Open danielsadoc opened 1 year ago
@danielsadoc Thanks! Remove it.
I think that most of those 56 links refer to checkers
https://github.com/search?q=repo%3Anomi-sec%2FPoC-in-GitHub%20checker&type=code
I think that most of those 56 links refer to checkers
https://github.com/search?q=repo%3Anomi-sec%2FPoC-in-GitHub%20checker&type=code
Yes, as you say most of these 56 links refer to checkers and here is the explanation for some artifacts cited by nomisec that are just checkers as the one that @danielsadoc commented before me. Here is the link: https://github.com/leoambrus/CheckersNomisec/blob/main/README.md
Here are 26 and I will post 26 more as soon as I can. From what I could analyze, of the 56 mentioned above, 54 are just checkers.
Sorry for the delay. I just updated the list with the other codes that we consider checkers. We have to change a little the repository but here is the new link for the Checkers on your repository https://github.com/leoambrus/Tagging-Nomisec/blob/main/Checkers/Positives.
maybe there are exploits for CVE-2023-26604
https://www.exploit-db.com/exploits/51674
is the above exploit indeed functional?
the artifact cited by nomisec is just a checker
https:\/\/github.com\/Zenmovie\/CVE-2023-26604
!/bin/sh
version=$(systemd --version | awk 'NR==1{print $2}')
if (($version < "247")) then echo 'Vulnerable' else echo 'Not vulnerable' fi
note also that the artifact cited by NVD has a date from 2012
https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/