ce2f5886b4a8ce54a4d0483aa965be83698aed6eab71a5930ded211

Download | Favorite | View

Red Hat Security Advisory 2016-0489-01

Posted Mar 23, 2016

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0489-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. The following security issue is addressed with this release: It was found that ActiveMQ did not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the ActiveMQ application.

tags | advisory, remote, arbitrary

systems | linux, redhat

advisories | CVE-2015-5254, CVE-2015-5317, CVE-2015-5318, CVE-2015-5319, CVE-2015-5320, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323, CVE-2015-5324, CVE-2015-5325, CVE-2015-5326, CVE-2015-7537, CVE-2015-7538, CVE-2015-7539, CVE-2015-8103

SHA-256 | c167e3d8f6f600ab83c359b1f2e0d619cadb47f08e42a17fb9a8a88b9b2d5e66

Download | Favorite | View

Jenkins CLI RMI Java Deserialization

Posted Dec 14, 2015

Authored by juan vazquez, Christopher Frohoff, Louis Sato, William Vu, Wei Chen, Steve Breen, Dev Mohanty | Site metasploit.com

This Metasploit module exploits a vulnerability in Jenkins. An unsafe deserialization bug exists on the Jenkins master, which allows remote arbitrary code execution. Authentication is not required to exploit this vulnerability.

tags | exploit, remote, arbitrary, code execution

advisories | CVE-2015-8103

SHA-256 | 782645570bac4c529e2ccd8ab1e298b919bf154a4c1e1619b5df9efcd12e1501

Download | Favorite | View