Create CVE-2008-1547.yaml

Added a new Nuclei-Template as CVE-2008-1547

http/cves/2008/CVE-2008-1547.yaml

@@ -0,0 +1,49 @@
+id: CVE-2008-1547
+info:
+  name: Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 v6.5.7638 - Open Redirect
+  description: | 
+    .Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter.
+  author: ctflearner
+  severity: medium
+  tags: 
+     - Microsoft Outlook Web Access (OWA)
+     - OWA
+     - Exchange Server 2003 SP2
+     - Open redirect
+     - web
+     - cve2008
+  reference:
+    - https://www.exploit-db.com/exploits/32489
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-1547 
+    - https://exchange.xforce.ibmcloud.com/vulnerabilities/46061 
+    - https://cxsecurity.com/issue/WLB-2008100048 
+    
+  classification:
+    cvss-metrics: CVSS:2.0/(AV:N/AC:M/Au:N/C:N/I:P/A:N)
+    cvss-score: 4.3
+    cve-id: CVE-2008-1547
+    cwe-id: CWE-601
+    cpe: cpe:2.3:a:microsoft:exchange_server:2003:sp2:*:*:*:*:*:*
+  
+  metadata:
+    max-request: 1
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/exchweb/bin/redir.asp?URL=http://www.evil.com"
+    
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)evil\.com\/?(\/|[^.].*)?$'
+      - type: status
+        status:
+          - 301
+          - 302
+          - 307
+          - 308
+        condition: or