daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update oracle-ebs-bispgraph-file-access.yaml

patch-1
Prince Chaddha 2022-05-31 14:32:35 +05:30 committed by GitHub
parent 399f4d1434
commit 236a91ffd6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml
View File

@ -4,7 +4,8 @@ info:
name: Oracle eBusiness Suite - Improper File Access
author: emenalf,tirtha_mandal,thomas_from_offensity
severity: critical
description: Oracle eBusiness Suite is susceptible to improper file access vulnerabilities via bispgrapgh. Be aware this product is no longer supported with patches or security fixes.
description: |
Oracle eBusiness Suite is susceptible to improper file access vulnerabilities via bispgrapgh. Be aware this product is no longer supported with patches or security fixes.
reference:
- https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite-wp-4.pdf
- http://www.davidlitchfield.com/AssessingOraclee-BusinessSuite11i.pdf
@ -18,8 +19,8 @@ requests:
matchers:
- type: regex
part: body
regex:
- "root:.*:0:0:"
part: body
# Enhanced by mp on 2022/05/26