Strict matchers for CVE-2017-10271

2022-06-02 03:58:36 +05:30 · 2022-06-02 03:58:36 +05:30 · c0e3b8681f
parent 7a12e259eb
commit c0e3b8681f
1 changed files with 11 additions and 11 deletions
--- a/cves/2017/CVE-2017-10271.yaml
+++ b/cves/2017/CVE-2017-10271.yaml
@ -81,16 +81,16 @@ requests:
        </soapenv:Envelope>

    stop-at-first-match: true
-    matchers-condition: and
+    matchers-condition: or
    matchers:
-      - type: regex
-        regex:
-          - "<faultstring>.*</faultstring>"
-          - "{{randstr}}"
-        condition: or
+      - type: dsl
+        dsl:
+          - regex("<faultstring>.*</faultstring>", body)
+          - status_code == 500
+        condition: and

-      - type: status
-        status:
-          - 500
-          - 200
-        condition: or
+      - type: dsl
+        dsl:
+          - body == "{{randstr}}"
+          - status_code == 200
+        condition: and