Closed GoogleCodeExporter closed 9 years ago
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1635
Original comment by kingtho...@gmail.com
on 15 Apr 2015 at 6:55
The only poc checks that are publicly available right now are indicative at
best. We could implement the check easily enough, but I'd expect we will have
to re - implement once more information becomes available on the vulnerability.
Original comment by colm.p.o...@gmail.com
on 16 Apr 2015 at 11:23
Agreed.
I just wanted to setup an item for this so we didn't lose track of it. I'm
having some system issues right now and might not even be able to do the coding
:(
I'm thinking that in order to rapidly turn this around it might be better to
implement as a targeted script (or active script) [at least initially]. When I
created this yesterday I hadn't even had a chance (and still haven't) to look
for decent examples/templates for those.... So many fun things to tackle, so
little time :(
Original comment by kingtho...@gmail.com
on 16 Apr 2015 at 2:10
https://isc.sans.edu/forums/diary/MS15034+HTTPsys+IIS+DoS+And+Possible+Remote+Co
de+Execution+PATCH+NOW/19583/
Original comment by kingtho...@gmail.com
on 16 Apr 2015 at 3:46
http://blog.didierstevens.com/2015/04/17/ms15-034-detection-some-observations/
Original comment by kingtho...@gmail.com
on 17 Apr 2015 at 1:35
Reducing priority.
May eventually discard the idea, without a doubt Nessus, OpenVAS, and NMAP have
come up with scanners for this. We don't need to check every single thing.
Original comment by kingtho...@gmail.com
on 21 May 2015 at 1:31
ZAP has been migrated to github
This issue will be on github issues with the same ID:
https://github.com/zaproxy/zaproxy/issues
Original comment by psii...@gmail.com
on 5 Jun 2015 at 9:18
Original issue reported on code.google.com by
kingtho...@gmail.com
on 15 Apr 2015 at 6:54