Merge branch 'master' into more-templates

2021-03-09 14:39:49 +05:30 · 2021-03-09 14:39:49 +05:30 · c31a2c9f6c
parent 9463ecbfd9 78eaa8eb90
commit c31a2c9f6c
3 changed files with 58 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -38,12 +38,13 @@ An overview of the nuclei template directory including number of templates assoc
 | Templates      | Counts                         | Templates       | Counts                          | Templates        | Counts                         |
 | -------------- | ------------------------------ | --------------- | ------------------------------- | ---------------- | ------------------------------ |
 | cves           | 231            | vulnerabilities | 105 | exposed-panels   | 104   |
-| exposures      | 61      | technologies    | 50      | misconfiguration | 53 |
+| cves           | 232            | vulnerabilities | 105 | exposed-panels   | 103   |
+| exposures      | 61      | technologies    | 50      | misconfiguration | 54 |
 | workflows      | 23        | miscellaneous   | 16     | default-logins   | 18 |
 | exposed-tokens | 9 | dns             | 6               | fuzzing          | 4          |
 | helpers        | 2        | takeovers       | 1         | -                | -                              |

-**72 directories, 696 files**.
+**72 directories, 697 files**.

 </td>
 </tr>
--- a/cves/2015/CVE-2015-2080.yaml
+++ b/cves/2015/CVE-2015-2080.yaml
@ -0,0 +1,26 @@
+id: CVE-2015-2080
+
+info:
+  name: Eclipse Jetty Remote Leakage
+  author: pikpikcu
+  severity: medium
+  reference: https://nvd.nist.gov/vuln/detail/CVE-2015-2080
+  description: |
+       The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/"
+    headers:
+      Referer: "\x00"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 400
+      - type: word
+        words:
+          - "Illegal character 0x0 in state"
+        part: body
--- a/misconfiguration/http-etcd-unauthenticated-api-data-leak.yaml
+++ b/misconfiguration/http-etcd-unauthenticated-api-data-leak.yaml
@ -0,0 +1,29 @@
+id: http-etcd-unauthenticated-api-data-leak
+
+info:
+  name: etcd Unauthenticated HTTP API Leak
+  author: dhiyaneshDk
+  severity: high
+  reference: https://hackerone.com/reports/1088429
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/v2/auth/roles"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"roles"'
+          - '"permissions"'
+          - '"role"'
+          - '"kv"'
+        condition: and
+        part: body
+      - type: status
+        status:
+          - 200
+      - type: word
+        part: header
+        words:
+          - "text/plain"