metasploit-framework

Commit Graph

Author	SHA1	Message	Date
sinn3r	e72303a922	Add Intersil HTTP Basic auth pass reset (originally #453 ) The modified version of pull request #453. This addresses a couple of things including: * Change the description to better explain what the vulnerability is. The advisory focuses the problem as an auth bypass, not DoS, although it can end up dosing the server. * The title and filename are changed as a result of matching that advisory's description. * Use 'TARGETURI' option instead of 'URI'. * The reset attempt needs to check if the directory actually has 401 in place, otherwise this may result a false-positive. * The last HTTP request needs to check a possible nil return value. * More verbose outputs.	2012-06-16 21:14:57 -05:00

Author

SHA1

Message

Date

sinn3r

e72303a922

Add Intersil HTTP Basic auth pass reset (originally #453 )

The modified version of pull request #453. This addresses a couple
of things including:
* Change the description to better explain what the vulnerability is.
  The advisory focuses the problem as an auth bypass, not DoS,
  although it can end up dosing the server.
* The title and filename are changed as a result of matching that
  advisory's description.
* Use 'TARGETURI' option instead of 'URI'.
* The reset attempt needs to check if the directory actually has
  401 in place, otherwise this may result a false-positive.
* The last HTTP request needs to check a possible nil return value.
* More verbose outputs.

2012-06-16 21:14:57 -05:00

1 Commits (10b733edf90ac507f545d169cbae486e68910f44)