mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
2.9 KiB
2.9 KiB
CVE-2019-1003000
Description
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.
POC
Reference
- http://packetstormsecurity.com/files/152132/Jenkins-ACL-Bypass-Metaprogramming-Remote-Code-Execution.html
- https://www.exploit-db.com/exploits/46453/
- https://www.exploit-db.com/exploits/46572/
Github
- https://github.com/0xT11/CVE-POC
- https://github.com/0xtavian/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins
- https://github.com/1NTheKut/CVE-2019-1003000_RCE-DETECTION
- https://github.com/20142995/pocsuite3
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/BLACKHAT-SSG/Pwn_Jenkins
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/GhostTroops/TOP
- https://github.com/HimmelAward/Goby_POC
- https://github.com/JERRY123S/all-poc
- https://github.com/PetrusViet/Jenkins-bypassSandBox-RCE
- https://github.com/PwnAwan/Pwn_Jenkins
- https://github.com/Rajchowdhury420/Secure-or-Break-Jenkins
- https://github.com/SexyBeast233/SecBooks
- https://github.com/TheBeastofwar/JenkinsExploit-GUI
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Z0fhack/Goby_POC
- https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc
- https://github.com/anquanscan/sec-tools
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/gquere/pwn_jenkins
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hktalent/TOP
- https://github.com/hktalent/bug-bounty
- https://github.com/huimzjty/vulwiki
- https://github.com/jaychouzzk/-
- https://github.com/jbmihoub/all-poc
- https://github.com/merlinepedra25/AttackWebFrameworkTools-5.0
- https://github.com/onewinner/VulToolsKit
- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
- https://github.com/purple-WL/Jenkins_CVE-2019-1003000
- https://github.com/reph0r/poc-exp
- https://github.com/reph0r/poc-exp-tools
- https://github.com/retr0-13/pwn_jenkins
- https://github.com/slowmistio/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins
- https://github.com/superfish9/pt
- https://github.com/trganda/starrlist
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/wetw0rk/Exploit-Development
- https://github.com/woods-sega/woodswiki