| Ticket | Info |
|---|---|
| DE3978 | Corrected strike D11-6iu01 to generate valid JPEG documents with embedded EXIF exploit tags. Metadata also updated. |
| DE8133 (1448880) | Removed fuzzing and analysis strikes by specific name from smart strike list "All Strikes". This reduces the number of strikes run by 167 strikes. |
| DE8291 | Corrected the protocol name for "Office365 Word Online Jul17" and "Office 365 PowerPoint Online Aug17" by removing "Online" word from protocol name field. |
| Ticket | Info |
|---|---|
| US66327 | Added new super flow: Google Drive Aug 17. It includes all the actions of the old super flow plus a 'Download File' action.Deprecated old super flow: Google Drive Jun 14. It was replaced in the Cloud Storage Protocols application profile too. |
| US71711 | WhatsApp protocol was enhanced. Added 10 new actions and one superflow called "WhatsApp Voice Call". The actions are named according to their step in the whatsapp call process. Several steps can be used multiple times in order to better replicate real traffic. New parameters "Ringing and/or Check Connection Instances" and "Call Duration" can be used to modify the call length. |
| US72788 | Added support for decrypting ZIP encrypted attachments before being sent as the body of HTTP response. The “Enable ZIP Password Decryption” parameter can be found under “Response 200 (OK)” action of HTTP flow. The password is pre-defined and it must be 'infectedati123' to successfully decrypt the file. A string containing the decrypted data will be returned if success, otherwise an empty string. |
| Name | Category | Info |
|---|---|---|
| Google Drive Aug17 | Distributed Computing | Google Drive is a cloud storage and synchronization service that allows users to create and share files and synchronize them across devices. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Name | Category | Info |
|---|---|---|
| Google Drive Aug 17 | Distributed Computing | Simulates the creation of documents, spreadsheets and presentations, as well as the download and upload of files. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| WhatsApp Voice Call | MobileVoice/Video/MediaChat/IM | Simulates the WhatsApp Call protocol. The call length can be varied, within a granulation of two seconds. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 9.3 | E17-0ipi1 |
BID-100097 CVE-2017-9638 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL ZDI-17-508 |
Exploits | This strike exploits a stack buffer overflow vulnerability in Mitsubishi Electric E-Designer. The vulnerability is due to improper parsing of the parameters in a project file. An attacker can entice a target to open a specially crafted E-Designer Project File to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the application. |
| 9.3 | E17-m9fz1 |
BID-98818 CVE-2017-8464 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) EXPLOITDB-42429 SCIP-102377 SECURITYTRACKER-1038671 URL |
Exploits | This strike exploits a remote code execution vulnerability in Microsoft Windows LNK Shortcut File.The attacker can present to the user a removable drive that contains a malicious LNK file and an associated malicious binary. When the user opens this drive in Windows Explorer the malicious binary will execute malicious code. |
| 7.6 | E17-0hxo1 |
BID-100056 CVE-2017-8636 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-42466 |
Exploits | This strike exploits a vulnerability in the Microsoft Edge browser. It is possible to cause a stack buffer to overflow by creating new objects with specific elements as arguments that repeat in javascript. When this code is executed a buffer overflows and a denial of service condition occurs. Remote code execution may also be possible. |
| 7.6 | E17-0hv81 |
BID-98954 CVE-2017-8548 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) GOOGLE-1290 |
Exploits | This strike exploits a vulnerability in Microsoft Edge. Specifically, the Javascript Chakra engine assumes that the specified array will be a float array, however, it is possible to modify this type with the valueOf handler, which will result in type confusion. This can cause a denial of service in the browser or potentially allow for remote code execution to occur. |
| 7.5 | E14-wwyt1 |
BID-71686 CVE-2014-10021 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits a file upload vulnerability in Wordpress WP Symposium Plugin version 14.11. The vulnerability is due to lack of sanitization of the user-uploaded files in UploadHandler.php. By exploiting this vulnerability, an unauthenticated attacker can execute arbitrary code by uploading files on the server and execute them. |
| 7.5 | E17-3d6w1 |
BID-99876 CVE-2017-10984 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) SCIP-103703 URL |
Exploits | This strike exploits a heap buffer overflow in FreeRADIUS. If a RADIUS message contains an attribute-value pair containing a WiMax VSA with the continuation flag set and no additional VSAs, a heap based buffer overflow occurs. Successful exploitation may result in execution of arbitrary code or abnormal termination of the radiusd daemon, resulting in a denial of service condition. |
| 6.8 | E17-0h0i4 |
CVE-2017-7442 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits an unsafe Javascript API implemented in Nitro and Nitro Pro PDF Reader. The vulnerability is due to an improper validation of the file content during handling of PDF files. An attacker could write files to the file system and execute local files while bypassing the security dialog by enticing a user to open a malicious file with the vulnerable software. |
| 6.5 | E16-0c961 |
BID-97910 CVE-2017-1274 CVSS-6.5 (AV:N/AC:L/AU:S/C:P/I:P/A:P) SCIP-100584 SECURITYTRACKER-1038358 URL |
Exploits | This strike exploits a stack-based buffer overflow vulnerability in the IBM Domino Server IMAP service. The vulnerability can be triggered post-authentication by using an imap command on a mailbox name of a very large size. An attacker could exploit this vulnerability to gain SYSTEM level privileges on the target machine. * NOTE: This vulnerability was targeted with ShadowBrokers EmphasisMine exploit. |
| 5.0 | D17-3d6y1 |
BID-99971 CVE-2017-10986 CVSS-5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P) SCIP-103705 URL |
Denial | This strike exploits an integer underflow vulnerability in FreeRADIUS. When processing DHCP packets with Option data containing a string which either starts with a null byte or contains multiple consecutive null bytes, an integer underflow occurs. Successful exploitation may result in abnormal termination of the radiusd process, resulting in a denial of service condition. |
| 4.3 | E17-0hy41 |
BID-100047 CVE-2017-8652 CVSS-4.3 (AV:N/AC:M/AU:N/C:P/I:N/A:N) EXPLOITDB-42445 GOOGLE-1255 |
Exploits | This strike exploits a vulnerability in Microsoft Edge. Specifically, when a textarea element contained inside a form element is created, an eventhandler modifies the value inside this element, and the form is reset, a heap buffer is freed. Later when this memory is referenced in the function InsertSanitizedTextEx a use after free condition occurs. This may result in a denial of service in the browser or potentially lead to remote code execution. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 6.4 | D11-6iu01 |
BID-50907 CVE-2011-4566 CVSS-6.4 (AV:N/AC:L/AU:N/C:P/I:N/A:P) URL |
Denial | Corrected strike D11-6iu01 to generate valid JPEG documents with embedded EXIF exploit tags. Metadata also updated. |