| Ticket | Info |
|---|---|
| DE9058 (1466259) | Evergreen Facebook Jan 14, Evergreen Yahoogroups Jan 14, Evergreen Aolmail Jan 14, Evergreen Aolmail Jan 14 Send Message , Evergreen Aolmail Jan 14 Send Message Attachment, Evergreen Aolmail Jan14 View Message, Evergreen Aolmail Jan 14 View Message with attachment, Evergreen Aolchat Jan14, Evergreen Aolchat Jan14 Send Message and Evergreen Aolchat Jan14 Receive Message have been modified to expose the DNS actions for all the hosts. |
| DE9247 | Fixed a bug in strike referred by CVE-2018-1162 by adding variable timestamp for malicious payload. |
| Ticket | Info |
|---|---|
| US80578 | Updated superflow 'Bing Search'. Added TLS actions to this superflow. |
| US80579 | Updated superflow 'HTTP Live Streamingh'. Add TLS actions to this superflow. |
| US80593 | Updated superflow 'Gopher'. Added TLS actions to this superflow. |
| US82580 | Deprecated Application Protocol 'Ebay Jan 15'. |
| US82582 | Deprecated Application Protocol 'Google Earth'. |
| Name | Category | Info |
|---|---|---|
| eBay Feb18 | Financial | eBay is an online auction and shopping website in which people and businesses buy and sell a wide variety of goods and services worldwide. |
| GoogleEarthPro Feb18 | Social Networking/Search | Google Earth is a computer program that renders a 3D representation of Earth based on satellite imagery. The program maps the Earth by superimposing satellite images, aerial photography, and GIS data onto a 3D globe, allowing users to see cities and landscapes from various angles. |
| Name | Category | Info |
|---|---|---|
| eBay Browse and Buy Items Feb 18 | Financial | Simulates a user that uses the website to search and shops for items. |
| eBay Manage Personal Account Feb 18 | Financial | Simulates a user that views account status and history. |
| GoogleEarthPro Access Google Account Feb 18 | Social Networking/Search | Access a Google account through Google Earth Pro application. |
| GoogleEarthPro Navigate the Globe Bandwidth Feb 18 | Social Networking/Search | Use the 3D representation of the Earth to observe the geography of various places, pictures are enabled. |
| GoogleEarthPro Navigate the Globe Feb 18 | Social Networking/Search | Use the 3D representation of the Earth to observe the geography of various places, pictures are disabled. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E17-3g4z1 |
BID-100901 CVE-2017-14803 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) SCIP-112249 ZDI-18-131 |
Exploits | The vulnerability allows attackers read access to arbitrary file contents accessible in the Micro Focus NetIQ Access Manager server by insufficient validation of user input on requests sent to the OspUIBasicSSODownload servlet. |
| 10.0 | E17-0i6q1 |
CVE-2017-8962 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL ZDI-17-855 |
Exploits | This strike exploits an insecure java deserialization in Hewlett Packard Enterprise (HPE) Intelligent Management Center (IMC). This vulnerability is due to improper validation of Java serialized objects before deserialization . An attacker could send a specially crafted HTTP POST request to achieve arbitrary command execution with either SYSTEM or root privileges. |
| 10.0 | E17-0jtw1 |
CVE-2017-1092 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | An input validation vulnerability has been found in IBM Informix Open Admin Tool. The vulnerability is due to improper parsing of user-supplied input to the SOAP interface. Successful exploitation can result in arbitrary code execution in the security context of the SYSTEM user. |
| 10.0 | E17-0doa1 |
BID-101837 CVE-2017-3114 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) ZDI-17-997 |
Exploits | This strike exploits a out-of-bound access vulnerability in Adobe Flash Player. This vulnerability is due to improper bounds checking in LocaleID's determinePreferredLocales method. An attacker can exploit this vulnerability by entice a user to open a crafted SWF file or link. Successful exploitation may result in arbitrary code execution. |
| 9.3 | E17-3dtw1 |
BID-101139 CVE-2017-11812 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the javascript Chakra engine. Javascript can be crafted in such a way that allows for a Use-After-Free condition to occur when processing an ArrayBuffer that has previously been freed. This may cause a denial of service condition in the browser, or potentially lead to remote code execution. |
| 7.6 | E17-0hym1 |
BID-100070 CVE-2017-8670 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-42477 GOOGLE-1298 |
Exploits | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the javascript Chakra engine. Javascript can be crafted in such a way that allows for the function argument object to be uninitialized. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.6 | E17-3dtm2 |
BID-101130 CVE-2017-11802 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-43000 GOOGLE-1334 |
Exploits | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the javascript Chakra engine. Javascript can be crafted in such a way that allows for the StringReplace function to be used inline with the JIT process. When the replace function is called it fails to check if a user function is called and type confusion can occur. This may cause a denial of service condition in the browser, or potentially lead to remote code execution. |
| 7.5 | E18-mapo2 |
BID-102916 CVE-2018-6376 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) SECURITYTRACKER-1040316 URL |
Exploits | This strike exploits an SQL injection vulnerability in Joomla! CMS. The vulnerability is due to the improper sanitization of requests sent to the application. An attacker could exploit this by sending specifically crafted packets, potentially resulting in the execution of SQL commands which may lead to information disclosure, database corruption, denial of service and others. |
| 7.2 | E17-3hwr1 |
CVE-2017-17099 CVSS-7.2 (AV:L/AC:L/AU:N/C:C/I:C/A:C) EXPLOITDB-42984 URL |
Exploits | A stack buffer overflow has been identified in Flexsense SyncBreeze Enterprise appliance. The vulnerability is caused by the lack of proper bound checking of the URI within HTTP requests processing. The vulnerability can be exploited by sending a specially-crafted HTTP request, allowing the attacker arbitrary code execution with SYSTEM privileges. |
| 5.0 | E18-0oaf1 |
CVE-2018-6871 CVSS-5.0 (AV:N/AC:L/AU:N/C:P/I:N/A:N) URL |
Exploits | This strike exploits a file disclosure vulnerability in LibreOffice up to 6.0.1. The vulnerability is due to unrestricted use of WEBSERVICE function in LibreOffice Calc files. An attacker could obtain the content of any local file by enticing a user to open a maliciously crafted document. Note: This strike is sending over the network a file which if run on a vulnerable target would dump contents of /etc/passwd file to a host 172.16.2.202 on port 8000! |
| 5.0 | D17-3i671 |
CVE-2017-17439 CVSS-5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P) |
Denial | This strike exploits a null pointer dereference vulnerability in MIT Heimdal KDC. A specially crafted AS-REQ message where the sname or cname field does not exist will trigger a null pointer dereference. This will cause the KDC service to terminate abnormally, leading to a denial of service condition. Note: Server is required to have EXAMPLE.COM as a valid realm, otherwise the nosploit may be detected as an exploit. |
| 4.3 | E18-mapo1 |
BID-102917 CVE-2018-6377 CVSS-4.3 (AV:N/AC:M/AU:N/C:N/I:P/A:N) SCIP-112658 SECURITYTRACKER-1040316 URL |
Exploits | This strike exploits a cross-site scripting vulnerability in Joomla! CMS. This vulnerability is due to inadequate input filtering in com_fields. By exploiting this vulnerability an attacker could execute arbitrary scripts on the target machine. |
| 4.3 | D17-mama1 |
BID-102726 CVE-2017-3144 CVSS-4.3 (AV:N/AC:M/AU:N/C:N/I:N/A:P) SCIP-112265 SECURITYTRACKER-1040194 URL |
Denial | This strike exploits a denial of service vulnerability in ISC BIND. RRSIG answer records contain a Type Covered field. There should be an additional answer record of the type listed in the Type Covered field. If the corresponding record does not exist, and assertion failure occurs, resulting in abnormal program termination. Note: It takes 200 malicious messages to complete this attack. For testing time consideration, this strike sends 20. |