search

ashenchowthee / zaproxy

Automatically exported from code.google.com/p/zaproxy
0 stars 0 forks source link

Create Scanner for MS15-034 #1601

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
https://isc.sans.edu/forums/diary/MS15034+HTTPsys+IIS+DoS+And+Possible+Remote+Co
de+Execution+PATCH+NOW/19583/

https://ma.ttias.be/remote-code-execution-via-http-request-in-iis-on-windows/

Original issue reported on code.google.com by kingtho...@gmail.com on 15 Apr 2015 at 6:54

GoogleCodeExporter commented 9 years ago 
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1635

Original comment by kingtho...@gmail.com on 15 Apr 2015 at 6:55

GoogleCodeExporter commented 9 years ago 
The only poc checks that are publicly available right now are indicative at 
best. We could implement the check easily enough, but I'd expect we will have 
to re - implement once more information becomes available on the vulnerability.

Original comment by colm.p.o...@gmail.com on 16 Apr 2015 at 11:23

GoogleCodeExporter commented 9 years ago 
Agreed. 

I just wanted to setup an item for this so we didn't lose track of it. I'm 
having some system issues right now and might not even be able to do the coding 
:(

I'm thinking that in order to rapidly turn this around it might be better to 
implement as a targeted script (or active script) [at least initially]. When I 
created this yesterday I hadn't even had a chance (and still haven't) to look 
for decent examples/templates for those.... So many fun things to tackle, so 
little time :(

Original comment by kingtho...@gmail.com on 16 Apr 2015 at 2:10

GoogleCodeExporter commented 9 years ago 
https://isc.sans.edu/forums/diary/MS15034+HTTPsys+IIS+DoS+And+Possible+Remote+Co
de+Execution+PATCH+NOW/19583/

Original comment by kingtho...@gmail.com on 16 Apr 2015 at 3:46

GoogleCodeExporter commented 9 years ago 
http://blog.didierstevens.com/2015/04/17/ms15-034-detection-some-observations/

Original comment by kingtho...@gmail.com on 17 Apr 2015 at 1:35

GoogleCodeExporter commented 9 years ago 
Reducing priority. 

May eventually discard the idea, without a doubt Nessus, OpenVAS, and NMAP have 
come up with scanners for this. We don't need to check every single thing.

Original comment by kingtho...@gmail.com on 21 May 2015 at 1:31

GoogleCodeExporter commented 9 years ago 
ZAP has been migrated to github

This issue will be on github issues with the same ID: 
https://github.com/zaproxy/zaproxy/issues

Original comment by psii...@gmail.com on 5 Jun 2015 at 9:18