Adding a 2000 cve because I tragically came across it today...

2021-11-23 16:46:22 -07:00 · 2021-11-23 16:46:22 -07:00 · 45521a075f
parent 42a9f46f94
commit 45521a075f
1 changed files with 26 additions and 0 deletions
--- a/cves/2000/CVE-2000-0114.yaml
+++ b/cves/2000/CVE-2000-0114.yaml
@ -0,0 +1,26 @@
+id: CVE-2000-0114
+
+info:
+  name: Microsoft FrontPage Extensions Check ()
+  author: r3naissance
+  severity: low
+  description: Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.
+  reference: https://nvd.nist.gov/vuln/detail/CVE-2000-0114
+  tags: cve,cve2000,frontpage
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/_vti_inf.html'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: body
+        words:
+          - "_vti_bin/shtml.dll"