Ticket | Info |
---|---|
DE7262 (1430345) | Strike based fuzzers now correctly indicate if they are blocked or allowed through a device. |
DE7285 | Corrected metadata for the following strikes: G10-37801, G06-7cy0, G07-5a301, G09-36m01, G09-34t01, G08-4ly01. |
DE7292 | Removed duplicate references for the following strikes: E05-22n03, E05-22n01, E05-22n02, E15-atg01, E05-0bm01, E05-0bm02. |
DE7405 | Removed "Emulate" term from "Emulate Speedtest.net" super flow name. |
DE7429 | In this release the duplicated "Content Length" and "Content-Range" attributes in HTTP 206 Partial Content were removed. |
Ticket | Info |
---|---|
US60078 | Removed deprecation from strike D16-43501 due to Network Processor enhancements. |
US62935 | This enhancement adds 2 new attributes Proxy-State and Framed-IPv6-Preifx to the Radius Accounting Request , Radius Accounting Response , Radius Access Request and Radius Access Accept actions. |
Name | Category | Info |
---|---|---|
HL7 | Enterprise Applications | Health Level Seven (HL7) is a set of standards for transfer clinical and administrative data between software applications used by health care providers. This application simulates the lower layer protocol (LLP, sometimes referred to a MLLP for Minimum LLP) used when transferring the data in the non-XML pipe and hat form. |
Appointy Mar17 | Enterprise Applications | Appointy is an all-in-one online scheduling software for restaurants. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Restaurant 7Shifts Mar17 | Enterprise Applications | 7shifts is an employee scheduling application designed for restaurants. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Name | Category | Info |
---|---|---|
Health Level Seven - HL7 | Enterprise Applications | Health Level Seven (HL7) is a set of standards for transfer clinical and administrative data between software applications used by health care providers. In this simulation, HL7's Minimum Lower Layer protocol (MLLP) is used to show an endpoint transferring its data to another endpoint. |
Appointy Manager Access | Enterprise Applications | Appointy Scheduling Software for Restaurants. This emulation highlights a restaurant manager's typical use of the application. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Appointy Quick Schedule Review | Enterprise Applications | Appointy Scheduling Software for Restaurants. This emulation shows the restaurant manager logging in to quickly check who is scheduled to work over the next three days. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
7SHIFTS Manager Access | Enterprise Applications | 7SHIFTS Scheduling Software for Restaurants. This emulation highlights a restaurant manager's typical use of the application. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
7SHIFTS Quick Schedule Review | Enterprise Applications | 7SHIFTS Scheduling Software for Restaurants. This emulation shows the restaurant manager logging in to quickly check who is scheduled to work over the next three days. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Name | Info |
---|---|
Mirai Botnet | This test simulates Command and Control communications for the Mirai Botnet. |
CVSS | ID | References | Category | Info |
---|---|---|---|---|
10.0 | E17-5b401 |
APSB-17-04 CVE-2017-2992 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) GOOGLE-1018 |
Exploits | This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to an heap overflow when parsing an MP4 header. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in abnormal termination of the flash process. |
10.0 | E17-5ay01 |
APSB-17-04 BID-96193 CVE-2017-2986 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) GOOGLE-1008 |
Exploits | This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to an heap overflow in YUVPlane decoding. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in abnormal termination of the flash process. |
9.3 | E17-7cm01 |
CVE-2017-5638 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | This strike exploits a remote command execution vulnerability in Apache Struts. An HTTP request with a specially crafted content-type can be used to execute arbitrary commands. Successful exploitation may result in command execution. |
8.5 | E17-0f801 |
CVSS-8.5 (AV:N/AC:M/AU:S/C:C/I:C/A:C) ZDI-17-122 ZDI-17-123 ZDI-17-124 |
Exploits | This strike exploits a command execution vulnerability in Trend Micro Safe Sync. Several query string parameters accepted by the reconnect command are vulnerable to command injection. An authenticated attacker can connect, disconnect, and then send a specially crafted HTTP command to reconnect in order to achieve arbitrary code execution with root privileges. |
7.6 | E17-31101 |
BID-96088 CVE-2017-0037 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) GOOGLE-1011 |
Exploits | This strike exploits a vulnerability in the Microsoft Internet Explorer and Edge Browsers. It is possible for an attacker to craft HTML and CSS in such a way that allows for the styleSheet of an object containing the columnspan property to be modified causing a type confusion to occur. |
7.6 | E16-8mg01 |
BID-94749 CVE-2016-7288 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) GOOGLE-983 MS16-145 |
Exploits | This strike exploits a use-after-free vulnerability in the Microsoft Edge Browser. It is possible when an ArrayBuffer is allocated and attached to a TypedArray object, to create a use-after-free-condition. If the toString or valueOf methods are overridden in a function comparison of the sort method by invoking a specific message, the ArrayBuffer is freed and detached from the TypedArray object. However, when the sort method is called, the freed buffer is referenced again triggering the use-after-free condition. |
6.8 | E17-0d5w1 |
CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) URL ZDI-17-060 |
Exploits | This strike exploits a directory traversal vulnerability in Trend Micro Control Manager. The vulnerability is due to improper input validation of HTTP parameters passed to importfile.php. An attacker could exploit this vulnerability to upload a file and execute it on the target system. |
5.0 | E16-a4s01 |
BID-96143 CVE-2016-9244 CVSS-5.0 (AV:N/AC:L/AU:N/C:P/I:N/A:N) EXPLOITDB-41298 SECURITYTRACKER-1037800 URL |
Exploits | This strike exploits memory disclosure vulnerability in F5 Big-IP appliances. When performing SSL renegotiation with session tickets, the client provides a session ID, which may be between 1 and 32 bytes. The server then echoes this sessionID. F5 Big-IP appliances will echo 32 bytes regardless of the size of the received session ID. An attacker can perform an SSL renegotiation and send a session ID of less than 32 bytes, causing the server to echo back the provided session ID plus up to 31 bytes of uninitialized memory. |