Fingerprint for Telerik CVE-2017-9248. Closes #954

2026-01-20 05:09:02 +00:00 · 2017-09-26 19:02:45 +00:00
parent 86ef024038
commit d0566d1807
1 changed files with 26 additions and 0 deletions
--- a/nselib/data/http-fingerprints.lua
+++ b/nselib/data/http-fingerprints.lua
@@ -7124,6 +7124,32 @@ table.insert(fingerprints, {
    }
  });

+-- Progress Telerik UI for ASP.NET CVE-2017-9248
+table.insert(fingerprints, {
+    category = 'attacks',
+    probes = {
+      {
+        path = '/Telerik.Web.UI.DialogHandler.aspx?dp=////',
+        method = 'GET'
+      },
+      {
+        path = '/Telerik.Web.UI.DialogHandler.ashx?dp=////',
+        method = 'GET'
+      },
+      {
+        path = '/DesktopModules/Admin/RadEditorProvider/DialogHandler.aspx?dp=////',
+        method = 'GET'
+      }
+    },
+    matches = {
+      {
+        dontmatch = 'cannot be less than zero',
+        match = 'Base%-64',
+        output = 'Progress Telerik UI for ASP.NET Cryptographic Weakness (CVE-2017-9248)'
+      }
+    }
+  });
+
 ------------------------------------------------
 ----        Open Source CMS checks          ----
 ------------------------------------------------