From 103da3a9ddb7235d25c148fc3485d6d3d0911e87 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Fri, 30 Aug 2024 18:37:32 +0530
Subject: [PATCH] minor-update

---
 .../cves/2024/CVE-2024-38473.yaml             | 20 +++++++++----------
 1 file changed, 9 insertions(+), 11 deletions(-)
 rename CVE-2024-38473.yaml => http/cves/2024/CVE-2024-38473.yaml (84%)

diff --git a/CVE-2024-38473.yaml b/http/cves/2024/CVE-2024-38473.yaml
similarity index 84%
rename from CVE-2024-38473.yaml
rename to http/cves/2024/CVE-2024-38473.yaml
index 47097e6e44..22b6eecd5b 100644
--- a/CVE-2024-38473.yaml
+++ b/http/cves/2024/CVE-2024-38473.yaml
@@ -4,8 +4,10 @@ info:
   name: Apache HTTP Server - ACL Bypass
   author: pdteam
   severity: high
-  description: Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.
-  remediation: Fixed in v2.4.60
+  description: |
+    Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests.
+  remediation: |
+    Fixed in v2.4.60
   reference:
     - https://blog.orange.tw/2024/08/confusion-attacks-en.html#%E2%9A%94%EF%B8%8F-Primitive-1-2-ACL-Bypass
     - https://www.cvedetails.com/cve/CVE-2024-38473/
@@ -25,9 +27,10 @@ info:
     vendor: Apache Software Foundation
     product: Apache HTTP Server
     google-query: intitle:"Apache HTTP Server" inurl:"/server-status"
-  tags: cve, apache, acl-bypass, mod_proxy, php-fpm
+  tags: cve,cve2024,apache,acl-bypass,mod_proxy,php-fpm
+
 flow: |
-  http(1) && http(2) 
+  http(1) && http(2)
   http(3)
 
 http:
@@ -52,6 +55,7 @@ http:
         - bin/cron.php
         - cache/index.tpl.php
         - cpanel.php
+
     stop-at-first-match: true
     matchers:
       - type: status
@@ -59,7 +63,7 @@ http:
           - 403
           - 401
         internal: true
-   
+
   - method: GET
     path:
       - "{{BaseURL}}/{{http_1_files}}%3ftest.php"
@@ -80,9 +84,3 @@ http:
           - "On Debian systems, the complete text of the GNU General Public License"
           - "This package was written by Peter Tobias"
         condition: and
-
-          
-
-
-  
-  
\ No newline at end of file