diff --git a/cves/2017/CVE-2017-7269.yaml b/cves/2017/CVE-2017-7269.yaml index 7820174e61..2b65adb55d 100644 --- a/cves/2017/CVE-2017-7269.yaml +++ b/cves/2017/CVE-2017-7269.yaml @@ -31,7 +31,6 @@ requests: - "IIS/6.0" - type: dsl - part: header dsl: - regex("", dasl) # lowercase header name: DASL - regex("[\d]+(,\s+[\d]+)?", dav) # lowercase header name: DAV @@ -42,4 +41,5 @@ requests: - type: status status: - 200 + # Enhanced by mp on 2022/05/11 diff --git a/cves/2020/CVE-2020-11547.yaml b/cves/2020/CVE-2020-11547.yaml index f07544094c..eac278a7a9 100644 --- a/cves/2020/CVE-2020-11547.yaml +++ b/cves/2020/CVE-2020-11547.yaml @@ -27,13 +27,12 @@ requests: matchers: - type: dsl dsl: - - "contains((body_1), 'Probe #1') && contains((body_2), 'Configuration Requests Sent')" - part: body + - "contains(body_1, 'Probe #1') && contains(body_2, 'Configuration Requests Sent')" - type: word + part: body words: - "prtg_network_monitor" - part: body - type: status status: diff --git a/cves/2022/CVE-2022-24681.yaml b/cves/2022/CVE-2022-24681.yaml index de37bd1ce6..db42cf53de 100644 --- a/cves/2022/CVE-2022-24681.yaml +++ b/cves/2022/CVE-2022-24681.yaml @@ -36,7 +36,6 @@ requests: matchers-condition: and matchers: - type: dsl - part: body dsl: - compare_versions(buildnumber, '< 6121') diff --git a/exposures/configs/javascript-env.yaml b/exposures/configs/javascript-env.yaml index 13663b4f1e..4d08c3971f 100644 --- a/exposures/configs/javascript-env.yaml +++ b/exposures/configs/javascript-env.yaml @@ -25,7 +25,6 @@ requests: - 200 - type: dsl - part: header dsl: - "contains(tolower(all_headers), 'content-type: application/javascript')" @@ -49,5 +48,5 @@ requests: - "Bootstrap" - "jQuery" - "CSS TRANSITION SUPPORT" - negative: true condition: or + negative: true \ No newline at end of file diff --git a/technologies/aws/aws-bucket-service.yaml b/technologies/aws/aws-bucket-service.yaml index 643596813d..fb12d1953b 100644 --- a/technologies/aws/aws-bucket-service.yaml +++ b/technologies/aws/aws-bucket-service.yaml @@ -19,11 +19,9 @@ requests: - contains(tolower(all_headers), 'x-amz-request') - contains(tolower(all_headers), 'x-amz-id') - contains(tolower(all_headers), 'amazons3') - part: header condition: or - type: dsl dsl: - contains(tolower(all_headers), 'x-guploader-uploadid') - part: header negative: true diff --git a/technologies/google/google-bucket-service.yaml b/technologies/google/google-bucket-service.yaml index 26feaa908c..571cb5e7f1 100644 --- a/technologies/google/google-bucket-service.yaml +++ b/technologies/google/google-bucket-service.yaml @@ -21,5 +21,4 @@ requests: - contains(tolower(all_headers), 'x-goog-stored-content-encoding') - contains(tolower(all_headers), 'x-goog-stored-content-length') - contains(tolower(all_headers), 'x-guploader-uploadid') - part: header condition: or diff --git a/vulnerabilities/cisco/cucm-username-enumeration.yaml b/vulnerabilities/cisco/cucm-username-enumeration.yaml index 3665cb9687..4f310fe717 100644 --- a/vulnerabilities/cisco/cucm-username-enumeration.yaml +++ b/vulnerabilities/cisco/cucm-username-enumeration.yaml @@ -28,7 +28,6 @@ requests: condition: and - type: dsl - part: header dsl: - contains(tolower(content_type), 'application/xml') - contains(tolower(content_type), 'text/xml') diff --git a/vulnerabilities/other/qihang-media-lfi.yaml b/vulnerabilities/other/qihang-media-lfi.yaml index ea6db6c683..035e702293 100644 --- a/vulnerabilities/other/qihang-media-lfi.yaml +++ b/vulnerabilities/other/qihang-media-lfi.yaml @@ -24,14 +24,14 @@ requests: matchers-condition: and matchers: - type: word + part: header words: - "filename=QH.aspx" - "application/zip" - part: header condition: and - type: word - regex: + words: - "QH.aspx.cs" - "QiHang.Media.Web.QH" condition: and