| Ticket | Info |
|---|---|
| DE6619 | Fixed an issue where not all strikes sending HTTP traffic were encrypted when run with SSL::EnableOnAllHTTP evasion profile. |
| Ticket | Info |
|---|---|
| US56269 | Deprecated old super flows: Youtube Bandwidth, YouTube Enterprise, YouTube Service Provider, Youtube, Youtube Mobile (Apple iPod Touch), YouTube LTE Mix, Youtube July 2013. These are covered by the new YouTube apps: YouTube Music (which is the mobile version) and YouTube September 2016.
Added new superflow: Youtube Music Bandwidth. |
| Name | Category | Info |
|---|---|---|
| Salesforce | ERP/CRM | Salesforce provides a cloud based customer relationship management (CRM) product. Here we emulate the basic Salesforce actions when the Lightning user interface is used. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Baidu Oct16 | Social Networking/Search | Emulates the use of the Baidu website as of October 2016. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| HBO Now Oct16 | Voice/Video/Media | HBO Now video streaming. This emulation includes the HTTP streaming used for the video. The HTTP and HTTPS used for login/logout, advertise placement, movie selection and selected playback control is also included. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Name | Category | Info |
|---|---|---|
| YouTube Music Bandwidth | Mobile | Traffic that simulates playing a few videos, generating a large stream over data, for use in Sandvine profiles. |
| Salesforce | ERP/CRM | The user signs into their Salesforce account, browses the Top Deal list for the day, updates the call log and then proceeds to update the value of a deal found in their Opportunities list. A note is then selected and edited. Next the Dashboard is accessed and the Adoption dashboard is selected. This is followed by adding a meeting to the calendar and then logging out. |
| Salesforce Login/Logout | ERP/CRM | The user signs into his Salesforce account and after viewing the initial page signs out. |
| Baidu Search Oct 16 | Social Networking/Search | Emulates the use of the Baidu website as of October 2016. Emulate the process to input a key word, search the key word on Baidu and get the search result. All of the available actions for this flow are exercised. |
| HBO Now Desktop | Voice/Video/Media | HBO Now video streaming to a desktop. This includes the TCP streaming used for the video. Also the HTTP and HTTPS used for login/logout, advertise placement, movie selection and selected playback control is included. Note that the host and flows needed for TCP will be dynamically created. |
| Name | Info |
|---|---|
| Top Five Web Sites 2016 | This traffic mix represents five of the most popular web sites applications in 2016. |
| Top Five iOS Apps 2016 | This traffic mix represents five of the most popular iOS applications in 2016. |
| Name | Info |
|---|---|
| DDoS TCP RST Flood | This test component sends out a flood of TCP packets with the RST flag set. This DDoS attack is typically seen as a reflection attack that hides the source of the attack. RST packets are sent in response to a TCP packet that is received out of session state. |
| DDoS ICMP Echo Reply Flood | The Echo Reply Flood is typically the result of an Echo Request packet directed at a broadcast or multicast address with the source address assigned to the victim IP address. The subsequent reflected traffic is directed at the victim. This component emulates the reflected traffic directed at the victim. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E15-5ci01 |
APSB-15-06 BID-74062 CVE-2015-3042 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) GOOGLE-224 |
Exploits | This strike exploits a remote code execution vulnerability in Adobe Flash Player. There is a failure in the PCRE engine version used in Flash that allows the execution of arbitrary PCRE bytecode, with potential for memory corruption and RCE. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process. |
| 10.0 | E15-39501 |
APSB-15-04 BID-72514 CVE-2015-0329 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) GOOGLE-225 |
Exploits | This strike exploits a remote code execution vulnerability in Adobe Flash Player. There’s a logic issue in the PCRE engine version used in Flash that allows the execution of arbitrary PCRE bytecode. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process. |
| 10.0 | E15-39301 |
APSB-15-04 BID-72514 CVE-2015-0327 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) GOOGLE-223 SECURITYTRACKER-1031706 |
Exploits | This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to a failure to check the number of objects before conducting a copy operation when JSON.stringify is called. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process. |
| 10.0 | E15-39001 |
APSB-15-04 BID-72514 CVE-2015-0324 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) GOOGLE-218 |
Exploits | This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to an integer overflow in JSON.stringify. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process. |
| 9.3 | E15-39c01 |
APSB-15-05 BID-73084 CVE-2015-0336 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) EXPLOITDB-36962 GOOGLE-229 URL |
Exploits | This strike exploits a remote code execution vulnerability in Adobe Flash Player. The vulnerability is due to errors while handling ASNative 2100 NetConnection calls, where an issue to verify the type of object occurs. An attacker can entice a target to open a specially crafted flash file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the flash process. |
| 9.3 | E16-5ly01 |
BID-93386 CVE-2016-3382 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) MS16-118 |
Exploits | This strike exploits a vulnerability in the Microsoft Internet Explorer and Edge Browser's Chakra Scripting Engine. The vulnerability is due to the scripting engine's VarToDispEx function using the ActivationObjectEx object as a pointer to a different javascript function. If this function pointer is assigned to an eval function it is possible to cause type confusion to occur when later referencing this ActivationObjectEx function. |
| 4.3 | E16-5ir01 |
BID-93376 CVE-2016-3267 CVSS-4.3 (AV:N/AC:M/AU:N/C:P/I:N/A:N) MS16-118 |
Exploits | This strike exploits an information disclosure vulnerability in the Microsoft Internet Explorer and Edge Browsers. It is possible for an attacker to attach a readystatechange event handler to an iframe in such a way that allows information about a Portable Executable file to be disclosed to the user via the Res protocol URI. |
| 2.6 | E16-5jm01 |
BID-93392 CVE-2016-3298 CVSS-2.6 (AV:N/AC:H/AU:N/C:P/I:N/A:N) MS16-118 |
Exploits | This strike exploits an information disclosure vulnerability in Microsoft Internet Explorer. Specifically, when the loadXML function is called on an MSXML DOMDocument with URI set to a malicious MHTML URI, it is possible to discern whether or not a file exists on the target system through errors that are reported back to the user of whether or not that file exists. A malicious user can use abuse this funcitonality to disclose this information about the target user's system. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E14-50p01 |
BID-68363 CVE-2014-2617 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | Fixed and issue where not all strikes sending HTTP traffic were encrypted when ran with SSL::EnableOnAllHTTP evasion profile. |
| 7.5 | E14-adq01 |
BID-72876 CVE-2014-9566 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) |
Exploits | Fixed and issue where not all strikes sending HTTP traffic were encrypted when ran with SSL::EnableOnAllHTTP evasion profile. |
| 7.5 | E14-86l01 |
BID-65902 CVE-2014-0003 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | Fixed and issue where not all strikes sending HTTP traffic were encrypted when ran with SSL::EnableOnAllHTTP evasion profile. |
| 5.7 | E15-atg01 |
BID-74743 CVSS-5.7 (AV:N/AC:M/AU:N/C:P/I:P/A:N) |
Exploits | Fixed and issue where not all strikes sending HTTP traffic were encrypted when ran with SSL::EnableOnAllHTTP evasion profile. |
| 5.0 | E15-4eu01 |
BID-76452 CVE-2015-1830 CVSS-5.0 (AV:N/AC:L/AU:N/C:N/I:P/A:N) ZDI-15-407 |
Exploits | Fixed and issue where not all strikes sending HTTP traffic were encrypted when ran with SSL::EnableOnAllHTTP evasion profile. |
| 5.0 | D16-4zd01 |
BID-83406 CVE-2016-2569 CVSS-5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P) SECURITYTRACKER-1035101 URL |
Denial | Fixed and issue where not all strikes sending HTTP traffic were encrypted when ran with SSL::EnableOnAllHTTP evasion profile. |
| 4.3 | E15-5n201 |
BID-75263 CVE-2015-3422 CVSS-4.3 (AV:N/AC:M/AU:N/C:N/I:P/A:N) URL |
Exploits | Fixed and issue where not all strikes sending HTTP traffic were encrypted when ran with SSL::EnableOnAllHTTP evasion profile. |
| 4.3 | E15-3qv01 |
BID-74059 CVE-2015-0967 CVSS-4.3 (AV:N/AC:M/AU:N/C:N/I:P/A:N) URL |
Exploits | Fixed and issue where not all strikes sending HTTP traffic were encrypted when ran with SSL::EnableOnAllHTTP evasion profile. |
| 4.3 | E14-51c01 |
BID-70206 CVE-2014-2640 CVSS-4.3 (AV:N/AC:M/AU:N/C:N/I:P/A:N) URL |
Exploits | Fixed and issue where not all strikes sending HTTP traffic were encrypted when ran with SSL::EnableOnAllHTTP evasion profile. |
| 2.6 | D13-rv101 |
BID-88095 CVE-2012-4534 CVSS-2.6 (AV:N/AC:H/AU:N/C:N/I:N/A:P) |
Denial | Fixed and issue where not all strikes sending HTTP traffic were encrypted when ran with SSL::EnableOnAllHTTP evasion profile. |