| Ticket | Info |
|---|---|
| US83019 | Enhanced IPFIX to support every information element that is of integer, date or IP address type. Added support for creating individual IPFIX messages and domains. |
| US83628 | Added 'Proxy' tag to super flow HTTP Video Enterprise. |
| US83726 | Added proxy support for the superflow "HTTP Live Streaming (HLS)". |
| US83741 | Added proxy support for the superflow "Facebook Android Superflow". |
| US83746 | Added support for proxy setup to the superflow "BreakingPoint RSS Multi" Feed". |
| Name | Category | Info |
|---|---|---|
| Generate IPFIX Domain | System/Network Admin | Supports the creation of a specific IPFIX traffic configuration made of a single observation domain, with one template set, one options template set and one data set for each template. There is one set per IPFIX message. |
| Generate IPFIX Messages | System/Network Admin | Supports the creation of the three basic types of IPFIX messages. Each action creates a single IPFIX message containing a single IPFIX set. The set contains multiple types of IPFIX fields, a default group of which can be configured. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E18-3im91 |
BID-102367 CVE-2017-18017 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | This strike exploits a memory corruption vulnerability in the Linux Kernel Netfilter service. When processing TCP SYN packets with TCP header length less than 5, an integer overflow will occur when calculating data offset, eventually resulting in memory corruption. Successful exploitation may result in out of bounds reads and writes to kernel memory, abnormal termination of the netfilter process, or kernel panic, resulting in a denial of service condition. |
| 10.0 | E18-0n1q1 |
CVE-2018-5262 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) EXPLOITDB-43478 URL |
Exploits | This strike exploits a stack-based buffer overflow vulnerability in Flexense DiskBoss Enterprise. The vulnerability is due to improper validation of user-supplied data sent over the network. Successful exploitation will allow an attacker to execute arbitrary code in the context of Local System account. NOTE: When run in one-arm mode, the strike will execute calc.exe on the target system. Vulnerable DiskBoss Enterprise version must listen for incoming connections on TCP port 8094. Tested on Windows 7 Ultimate x86 SP1. |
| 10.0 | E18-0yes1 |
CVE-2018-7573 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) EXPLOITDB-44596 |
Exploits | This strike exploits a buffer overflow vulnerability in the FTPShell client. The vulnerability is due to improper response length check, which allows a malicious server to overflow the client with a server's command response. This can result in either a denial of service condition or lead to remote code execution in the context of the current user, allowing for complete compromise of the remote system. |
| 9.3 | E18-0pz71 |
CVE-2018-9059 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) EXPLOITDB-44485 URL |
Exploits | This strike exploits a remote buffer overflow vulnerability in Easy File Sharing (EFS) Web Server. The vulnerability is due to insufficient validation of UserID parameter within forum.ghp. Remote attackers can exploit this vulnerability by crafting a malicious login request, ultimately gaining code execution on the target system with elevated privileges. |
| 9.3 | E18-0pam1 |
CVE-2018-8174 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | This strike exploits a vulnerability in Microsoft VBScript Engine. Specifically the vulnerability fakes and overrides the array object to perform arbitrary address reading and writing. In the end, it releases code to execute after constructing an object. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. |
| 7.8 | E18-zwzz1 |
CVE-2015-1503 CVSS-7.8 (AV:N/AC:L/AU:N/C:C/I:N/A:N) EXPLOITDB-44587 |
Exploits | This vulnerability in IceWarp Mail Server under version 11.1.1 allows attackers read access to arbitrary file content by directory traversal due to insufficient validation of http parameter "script". |
| 7.6 | E18-3dwf3 |
BID-102047 CVE-2017-11903 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-43367 GOOGLE-1376 |
Exploits | This strike exploits a vulnerability in the Microsoft Internet Explorer browser. Specifically, the vulnerability exists in the Javascript Jscript DLL. The NameTbl object is not tracked by the Garbage collector, so if toString deletes its this object a use after free condition can occur. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.6 | D18-0i0v1 |
CVE-2017-8751 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-43151 GOOGLE-1339 |
Denial | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the Javascript Chakra engine. Javascript can be crafted in such a way that allows for memory corruption to occur when a call to setPrototypeOf is made. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.6 | D18-0i092 |
CVE-2017-8729 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-42763 GOOGLE-1308 |
Denial | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the Javascript Chakra engine. It is possible to craft Javascript in such a way that the ConvertObjectToObjectPattern method will contain incorrect members. When on of these members is referenced type confusion will occur. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.5 | E18-0owl1 |
CVE-2018-7669 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits a path traversal vulnerability in Sitecore CMS. The vulnerability is due to insufficient validation of 'file' parameter processed in LogViewer application. Remote attackers can exploit this vulnerability by crafting a malicious HTTP request, ultimately gaining access to read arbitrary files. |
| 7.5 | E18-3hit1 |
CVE-2017-16597 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) ZDI-17-962 |
Exploits | This strike exploits a path traversal vulnerability in NetGain Systems Enterprise Manager. The vulnerability is due to insufficient validation of Filename parameter sent in WRQ requests processed in netgain.protocols.TFtpServer Java class. Remote attackers can exploit this vulnerability by crafting a malicious login request, ultimately gaining code execution on the target system with elevated privileges. |
| 7.5 | E18-0ydc1 |
CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) EXPLOITDB-44544 |
Exploits | This strike exploits a remote file inclusion vulnerability in WordPress Plugin WP Spritz 1.0. The vulnerability is due to improper sanitization of the "url" parameter in requests to WordPress Plugin WP with Spritz 1.0. By exploiting this vulnerability, a remote, unauthenticated attacker could retrieve arbitrary files from the target server. |
| 7.5 | E18-0naz1 |
CVE-2018-5955 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) EXPLOITDB-44356 URL |
Exploits | This strike exploits a remote code execution vulnerability in GitStack. The vulnerability is due to lack of authentication check when users send a HTTP create user request and improper validation of user-supplied input. By exploiting this vulnerability, a remote, unauthenticated attacker can execute arbitrary PHP code on the target server. NOTE: When run in one-arm mode, this strike creates a backdoor script at /web/backdoor.php. |
| 7.5 | E18-0pt41 |
BID-103949 CVE-2018-8840 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits a Schneider Electric InduSoft Web Studio and InTouch Machine Edition buffer overflow vulnerability. A specially crafted user supplied data causes a stack buffer overflow. Remote attackers may do arbitrary code execution on the target system. |
| 7.2 | E18-5i3j1 |
CVE-2018-10655 CVSS-7.2 (AV:L/AC:L/AU:N/C:C/I:C/A:C) EXPLOITDB-44590 |
Exploits | This strike exploits a buffer overflow vulnerability in DeviceLock Plug and Play Auditor. The vulnerability is due to improper parsing of the file used to import hosts to be scanned. By enticing a user to import a specially crafted file, an attacker could potentially run arbitrary code on the target system. |
| 6.8 | E17-3i9h1 |
BID-103999 CVE-2017-17557 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits a heap buffer overflow vulnerability in Foxit Reader up version 9.0.1.1049. The vulnerability is due to invalidation of biWidth field when processing BMP file. An attacker could potentially run arbitrary code on the target system by enticing a user to open a maliciously crafted BMP file. |
| 6.8 | E18-3gub1 |
BID-103525 CVE-2017-15715 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) |
Exploits | This strike exploits a policy bypass vulnerability in Apache httpd FilesMatch. FilesMatch is intended to prevent files which do not match certain regex patterns to be uploaded via HTTP PUT messages. One of these patterns is AP_REG_DOLLAR_ENDONLY, which is intended to prevent files ending with the \n character. However, this option does not work properly, allowing for files ending with \n to be uploaded. An attacker can send a specially crafted HTTP PUT message to bypass the policy and upload arbitrary files. |
| 6.0 | E18-0ouq1 |
BID-103985 CVE-2018-7602 CVSS-6.0 (AV:N/AC:M/AU:S/C:P/I:P/A:P) URL |
Exploits | This strike exploits a remote code execution flaw in Drupal Core. This vulnerability is due to improper handling of the HTTP parameter when a client sends http traffic to the server. A remote attacker can exploit this vulnerability by sending crafted http requests to the target server. Successful exploitation results in remote code execution. |
| 6.0 | E18-0oqy1 |
CVE-2018-7466 CVSS-6.0 (AV:N/AC:M/AU:S/C:P/I:P/A:P) EXPLOITDB-44226 |
Exploits | This strike exploits a code injection vulnerability in TestLink Open Source Test Management. The vulnerability is due to improper sanitization and handling of user-controlled values passed for "TestLink DB login" parameter in "installNewDB.php" script. By exploiting this vulnerability, a remote, unauthenticated attacker can inject and execute arbitrary PHP code on the target server. NOTE: When run in one-arm mode, a Mysql server must be accessible at "localhost" and user "root" with password "12345" must be configured. Also a database called "testlink" must be created and Mysql must be configured to accept usernames longer that 16 characters. |
| 5.8 | E18-0ydg1 |
CVSS-5.8 (AV:N/AC:M/AU:N/C:P/I:N/A:P) EXPLOITDB-44548 URL |
Exploits | This strike exploits a remote command execution vulnerability in GitList. The vulnerability is due to improper sanitization of user-controlled values passed in search queries. By exploiting this vulnerability, a remote, unauthenticated attacker can execute arbitrary operating system commands on the target server. |