nuclei-templates/cves/CVE-2019-11248.yaml

id: cve-2019-11248

info:
  name: exposed_pprof
  author: 0xceeb
  severity: medium

  # https://medium.com/bugbountywriteup/my-first-bug-bounty-21d3203ffdb0
  # http://mmcloughlin.com/posts/your-pprof-is-showing

requests:
  - method: GET
    path:
      - "{{BaseURL}}/debug/pprof/"
    matchers:
      - type: word
        words:
          - "Types of profiles available:"
          - "Profile Descriptions"
Normalized id fields to match schema regex 2020-09-15 19:25:55 +00:00			`id: cve-2019-11248`
Create 2019-11248.yaml 2020-08-19 14:33:23 +00:00
			`info:`
			`name: exposed_pprof`
			`author: 0xceeb`
cve update 2020-08-19 14:42:29 +00:00			`severity: medium`
Update CVE-2019-11248.yaml 2020-08-19 14:44:59 +00:00
cve update 2020-08-19 14:42:29 +00:00			`# https://medium.com/bugbountywriteup/my-first-bug-bounty-21d3203ffdb0`
			`# http://mmcloughlin.com/posts/your-pprof-is-showing`
Update CVE-2019-11248.yaml 2020-08-19 14:44:59 +00:00
Create 2019-11248.yaml 2020-08-19 14:33:23 +00:00			`requests:`
			`- method: GET`
			`path:`
Update CVE-2019-11248.yaml 2020-08-19 14:44:59 +00:00			`- "{{BaseURL}}/debug/pprof/"`
Create 2019-11248.yaml 2020-08-19 14:33:23 +00:00			`matchers:`
			`- type: word`
			`words:`
			`- "Types of profiles available:"`
Update CVE-2019-11248.yaml 2020-08-19 14:44:59 +00:00			`- "Profile Descriptions"`