nuclei-templates/http/cves/2015/CVE-2015-1635.yaml

id: CVE-2015-1635
info:
  name: HTTP.sys Remote Code Execution Vulnerability
  author: Phillipo
  severity: critical
  description: HTTP.sys in some versions of Microsoft Windows allows remote attackers to execute arbitrary code via crafted HTTP requests.
  reference:
    - https://www.exploit-db.com/exploits/36773
    - https://www.securitysift.com/an-analysis-of-ms15-034/
  classification:
    cvss-metrics: AV:N/AC:L/Au:N/C:C/I:C/A:C
    cvss-score: 10.0
    cwe-id: CWE-94
    cve-id: CVE-2015-1635
  tags: cve,cve2015,kev,microsoft

requests:
  - method: GET
    path:
      - "{{BaseURL}}/"
    headers:
      Range: "bytes=0-18446744073709551615"

    matchers:
      - type: word
        words:
          - "416"
          - "The requested range is not satisfiable"
Create CVE-2015-1635 2023-11-23 15:24:42 +00:00			`id: CVE-2015-1635`
			`info:`
			`name: HTTP.sys Remote Code Execution Vulnerability`
			`author: Phillipo`
Add files via upload 2023-11-28 14:26:36 +00:00			`severity: critical`
Create CVE-2015-1635 2023-11-23 15:24:42 +00:00			`description: HTTP.sys in some versions of Microsoft Windows allows remote attackers to execute arbitrary code via crafted HTTP requests.`
			`reference:`
			`- https://www.exploit-db.com/exploits/36773`
			`- https://www.securitysift.com/an-analysis-of-ms15-034/`
			`classification:`
			`cvss-metrics: AV:N/AC:L/Au:N/C:C/I:C/A:C`
			`cvss-score: 10.0`
			`cwe-id: CWE-94`
			`cve-id: CVE-2015-1635`
			`tags: cve,cve2015,kev,microsoft`

Add files via upload 2023-11-28 14:26:36 +00:00			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/"`
			`headers:`
			`Range: "bytes=0-18446744073709551615"`
Create CVE-2015-1635 2023-11-23 15:24:42 +00:00
			`matchers:`
			`- type: word`
			`words:`
Add files via upload 2023-11-28 14:26:36 +00:00			`- "416"`
			`- "The requested range is not satisfiable"`