Ixia ATI Update 2018-09 (330311)

Enhancements

Ticket Info
US83163 Proxy support was added for super flow "Amazon S3 Retrieve Objects".

New Protocols & Applications (2)

Name Category Info
Instagram Apr18 Social Networking/Search Instagram is a photo and video-sharing social networking service owned by Facebook, Inc. The service also adds messaging features, the ability to include multiple images or videos in a single post, as well as "Stories" - similar to its main competitor Snapchat - which allows users to post photos and videos to a sequential feed. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature.
Zoosk Apr18 Social Networking/Search Zoosk is an online dating service available in 25 languages and in more than 80 countries. Zoosk users are aged 18 and older. It uses gamification and popularity rankings to encourage participation. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature.

New Super Flows (3)

Name Category Info
Instagram Apr 18 Social Networking/Search Instagram simulation of signing in, photo viewing and commenting, as well as sharing a photo before logging out. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature.
Instagram Bandwidth Social Networking/Search Instagram emulation showing login, photo viewing and commenting as well as sharing a photo before logging out. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature.
Zoosk Apr 18 Social Networking/Search Simulates a typical use case of the Zoosk website. The user signs in, uploads a photo, reads received messages and browses profiles. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature.

New Strikes (21)

CVSS ID References Category Info
10.0 E05-zw791 BID-74072
CVE-2015-0469
CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C)
Exploits An out of bounds memory access vulnerability has been reported in Oracle Java SE. The vulnerability is due to insufficient validation of an index value prior to array access. A remote unauthenticated attacker can exploit this vulnerability by persuading users to load a malicious web page containing a Java applet. Successful exploitation could cause memory corruption that may lead to arbitrary code execution in the security context of the logged in user, or terminate the application resulting in a denial of service condition.
7.6 E18-0jpj1 BID-103298
CVE-2018-0935
CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C)
EXPLOITDB-44404
Exploits This strike exploits a vulnerability in the Microsoft Internet Explorer browser. The vulnerability lies within jscript.dll. A HTML page containing Javascript can be crafted in such a way that allows for a heap buffer overflow. Successful exploitation may lead to a denial of service condition in the browser, or potentially remote code execution.
7.6 E18-0jmr1 BID-102874
CVE-2018-0835
CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C)
EXPLOITDB-44079
GOOGLE-1459
Exploits This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the Javascript Chakra engine. Javascript can be crafted in such a way that allows for type confusion to occur when a call to Array.prototype.reverse is made. This can allow for a denial of service to occur or potentially remote code execution.
7.6 E18-0hxs1 BID-100051
CVE-2017-8640
CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C)
EXPLOITDB-42476
GOOGLE-1297
Exploits This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the Javascript Chakra engine. Javascript can be crafted in such a way that allows for the function argument object to be uninitialized. This may lead to a denial of service condition in the browser, or potentially remote code execution.
7.6 D18-0hxy2 BID-100053
CVE-2017-8646
CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C)
EXPLOITDB-42470
GOOGLE-1277
Denial This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the Javascript Chakra engine. Javascript can be crafted in such a way that allows for the function PushPopFrameHelper to be used incorrectly. This results in a denial of service condition in the browser.
7.5 E18-0p7d1 CVE-2018-8057
CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P)
EXPLOITDB-44454
Exploits An SQL injection vulnerability exists in Cobub Razor mobile analytics appliance. The vulnerability is due to insufficient user-supplied input validation within channel.php script. The successful exploitation of this vulnerability can result in database information disclosure without authentication via a specially crafted HTTP POST request.
7.5 E18-mb081 BID-103776
CVE-2018-2628
CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P)
SECURITYTRACKER-1040696
URL
Exploits An insecure deserialization vulnerability was found in Oracle WebLogic Server due to insufficient validation of serialized data. Vulnerability can be exploited by sending a specially crafted serialized object. Successful exploitation can result in arbitrary code execution in the context of the user running WebLogic.
7.5 E18-0jyu1 BID-103696
CVE-2018-1270
CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P)
URL
Exploits This strike exploits a remote command injection vulnerability in the Pivotal Spring Web framework. The vulnerability exists due to insufficient validation of user-supplied input to a STOMP broker in the spring-messaging module. The vulnerability can be exploited by sending a specially crafted request to a STOMP broker, allowing arbitrary command execution in the context of the running service.
7.5 E18-0jto2 BID-103758
CVE-2018-1084
CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P)
Exploits This strike exploits an integer overflow flaw in Corosync Cluster Engine. The vulnerability is due to improper length checking on received input UDP data. A remote attacker can trigger this vulnerability by sending a crafted UDP request to target server. This results in Denial-of-Service on the target device.
7.5 E18-0o1e1 CVE-2018-6546
CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P)
EXPLOITDB-44476
URL
Exploits This strike exploits a remote file execution vulnerability in AMD Raptr. HTTP POST requests to the execute_installer URI are intended to execute the installer file with path stored in the data parameter. However, any arbitrary executable path stored in the data parameter will be executed. An attacker can send a specially crafted HTTP POST request to cause arbitrary file execution on the target system.
6.8 E18-0ppo1 CVE-2018-8716
CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P)
EXPLOITDB-44531
URL
Exploits This strike exploits a cross-site scripting vulnerability in WSO2 Identity Server. This vulnerability is due to improper sanitization of user input when adding a new workflow engine profile. By enticing an authenticated user to visit an attacker controlled webpage or click a malicious link, an attacker could access any cookies, session tokens, or other sensitive information retained by the browser.
6.8 E18-0ija1 CVE-2017-9414
CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P)
EXPLOITDB-42120
URL
Exploits This strike exploits a cross-site scripting vulnerability in Subsonic media server. This vulnerability is due to improper sanitization of user controlled parameters to different HTTP GET and POST requests. By enticing an authenticated user to visit an attacker controlled webpage or click a malicious link, an attacker could access any cookies, session tokens, or other sensitive information retained by the browser.
6.8 E18-0jyx1 BID-100948
CVE-2018-1273
CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P)
URL
Exploits This strike exploits a remote code execution vulnerability in Pivotal Spring Data Commons. The vulnerability is due to a SPEL injection in SimpleEvaluationContext method. Successful exploitation can result in arbitrary code execution in the context of Spring Data Commons.
6.8 E18-0yby1 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P)
EXPLOITDB-44494
Exploits This strike exploits a stack based buffer overflow vulnerability in VX Search 10.6.18. If a directory parameter is imported with an overly large amount of data, the stack can overflow allowing for remote code execution.
6.1 E18-0yb81 CVSS-6.1 (AV:L/AC:L/AU:N/C:P/I:P/A:C)
EXPLOITDB-44468
URL
Exploits This strike exploits an integer overflow vulnerability in Zortam MP3 Media Studio desktop Mp3 Library component. The vulnerability is due to improper parsing of user-supplied input in a search form. Successful exploitation may result in a crash of the running application or potentially in an execution of arbitrary code with SYSTEM privileges.
5.8 E18-0ql21 CVE-2018-9846
CVSS-5.8 (AV:N/AC:M/AU:N/C:P/I:P/A:N)
URL
Exploits This strike exploits a command injection vulnerability in the Roundcube Webmail. This vulnerability is due to improper handling of the HTTP parameter when a client sends http traffic to the server. A remote attacker can trigger this vulnerability by enticing an authenticated user to visit a crafted page, which sends a request to the target server. This results in arbitrary IMAP injection on the target device.
5.0 E18-0psv1 CVE-2018-8831
CVSS-5.0 (AV:N/AC:L/AU:N/C:N/I:P/A:N)
EXPLOITDB-44487
URL
Exploits This strike exploits a cross-site scripting vulnerability in Kodi Media Player software. This vulnerability is due to inadequate input filtering in the web interface, while creating a new playlist. By exploiting this vulnerability an attacker could cause arbitrary HTML/script code to be executed by the target user's browser.
5.0 E18-0h0v1 CVE-2017-7455
CVSS-5.0 (AV:N/AC:L/AU:N/C:P/I:N/A:N)
EXPLOITDB-41850
URL
Exploits This strike exploits an information disclosure vulnerability in MXview Industrial Network Management Software. The vulnerability is due to lack of access controls and improper handling of HTTP requests. Successful exploitation will allow an attacker to obtain sensitive information from the server, including SSL private key.
5.0 D18-0h0w1 CVE-2017-7456
CVSS-5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P)
EXPLOITDB-41851
URL
Denial This strike exploits a denial of service vulnerability in MXview Industrial Network Management Software. The vulnerability is due to improper handling of supplied credentials when users try to login. Successful exploitation will cause the unavailability of MXview server.
5.0 D18-0jzr1 CVE-2018-1303
CVSS-5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P)
URL
Denial This strike exploits a denial of service vulnerability in Apache HTTP Server configured with mod_cache_socache. An error in handling empty HTTP headers may lead to abnormal termination of the httpd process, resulting in a denial of service condition. An attacker can send specially crafted HTTP messaged with empty HTTP header to trigger the vulnerability.
4.3 E18-0ihn1 CVE-2017-9355
CVSS-4.3 (AV:N/AC:M/AU:N/C:N/I:P/A:N)
EXPLOITDB-42119
SCIP-102086
Exploits This strike exploits a XML external entity vulnerability in Subsonic media server. The vulnerability is due improper parsing of input file when user imports a new playlist. By enticing a user to import a specially crafted .xsfp file, an attacker could evade firewalls and perform server-side request forgery attacks.