Merge pull request #6 from todb-r7/fixup-pr3880

Fix description
kernelsmith · Sep 24, 2014 · 2b127ea · 2b127ea
2 parents ca63fe9 + 2f788c2
commit 2b127ea
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/modules/auxiliary/admin/http/bash_env.rb b/modules/auxiliary/admin/http/bash_env.rb
@@ -11,9 +11,15 @@ class Metasploit4 < Msf::Auxiliary
 
   def initialize(info = {})
     super(update_info(info,
-      'Name' => 'Bash Specially-Crafted Environment Variables Code Injection Attack (PoC)',
+      'Name' => 'Bash Specially-Crafted Environment Variables Code Injection Attack',
       'Description' => %q{
-        This module exploits a vulnerability.
+        This module exploits a remote command injection vulnerability in bash,
+        a popular shell environment, over an HTTP CGI vector. By passing a specially-crafted
+        string that is set as an environment variable, attckers may execute arbitrary operating
+        system commands.
+
+        For this version of the exploit, the target must already have netcat (nc) compiled with the
+        -e option.
       },
       'Author' => ['wvu'],
       'References' => [