Possible error in CVE-2017-7529.yaml matcher #424

savushkin-yauheni · 2020-09-07T12:49:28Z

nuclei-templates/cves/CVE-2017-7529.yaml

Lines 27 to 31 in 1651532

    
           words: 
        
             - "Server: nginx" 
        
             - "Content-Range" 
        
           condition: and 
        
           part: header

Hi guys!
If you check 2 exploits for that cve you will see that Content-Range should be in the body, so right now it produces false positives :
https://gist.githubusercontent.com/BlackVirusScript/75fae10a037c376555b0ad3f3da1a966/raw/d1cc081053636711881ea45c84e0971d5babe103/CVE-2017-7529.py
nixawk/labs#15

Thank you.

The text was updated successfully, but these errors were encountered:

toufik-airane · 2020-09-07T13:09:40Z

Can you check that PR? #425
Thanks.

toufik-airane · 2020-09-07T13:20:01Z

Dear @savushkin-yauheni the fix was accepted, would you mind to test the new template? Thanks.

savushkin-yauheni · 2020-09-07T13:25:10Z

Dear @savushkin-yauheni the fix was accepted, would you mind to test the new template? Thanks.

It looks fine! Thank you ;)

toufik-airane mentioned this issue Sep 7, 2020

Fix CVE-2017-7529.yaml matcher #425

Merged

ehsandeep linked a pull request Sep 7, 2020 that will close this issue

Fix CVE-2017-7529.yaml matcher #425

Merged

ehsandeep closed this as completed in #425 Sep 7, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Possible error in CVE-2017-7529.yaml matcher #424

Possible error in CVE-2017-7529.yaml matcher #424

savushkin-yauheni commented Sep 7, 2020

toufik-airane commented Sep 7, 2020

toufik-airane commented Sep 7, 2020

savushkin-yauheni commented Sep 7, 2020

Possible error in CVE-2017-7529.yaml matcher #424

Possible error in CVE-2017-7529.yaml matcher #424

Comments

savushkin-yauheni commented Sep 7, 2020

toufik-airane commented Sep 7, 2020

toufik-airane commented Sep 7, 2020

savushkin-yauheni commented Sep 7, 2020