Skip to content

Commit

Permalink
Merge pull request #752 from iasdeoupxe/iasdeoupxe-patch-1
Browse files Browse the repository at this point in the history 
Fix header checks in shellshock plugin
  • Loading branch information
@sullo
sullo authored Jan 8, 2022
2 parents e17f96b + 41e9494 commit ceb3034
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions program/plugins/nikto_shellshock.plugin
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ sub nikto_shellshock {
add_vulnerability( $mark, "$parameters->{'uri'}: Site appears vulnerable to the 'shellshock' vulnerability).", 999949, "CVE-2014-6271", "GET",
"$parameters->{'uri'}", $request, $response);
}
if (($response->{'93e4r0-CVE-2014-6271'} eq 'true') || ($checkcontent && ($content =~ /93e4r0-CVE-2014-6278: true/))) {
if (($response->{'93e4r0-CVE-2014-6278'} eq 'true') || ($checkcontent && ($content =~ /93e4r0-CVE-2014-6278: true/))) {
add_vulnerability( $mark, "$parameters->{'uri'}: Site appears vulnerable to the 'shellshock' vulnerability.", 999948, "CVE-2014-6278", "GET",
"$parameters->{'uri'}", $request, $response);
}
Expand All @@ -78,7 +78,7 @@ sub nikto_shellshock {
add_vulnerability( $mark, "$cgidir$file: Site appears vulnerable to the 'shellshock' vulnerability.", 999947, "CVE-2014-6271", "GET",
"$cgidir$file", $request, $response);
}
if (($response->{'93e4r0-CVE-2014-6271'} eq 'true') || ($checkcontent && ($content =~ /93e4r0-CVE-2014-6278: true/))) {
if (($response->{'93e4r0-CVE-2014-6278'} eq 'true') || ($checkcontent && ($content =~ /93e4r0-CVE-2014-6278: true/))) {
add_vulnerability( $mark, "$cgidir$file: Site appears vulnerable to the 'shellshock' vulnerability.", 999946, "CVE-2014-6278", "GET",
"$cgidir$file", $request, $response);
}
Expand Down

0 comments on commit ceb3034

Please sign in to comment.