updated matchers

2024-03-28 00:19:28 +05:30 · 2024-03-28 00:19:28 +05:30 · 04c1d76fed
parent ce388acf79
commit 04c1d76fed
1 changed files with 13 additions and 10 deletions
--- a/http/exposures/configs/deployment-ini.yaml
+++ b/http/exposures/configs/deployment-ini.yaml
@ -1,15 +1,15 @@
 id: deployment-ini

 info:
-  name: FTP Deployment config file
+  name: FTP Deployment Config File - Exposure
  author: Michal Mikolas (nanuqcz)
-  severity: critical
-  description: Config file for "FTP deployment" utility usually contains server's FTP credentials in plain text.
-  remediation: Delete the config file from server & add it to `ignore` section of the deployment file. Or block access to the file using `.htaccess` on the server.
-  reference: https://github.com/dg/ftp-deployment
-  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
-    cvss-score: 9.8
+  severity: medium
+  description: |
+    Config file for "FTP deployment" utility usually contains server's FTP credentials in plain text.
+  remediation: |
+     Delete the config file from server & add it to `ignore` section of the deployment file. Or block access to the file using `.htaccess` on the server.
+  reference:
+    - https://github.com/dg/ftp-deployment
  metadata:
    vendor: dg
    product: ftp-deployment
@ -31,8 +31,11 @@ http:
      - "{{BaseURL}}/ftps.ini"
      - "{{BaseURL}}/sftp.ini"

-    matchers-condition: or
+    stop-at-first-match: true
+
    matchers:
      - type: regex
        regex:
-          - "remote\\s*=\\s*"
+          - "^remote\\s*=\\s*"
+          - '^\[(.*?)\]$'
+        condition: and