Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

GitHub PR #1374 - Improve the accuracy of script http-vuln-cve2017-1001000.nse

From: Kostas Milonas <milonas.ko () gmail com>
Date: Sun, 28 Oct 2018 18:42:47 +0000
Hello everyone.

Firstly, congratulations for this great tool!

This is my first contribution to the project!
I opened the pull request #1374 on GitHub (
https://github.com/nmap/nmap/pull/1374).
The objective of this is to improve the accuracy of the script
http-vuln-cve2017-1001000.nse.

Made two fixes where the script:

1. failed with an error when the Wordpress API returned an empty response
on the GET request.
2. incorrectly marked the target as vulnerable when the Wordpress API
returned an error to the vulnerability check.

Both cases are now checked and the target is marked as non vulnerable.
I can also provide you with a few (real) targets to test.

Thank you in advance!
Kostas

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: