| Ticket | Info |
|---|---|
| DE6994 | The RTP stream actions in the following Super Flows have been updated with a StartEnd transaction flag: "SCCP Voice Call", "Windows Messenger V15 Voice Chat SSL", "Facetime Audio Video Call". |
| DE7039 | Fixed an issue where HTTP Response Partially OK (206) compression result was not correct. Also, enhanced HTTP response Partially OK (206) to support brotli compression method. |
| DE7073 (1426291) | Removed incorrect newline characters from http header in /strikes/exploits/webapp/exec/osvdb_72256_sybase_mbusiness_agsoap_closing_tag_rce.xml |
| DE7079 (1426655) | The MQTT "Send CONNECT" action has been updated to better support the use of tokens in the "Client Identifier" setting. |
| Ticket | Info |
|---|---|
| US50682 | Added new compression method Brotli. Enable HTTP Brotli compression for actions 'Response OK (200)', 'Response 206 (OK Partial)' and 'Multi-Match Response 200 (OK)' to compress HTTP message-body. Use parameter "HTTP Compression" and file generator brotli format files. |
| US8452 (32099) | Added support for HTTPs Simulated Facebook messenger mobile version. The application emulates real world facebook messenger mobile traffic. |
| US60515 | Added Token Support for Mirai Command-and-Control Botnet. |
| US60516 | Added Token Support for Kelihos Command-and-Control Botnet. |
| Name | Category | Info |
|---|---|---|
| HTTPS Simulated Facebook Messenger | Chat/IM | Simulates the HTTPS sessions used by Facebook Messenger mobile version. |
| ClientSim HTTP 302 Cookie Challenge | Authentication | These set of actions simulate a browser challenged to follow two HTTP 302 redirect responses as well as accept and use a cookie for authentication. This is used as a means of verifying a browser during a DDoS attack by some security devices. |
| Mirai Botnet Valve Source Engine Query Flood Attack | Security | This traffic emulates a Mirai Botnet Valve Source Engine Query Flood Attack. |
| Mirai Botnet UDP Plain Flood Attack | Security | This traffic emulates a Mirai Botnet UDP Plain Flood Attack. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 9.3 | E16-66x01 |
APSB-16-18 BID-91250 CVE-2016-4137 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) EXPLOITDB-40089 GOOGLE-790 MS16-083 SECURITYTRACKER-1036117 |
Exploits | This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to a heap corruption in LMZA Property Decoding. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process. |
| 9.3 | E16-66w01 |
APSB-16-18 BID-91253 CVE-2016-4136 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) EXPLOITDB-40088 GOOGLE-788 MS16-083 SECURITYTRACKER-1036117 |
Exploits | This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to a heap overflow in JXR Processing. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process. |
| 7.6 | E16-3un01 |
APSB-16-15 BID-90617 CVE-2016-1103 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-39826 GOOGLE-792 MS16-064 SECURITYTRACKER-1035827 |
Exploits | This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to an overflow in the processing of raw 565 textures in ATF. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in abnormal termination of the flash process. |
| 7.6 | E16-3ul01 |
APSB-16-15 BID-90619 CVE-2016-1101 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-39827 GOOGLE-789 MS16-064 |
Exploits | This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to a large heap overflow when reading an ATF image to a Bitmap object. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process. |
| 7.6 | E16-8l602 |
BID-94041 CVE-2016-7242 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) MS16-129 SCIP-93381 URL |
Exploits | This strike exploits a vulnerability in the Microsoft Edge Browser. Specifically, a type confusion vulnerability exists in the Microsoft Edge module Chakra.dll. A malicious attacker can craft javascript in such a way that when the DirectSetItemAt method is called on an array believing it is of type int, type confusion occurs. This may allow for an attacker to disclose memory contents or potentially execute remote code. |
| 7.6 | E16-8k201 |
BID-94042 CVE-2016-7202 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) MS16-129 |
Exploits | This strike exploits a vulnerability in the Microsoft Edge and Internet Explorer Browsers. Specifically, in the javascript scripting engine when prototype.reverse is called, the EntryReverse function creates an offset to an array using the initial length. If this value is then later modified an integer underflow can occur. The value is then later used in a calculation which results in a heap buffer overflow. This can cause a denial of service condition to occur in the browser, or potentially lead to remote code execution. |
| 7.6 | E16-8k101 |
BID-94038 CVE-2016-7201 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) MS16-129 |
Exploits | This strike exploits a vulnerability in the Microsoft Edge Browser. Specifically, a type confusion vulnerability exists in the Microsoft Edge module Chakra.dll. A malicious attacker can craft javascript in such a way that when the Array.shift method is called on an array believing it is always of a certain type, type confusion can occur. This may allow for an attacker to disclose memory contents or potentially execute remote code. |
| 7.5 | E16-9pu01 |
BID-94083 CVE-2016-8706 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) SCIP-93802 SECURITYTRACKER-1037333 URL |
Exploits | This strike exploits an integer underflow vulnerability in Memcached Binary Protocol. For binary request messages with opcodes 0x21 and 0x22 for Simple Authentication and Security Layer (SASL), if KeyLength is greater than BodyLength, an integer underflow will occur, which will eventually lead to a heap overflow. An attacker can send a specially crafted request message to trigger the heap overflow, potentially leading to arbitrary code execution. Failure to execute code will not result in a crash. |
| 7.5 | E16-9ps01 |
BID-94083 CVE-2016-8704 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits an integer overflow vulnerability in Memcached Binary Protocol. For binary request messages with certain opcodes pertaining to Append and Prepend operations, BodyLength is sufficiently large or is less than or equal to KeyLength, an integer underflow will overflow, which will eventually lead to a heap overflow. An attacker can send a specially crafted request message to trigger the heap overflow, potentially leading to arbitrary code execution. Failure to execute code will not result in a crash. |
| 6.8 | E16-8me01 |
BID-94748 CVE-2016-7286 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) MS16-145 |
Exploits | This strike exploits a vulnerability in the Microsoft Edge Browser. Specifically, when the toLocaleString function is called on a SIMD object, uninitialized memory is used to convert numbers to the locale, resulting in memory corruption. This can cause a denial of service condition to occur in the browser, or potentially lead to remote code execution. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E12-1zy01 |
BID-47775 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) |
Exploits | Removed incorrect newline characters from http header in /strikes/exploits/webapp/exec/osvdb_72256_sybase_mbusiness_agsoap_closing_tag_rce.xml |