| Ticket | Info | ATIBPS-16733 | Increase the count of packets sent by select low-volume strikes to simulate Denial-of-Service flood attacks. Strikes that support the Flood Evasion Profile are grouped in the 'Flood Attacks' strike list.
New EvasionProfile: Flood / Count New Strike List: Flood Attacks |
|---|---|
| ATIBPS-16799 | Added support for T3 protocol, which is used by Oracle Middleware. This will allow users to quickly filter out the relevant strikes which work on this protocol.
New Strike List: T3 protocol Strikes |
| ATIBPS-16285 | Added a "Server Name Indication List" field used for uploading a file containing a list of SNIs, one per line. (requires BPS 9.10+ to be visible) |
| Name | Category | Info |
|---|---|---|
| VNC | Remote | Virtual Network Computing (VNC) is a graphical desktop-sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer. It transmits the keyboard and mouse events from one computer to another, relaying the graphical-screen updates back in the other direction, over a network. |
| Name | Category | Info | Apache2 HTTP2 ClientSim Generic 2020 | System/Network Admin | The client interact with an Apache2 HTTP2 server by first sending a GET request for a file, followed by a conditional request expecting a ':status 200' from the server; then the client sends a POST to the server, followed by another conditional request expecting a second ':status: 200' response. | HTTP/2 2-arm Generic, 2020 | Testing and Measurement | In this Super Flow the client and server communicate with HTTP2 without encryption. | VNC Connect Session Failed | Remote Access | This simulates a VNC login session where the authentication fails. | VNC Connect Successfully Session | Remote Access | This simulates a VNC login session where the authentication is successful. | VNC Full Remote Session | Remote Access | This simulates a full VNC session, where the user logs in to the VNC client and uses remotely a chosen desktop. |
|---|
| Name | Info |
|---|---|
| Sandvine 2018 Global Downstream | It simulates the downstream traffic generated by the top 11 applications reported in the Sandvine Global Internet Phenomena Report October 2018. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E20-0xpm1 | CVE-2019-9082CVSSCVSSv3EXPLOITDB-45978EXPLOITDB-46150 | Exploits | This strike exploits a remote command execution vulnerability in ThinkPHP 5.x less than v5.0.23, v5.1.31. The vulnerability is due to improper validation of parameters in a HTTP GET request. A remote, unauthenticated attacker could exploit this by sending a maliciously crafted request to the server. A successful attack may result in arbitrary command execution in the context of the server process. |
| 9.0 | E20-7rd81 | CVE-2019-15980CVSSCVSSv3URL | Exploits | This strike exploits a directory traversal vulnerability in Cisco Data Center Network Manager. The vulnerability is due to insufficient validation of 'filename' HTTP parameter in the 'saveZoneInputFileToServer' method. An authenticated attacker can exploit this vulnerability by sending a crafted HTTP request to the target server. Successful exploitation results in arbitrary file write, which can be used to achieve remote code execution with SYSTEM privileges. |
| 6.9 | E20-0xxs1 | CVSSCVSSv3EXPLOITDB-43984 | Exploits | This strike exploits a command injection vulnerability in Axis SSI camera. If the camera is configured to allow anonymous view, a remote, unauthenticated attacker could exploit this by sending a maliciously crafted request to the server. A successful attack may result in arbitrary command execution or arbitrary file read. |
| 6.8 | E20-133u1 | CVE-2020-6074CVSSCVSSv3URL | Exploits | A use after free vulnerability exists in PDF parser of Nitro Pro 13.9.1.155 due to incorrect manipulation of objects in memory. An attacker may execute arbitrary code on a victim's system by enticing the victim to open a crafted PDF file. Successful exploitation may lead to remote code execution with the privileges of the user running the application. |
| 6.8 | E20-7pmg1 | CVE-2019-13720CVSSCVSSv3URL | Exploits | This strike exploits a use-after-free vulnerability in the WebAudio component of Google Chrome. The vulnerability is due to incorrect handling of AudioContext objects in memory. A malicious attacker can exploit this vulnerability by creating a specially-crafted HTML page and convince the target user to access it using Chrome. Successful exploitation can potentially lead to remote code execution. |
| 4.4 | E20-15qk1 | CVE-2020-9484CVSSCVSSv3URL | Exploits | An insecure deserialization vulnerability exists in Apache Tomcat. The vulnerability is due to insufficient validation of a cached session file before deserialization. An attacker can exploit this vulnerability by crafting a malicious HTTP request. Successful exploitation results in full control of the target server. |
| Ticket | Info |
|---|---|
| ATIBPS-16607 | The issue with the parameter "Random filename for response data" has been fixed and now takes effect when the user selects and enters a valid value. |
| ATIBPS-16809 | Fixed duplicate Accept header in Strike E18-0nl81. |
| ATIBPS-16810 | Fixed duplicate Content-Type header from response in Strike E18-0n6r1. |
| ATIBPS-16826 | Phishing strikes are not included in Business Application Strikes smart strike list anymore. |
| ATIBPS-16845 | Fixed duplicate Server header from the response in Strike E18-0n6r1. |