Ticket | Info | DE8260 (1451283) | FileTransfer strikes have been altered to include a carriage return along with line feed when sending base64 encoded email attachments. This affects protocols related to email, including SMTP, POP3, and IMAP. |
---|---|
DE8439 | Fixed a bug causing only BreakingPoint HTTP Request to be displayed as only option for AppSimSmartFlow. |
DE8484 | Multiple strikes were modified to use properly MIME formatted base64 encoding. This adds a sequence of Carriage Return/Line Feed (CRLF) to the end of each line instead of just Line Feed (LF). |
Ticket | Info | US74423 | Deprecated application protocol "Dailymotion Mar15". Deprecated super flows: "Dailymotion Bandwidth", "DailyMotion Mar 15", "DailyMotion Mar 15 Search a DailyMotion video on Google", "DailyMotion Mar 15 Search and view a video on DailyMotion" and "DailyMotion Mar 15 Upload a video to DailyMotion". |
---|---|
US74548 | Deprecated application "Office365 OneNote Online Jul15". Deprecated super flow "BreakingPoint Evergreen Office365OneNote Jul 15". |
Name | Category | Info |
---|---|---|
Office 365 OneNote Sep17 | Distributed Computing | The use of the Office 365 OneNote website as of September 2017. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
SNMPv3 | Testing and Measurement | Simple Network Management Protocol Version 3 (SNMPv3) is an Internet-standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Version 3 adds cryptographic security. This protocol simulation uses the User-based Security Model (USM) security model. Note that one can set the engine name, user name and authentication parameters in Wireshark under the Protocol Preferences for SNMP. This allows Wireshark to decode the encrypted PDU. |
Dailymotion Aug17 | Voice/Video/Media | The use of the Dailymotion website as of August 2017. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Evernote Desktop Aug17 | Storage | Emulates the use of the Evernote Desktop website as of August 2017. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Name | Category | Info |
---|---|---|
Office 365 OneNote Sep 17 | Distributed Computing | The use of the Office 365 OneNote website as of September 2017. All of the available actions for this flow are exercised. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Office 365 OneNote Sep 17 Create and Edit A New NoteBook | Distributed Computing | The use of the Office 365 OneNote website as of September 2017. Create and edit a new notebook in Office365. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
SNMPv3 | Testing and Measurement | Simple Network Management Protocol Version 3 (SNMPv3) is an Internet-standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. Version 3 adds cryptographic security. Here we show Get, Getnext and Set requests being issued from an SNMP Manager to an SNMP agent. This is done using the USM (User-based Security Model) security model. |
Dailymotion Aug 17 | Voice/Video/Media | The use of the Dailymotion website as of August 2017. All of the available actions for this flow are exercised. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Dailymotion Aug 17 Play A Video | Voice/Video/Media | The use of the Dailymotion website as of August 2017. It plays a video on Dailymotion. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Evernote Desktop Aug 17 | Storage | Emulates the use of the Evernote Desktop website as of August 2017. All of the available actions for this flow are exercised. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The 'Max. Request/Response Pairs per Action' and 'Max. Generated File Size' flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Evernote Desktop Aug 17 Add Note | Storage | The user accesses the sign in page, signs in, creates a notebook, adds a simple note and lastly signs out of the app. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The 'Max. Request/Response Pairs per Action' and 'Max. Generated File Size' flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Evernote Desktop Aug 17 Add Note with Attachement | Storage | The user accesses the sign in page, signs in, creates a notebook, adds a note with an attachment and lastly signs out of the app. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The 'Max. Request/Response Pairs per Action' and 'Max. Generated File Size' flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
CVSS | ID | References | Category | Info |
---|---|---|---|---|
9.3 | E17-0ipi2 |
BID-100097 CVE-2017-9638 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL ZDI-17-509 |
Exploits | This strike exploits a stack buffer overflow vulnerability in Mitsubishi Electric E-Designer. The vulnerability is due to improper parsing of the parameters in a configuration file. An attacker can entice a target to open a specially crafted E-Designer Project File to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the application. |
9.0 | E17-3doa1 |
BID-100282 CVE-2017-11610 CVSS-9.0 (AV:N/AC:L/AU:S/C:C/I:C/A:C) URL |
Exploits | This strike exploits a remote command injection vulnerability in the XML-RPC server in Supervisor. The vulnerability is due to method execve in object self.rpcinterface.supervisor.supervisord.options can execute any command. This vulnerability could allow an unauthorized user to execute arbitrary code on the server. |
8.5 | E17-3ed01 |
BID-100367 CVE-2017-12500 CVSS-8.5 (AV:N/AC:M/AU:S/C:C/I:C/A:C) URL ZDI-17-663 |
Exploits | This strike exploits An Expression Language injection vulnerability in Hewlett Packard Enterprise (HPE) Intelligent Management Center. The vulnerability is due to improper input validation of HTTP request parameters. A remote, authenticated attacker can execute arbitrary code on the targeted system by sending a crafted HTTP request to the target server. |
7.6 | E17-0hxt1 |
BID-100057 CVE-2017-8641 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-42465 |
Exploits | This strike exploits an Integer Overflow vulnerability in the Microsoft Edge Browser. Specifically, the vulnerability exists when the eval method is called with an overly large string value as the argument. An attacker could craft code in such a way that would cause a denial of service condition in the browser or potentially allow for remote code execution to occur. |
7.6 | E17-0hv82 |
BID-99420 CVE-2017-8601 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-42479 GOOGLE-1316 |
Exploits | This strike exploits a vulnerability in Microsoft Edge. Specifically, the Javascript Chakra engine assumes that the specified array will be a float array, however, it is possible to modify this type with the valueOf handler, which will result in type confusion. This can cause a denial of service in the browser or potentially allow for remote code execution to occur. |
7.5 | E17-m9t21 |
BID-100278 CVE-2017-7546 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) SECURITYTRACKER-1039142 URL |
Exploits | This strike exploits an authentication bypass vulnerability in PostgreSQL. Under normal circumstances, PostgreSQL does not permit sending or using empty passwords. However if the password is stored as a hash, empty passwords can be used. Additionally, the clients using libpq perform a client-side test for blank passwords. Because this is client-side, it can be avoided by avoiding using libpq. Successful exploitation may result in successful authentication using an empty password. |
7.5 | E17-3dmf1 |
BID-99939 CVE-2017-11543 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) SCIP-104408 URL |
Exploits | This strike exploits a buffer overflow vulnerability in tcpdump. The vulnerability is due to failure to validate the direction when parsing a Serial-Line IP (SLIP) header. This vulnerability can lead to arbitrary code execution in the context of the tcpdump application. |
6.8 | E17-0iu51 |
BID-100609 CVE-2017-9805 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) SCIP-106167 URL |
Exploits | This strike exploits a remote command execution vulnerability in Apache Struts. The vulnerability is due to insecure deserialization of data by XStreamHandler in Apache Struts REST Plugin. Successful exploitation may result in executing arbitrary code on the target system. |
6.0 | E17-3dia1 |
BID-100130 CVE-2017-11394 CVSS-6.0 (AV:N/AC:M/AU:S/C:P/I:P/A:P) URL ZDI-17-521 |
Exploits | This strike exploits a command injection vulnerability in the Trend Micro OfficeScan web console due to improper validation of parameters sent in web requests. The vulnerability can be exploited by a remote, authenticated attacker with a specifically crafted web request. An attacker could exploit this vulnerability and execute system commands under the security context of the target application. |