Create CVE-2009-0347.yaml

2023-06-14 21:27:46 +05:30 · 2023-06-14 21:27:46 +05:30 · 1efe11f250
parent f82fa792a1
commit 1efe11f250
1 changed files with 34 additions and 0 deletions
--- a/http/cves/2009/CVE-2009-0347.yaml
+++ b/http/cves/2009/CVE-2009-0347.yaml
@ -0,0 +1,34 @@
+id: CVE-2009-0347
+
+info:
+  name: Autonomy Ultraseek- Open Redirect
+  author: ctflearner
+  severity: medium
+  description: |
+    Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-0347 
+    - https://www.exploit-db.com/exploits/32766 
+    - https://www.kb.cert.org/vuls/id/202753 
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/48336 
+  classification:
+    cvss-metrics: AV:N/AC:M/Au:N/C:N/I:P/A:P
+    cvss-score: 5.8
+    cve-id: CVE-2009-0347
+    cwe-id: CWE-59
+    cpe: cpe:2.3:a:autonomy:ultraseek:_nil_:*:*:*:*:*:*:*
+  metadata:
+    max-request: 1
+    
+  tags: cve,cve2009,redirect,Autonomy Ultraseek
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cs.html?url=http://www.example2.com"
+
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:http?://|//)(?:[a-zA-Z0-9\-_\.@]*)example2\.com.*$'