From dd2322c7f28a5d43e8264a0fedd7fe2f115b9183 Mon Sep 17 00:00:00 2001 From: sandeep Date: Sat, 19 Mar 2022 15:15:41 +0530 Subject: [PATCH] tags update --- cves/2001/CVE-2001-1473.yaml | 2 +- cves/2010/CVE-2010-1870.yaml | 6 +++++- cves/2016/CVE-2016-4975.yaml | 5 +++-- cves/2016/CVE-2016-6210.yaml | 2 +- cves/2021/CVE-2021-24838.yaml | 2 +- cves/2021/CVE-2021-42237.yaml | 2 +- 6 files changed, 12 insertions(+), 7 deletions(-) diff --git a/cves/2001/CVE-2001-1473.yaml b/cves/2001/CVE-2001-1473.yaml index 41b50fed4e..ffd865d833 100644 --- a/cves/2001/CVE-2001-1473.yaml +++ b/cves/2001/CVE-2001-1473.yaml @@ -4,7 +4,7 @@ info: name: Deprecated SSHv1 Protocol Detection author: iamthefrogy severity: high - tags: network,ssh,openssh,cves,cves2001 + tags: cve,cve2001,network,ssh,openssh description: SSHv1 is deprecated and has known cryptographic issues. remediation: Upgrade to SSH 2.4 or later. reference: diff --git a/cves/2010/CVE-2010-1870.yaml b/cves/2010/CVE-2010-1870.yaml index ade39e5007..edecc3bdc3 100644 --- a/cves/2010/CVE-2010-1870.yaml +++ b/cves/2010/CVE-2010-1870.yaml @@ -1,4 +1,5 @@ id: CVE-2010-1870 + info: name: ListSERV Maestro <= 9.0-8 RCE author: b0yd @@ -8,17 +9,19 @@ info: reference: - https://www.securifera.com/advisories/sec-2020-0001/ - https://packetstormsecurity.com/files/159643/listservmaestro-exec.txt - tags: rce,listserv,ognl,cves,cve2010 + tags: cve,cve2010,rce,listserv,ognl classification: cvss-metrics: AV:N/AC:L/Au:N/C:N/I:P/A:N cvss-score: 5.0 cve-id: CVE-2010-1870 cwe-id: CWE-917 + requests: - method: GET path: - "{{BaseURL}}/lui/" - "{{BaseURL}}/hub/" + extractors: - type: regex regex: @@ -26,4 +29,5 @@ requests: - 'LISTSERV Maestro\s+[5678]' - 'Administration Hub 9\.0-[123456780]' - 'Administration Hub [5678]' + # Enhanced by mp on 2022/02/15 diff --git a/cves/2016/CVE-2016-4975.yaml b/cves/2016/CVE-2016-4975.yaml index 3be31a05a0..1fa0c07573 100644 --- a/cves/2016/CVE-2016-4975.yaml +++ b/cves/2016/CVE-2016-4975.yaml @@ -6,7 +6,6 @@ info: severity: medium description: Apache CRLF injection allowing HTTP response splitting attacks on sites using mod_userdir. remediation: Upgrade to Apache HTTP Server 2.2.32/2.4.25 or higher. - tags: crlf,generic,cves,cve2016,apache reference: - https://httpd.apache.org/security/vulnerabilities_22.html#CVE-2016-4975 - https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2016-4975 @@ -15,6 +14,7 @@ info: cvss-score: 6.1 cve-id: CVE-2016-4975 cwe-id: CWE-93 + tags: cve,cve2016,crlf,generic,apache requests: - method: GET @@ -22,7 +22,8 @@ requests: - "{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection" matchers: - type: regex + part: header regex: - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)' - part: header + # Enhanced by cs on 2022/02/14 diff --git a/cves/2016/CVE-2016-6210.yaml b/cves/2016/CVE-2016-6210.yaml index 86c405ed7a..12fe112fee 100644 --- a/cves/2016/CVE-2016-6210.yaml +++ b/cves/2016/CVE-2016-6210.yaml @@ -4,7 +4,7 @@ info: name: OpenSSH username enumeration < v7.3 author: iamthefrogy,forgedhallpass severity: medium - tags: network,openssh + tags: cve,cve2016,network,openssh description: OpenSSH before 7.3 is vulnerable to username enumeration and DoS vulnerabilities. reference: - http://seclists.org/fulldisclosure/2016/Jul/51 diff --git a/cves/2021/CVE-2021-24838.yaml b/cves/2021/CVE-2021-24838.yaml index 330119c99b..c1473036e2 100644 --- a/cves/2021/CVE-2021-24838.yaml +++ b/cves/2021/CVE-2021-24838.yaml @@ -8,12 +8,12 @@ info: reference: - https://wpscan.com/vulnerability/562e81ad-7422-4437-a5b4-fcab9379db82 - https://nvd.nist.gov/vuln/detail/CVE-2021-24838 - tags: wordpress,wp-plugin,open-redirect classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.10 cve-id: CVE-2021-24838 cwe-id: CWE-601 + tags: cve,cve2021,wordpress,wp-plugin,open-redirect requests: - method: GET diff --git a/cves/2021/CVE-2021-42237.yaml b/cves/2021/CVE-2021-42237.yaml index 747e489ffb..8f3b6e0490 100644 --- a/cves/2021/CVE-2021-42237.yaml +++ b/cves/2021/CVE-2021-42237.yaml @@ -23,7 +23,7 @@ info: cvss-score: 9.80 cve-id: CVE-2021-42237 cwe-id: CWE-502 - tags: rce,sitecore,deserialization,oast + tags: cve,cve2021,rce,sitecore,deserialization,oast requests: - raw: