Affiliation/Organization: Metasploit


Time to Patch Stats

For vulnerabilities disclosed through this affiliation where we have sufficient data to calculate the time to patch (4 vulns), the following statistics apply:

Min Time To Patch:1 days
Avg Time To Patch:30 days
Max Time To Patch:60 days

Other Affiliations

Creditees Affiliated with Metasploit have also affiliated with:

Unaffiliated (1)
iDefense Labs (1)
Corelan Team (1)
Accuvant LABS (1)
BreakingPoint Systems (1)

Website: http://www.metasploit.com/

Creditees currently or formerly associated with Metasploit (10):
(ordered by association date)

Known SinceNameVulns Through Affiliation
2001-10-25metasploit3
2006-01-11H D Moore8
2006-07-03hdm16
2006-07-05H.D. Moore1
2009-11-17Joshua J. Drake1
2010-10-04Mario Ceballos8
2010-10-19MC1
2010-12-07jduck2
2012-04-04Lukas Kupczyk2
2012-12-08sinn3r1

Disclosed Vulnerabilities (42):

Discl. DateOSVDB IDCVE IDCrediteesTitle
2012-12-08 88302 sinn3r
 FreeFloat FTP Server Unrestricted File Write
2012-12-08 88303 metasploit
 FreeFloat FTP Server Authentication Bypass
2012-07-27 84317 2012-3951 Mario Ceballos
Jonathan Claudius
Tanya Secker
 Scrutinizer NetFlow and sFlow Analyzer Default Hardcoded Admin Credentials
2012-07-27 84321 2012-3848 Mario Ceballos
Jonathan Claudius
Tanya Secker
 Scrutinizer NetFlow and sFlow Analyzer /d4d/exporters.php Multiple Parameter XSS
2012-07-27 84318 2012-2626 Mario Ceballos
Jonathan Claudius
Tanya Secker
 Scrutinizer NetFlow and sFlow Analyzer HTTP Request Parsing Authentication Bypass
2012-07-27 84320 2012-3848 Mario Ceballos
Jonathan Claudius
Tanya Secker
 Scrutinizer NetFlow and sFlow Analyzer /d4d/contextMenu.php Multiple Parameter XSS
2012-07-27 84319 2012-2627 Mario Ceballos
Jonathan Claudius
Tanya Secker
 Scrutinizer NetFlow and sFlow Analyzer HTTP Request Parsing Arbitrary File Upload
2012-04-04 81276 Lukas Kupczyk
 ownCloud Predictable Token Password Reset Weakness
2012-04-04 81277 2012-4389 Lukas Kupczyk
 ownCloud .htaccess overwrite Arbitrary File Upload
2010-12-07 69685 2010-4344 jduck
 Exim string_format Function Remote Overflow
2010-12-07 69860 2010-4345 jduck
hdm
 Exim exim User Account Configuration File Directive Local Privilege Escalation
2010-10-20 69027 2010-4741 Rubén Santamarta
Mario Ceballos
 MOXA Device Manager (MDM) Tool MDM2_Gateway Response Overflow
2010-10-19 68986 2010-4742 MC
 MOXA MediaDBPlayback.DLL ActiveX PlayFileName() Overflow
2010-10-04 68329 Mario Ceballos
 CA Brightstor ARCServe Backup Message Engine DCERPC Opcode 0x72 Overflow
2010-10-04 68330 Mario Ceballos
 CA Brightstor ARCServe Backup Tape Engine DCERPC Opcode 0x8A Overflow
2010-08-02 86375 2010-2966 hdm
 Wind River Systems' VxWorks FTP Service Weak Hasing Algorithm Brute Force Weakness
2010-08-02 66909 2010-2966 hdm
 Wind River Systems' VxWorks INCLUDE_SECURITY Functionality Multiple Parameter Hardcoded Credentials Creation
2010-08-02 66843 2010-2967 H D Moore
 Wind River Systems' VxWorks loginLib Default Hashing Algorithm Weakness
2010-08-02 66842 2010-2965 H D Moore
 Wind River Systems' VxWorks WDB Debug Service Remote Arbitrary Memory Manipulation
2010-08-02 66910 2010-2968 hdm
 Wind River Systems' VxWorks FTP Daemon TCP Connection Termination Weakness
2009-11-17 60181 2009-4769 Joshua J. Drake
 httpdx FTP Server tolog() Function Format String
2008-07-11 64341 H D Moore
 Microsoft Windows Unspecified SMB Negotiation Remote DoS
2006-08-08 27842 2006-3643 Yorick Koster
H D Moore
Tom Gilder
 Microsoft Management Console (MMC) HTML-embedded Resource XSS Arbitrary Command Execution
2006-07-27 27530 2006-3943 hdm
 Microsoft IE NDFXArtEffects Multiple Property Overflow
2006-07-23 27232 2006-3897 hdm
 Microsoft IE NMSA.ASFSourceMediaDescription dispValue Overflow
2006-07-23 27372 2006-3944 hdm
 Microsoft IE Forms Multiple Object ListWidth Property Overflow
2006-07-19 27112 2006-3910 hdm
 Microsoft IE OVCtl NewDefaultItem Method NULL Dereference
2006-07-17 27110 2006-3730 hdm
 Microsoft IE WebViewFolderIcon setSlice Overflow
2006-07-16 27108 2006-3659 H D Moore
 Microsoft IE MHTMLFile Multiple Property NULL Dereference
2006-07-14 27059 2006-3658 metasploit
 Microsoft IE FolderItem Object NULL Dereference
2006-07-12 27057 2006-3605 hdm
 Microsoft IE DXImageTransform.Microsoft.RevealTrans Transition Property NULL Dereference
2006-07-11 27056 2006-3591 hdm
 Microsoft IE TriEditDocument URL Property NULL Dereference
2006-07-10 27055 2006-3511 hdm
 Microsoft IE HtmlDlgSafeHelper fonts Property NULL Dereference
2006-07-09 27014 2006-3512 hdm
 Microsoft IE Object.Microsoft.DXTFilter Enabled Property NULL Dereference
2006-07-08 27013 2006-3513 hdm
 Microsoft IE DirectAnimation.DAUserData Data Property NULL Dereference
2006-07-07 26955 2006-3510 hdm
 Microsoft IE RDS.DataControl SysAllocStringLen Invalid Length Issue
2006-07-05 26839 2006-3427 H.D. Moore
 Microsoft IE DirectAnimation.StructuredGraphicsControl SourceURL NULL Dereference
2006-07-03 26836 2005-4840 hdm
 Microsoft IE OutlookExpress.AddressBook COM Object NULL Dereference
2006-06-14 64340 H D Moore
 Microsoft Windows RRAS InterfaceAdjustVLSPointers Null Dereference Remote DoS
2006-02-24 31647 2006-1016 H D Moore
 Microsoft IE Javascript IsComponentInstalled Overflow
2006-01-11 22976 2006-0020 H D Moore
 Microsoft IE Crafted WMF Header Size Arbitrary Code Execution
2001-10-25 85840 metasploit
 Microsoft Windows lpApplicationName Function Path Subversion Local Privilege Escalation

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2013 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use