| Ticket | Info |
|---|---|
| DE8361 (1452648) | Made alterations to security engine SSL to increase performance and improve robustness for failure conditions. |
| Ticket | Info |
|---|---|
| US74868 (INF1454136) | New superflow for WhatsApp protocol, WhatsApp Peer to Peer Voice Call. Includes Peer to Peer actions similar to the WhatsApp Voice Call, which was implemented via server only. |
| US75532 | Multicast DNS has been enhanced to allow more options when creating resource records.The "BreakingPoint Apple Bonjour Bulk Multicast DNS Service Discovery" superflow has been added to demonstrate these new options. This superflow issues a user configurable number of Apple Bonjour mDNS announcements. |
| US75726 | Deprecated Application Protocol 'Office365 Outlook Tasks Jul15'Deprecated Super Flows 'BreakingPoint Office 365 Outlook Tasks Jul 15', 'Office 365 Outlook Tasks Jul 15 Create and Delete a task' and 'Office 365 Outlook Tasks Jul 15 Mark task completed and Select tasks' |
| Name | Category | Info |
|---|---|---|
| Box Oct17 | Data Transfer/File Sharing | Box is a cloud content management platform that provides file sharing and collaboration services. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Google Plus Sept 17 | Social Networking/Search | Google Plus is an internet based social network that is owned and operated by Google. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Office 365 Outlook Tasks Sep17 | Social Networking/Search | The use of the Office 365 Outlook Tasks website as of September 2017. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Name | Category | Info |
|---|---|---|
| WhatsApp Peer to Peer Voice Call | Chat/IM | Simulates the WhatsApp Peer-to-Peer Call protocol. The call length can be varied, within a granulation of three seconds. Incrementing the loop from the GoTo action adds another 3 seconds of call by repeating steps Audio Data (9) and Heartbeat (4). This voice call has the following steps in this order: XMPP Authenticate, STUN Allocation, XMPP Stun, Heartbeat, Server Begin, XMPP Negotiate Switchover, STUN Signaling, Bind with Peer, Audio Data (and Heartbeat), End Call, Server Goodbye and XMPP Terminate. |
| Apple Bonjour Bulk Multicast DNS Service Discovery | System/Network Admin | This Super Flow uses a Goto action to generate a large amount of mDNS announcements. Token are used to make the domain and service names unique. |
| SMB File Stress Download ClientSim | Data Transfer/File Sharing | A SMB client reads a file from a shared directory. It authenticates a local user account on the remote system using NTLM or LanManager credentials. It reads the entire contents of a remote file on an SMB or SMB2 share. It expects the Username 'your_username' with a password of 'your_password' to be present on the remote system. |
| Box Oct 17 | Data Transfer/File Sharing | The user logs into the application, creates a Box Note and performs a series of actions on files like search, share, upload and download. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Box Oct 17 Collaborate on Files | Data Transfer/File Sharing | The user sends a share invite to a collaborator, posts a comment on a file, assigns a task and completes it after uploading a new version of the file. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Google Plus Photo Post Sept 17 | Social Networking/Search | The user performes the following actions - navigate to Google Plus site, signs in using his email address, publishes post with photo, deletes the post the user just published, signs out of Google Plus. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Google Plus Text Post Sept 17 | Social Networking/Search | The user performes the following actions - navigate to Google Plus site, signs in using his email address, publishes post with text only, comments on an existing post, shares an existing post, deletes the post the user just published, signs out of Google Plus. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Office 365 Outlook Tasks Sep 17 | Social Networking/Search | The use of the Office 365 Outlook Tasks website as of September 2017. All of the available actions for this flow are exercised. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Office 365 Outlook Tasks Sep 17 Create and Delete a task | Social Networking/Search | The use of the Office 365 Outlook Tasks website as of September 2017. The user signs in to Office365 Tasks, creates a new task, views the list of active tasks and deletes the newly created task. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Office 365 Outlook Tasks Sep 17 Mark task completed and Select tasks | Social Networking/Search | The use of the Office 365 Outlook Tasks website as of September 2017. The user signs in to Office365 Tasks and marks the selected task as completed. The user also checks the overdue tasks, the completed tasks and the active tasks This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E17-3fku1 |
BID-100966 CVE-2017-14078 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) ZDI-17-803 |
Exploits | This strike exploits a SQL injection vulnerability in Trend Micro Mobile Security Enterprise. The slink_id HTTP parameter is vulnerable to SQL injection. slink_id can also be accessed via JSON in the HTTP request body. An attacker can send a specially crafted HTTP request to achieve SQL injection. Successful exploitation may lead to arbitrary SQL code execution with SYSTEM privileges. |
| 9.3 | E17-0i131 |
BID-100742 CVE-2017-8759 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) EXPLOITDB-42711 URL |
Exploits | This strike exploits a Remote Code Execution vulnerability in Microsoft .Net Framework. The vulnerability is due to improper validation of user-controlled input while parsing WSDL files. An attacker could remotely execute arbitrary code on a target system by convincing a target user to open a malicious document. |
| 9.3 | E17-0hvu1 |
CVE-2017-8570 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) SCIP-103434 URL |
Exploits | This strike exploits a remote code execution vulnerability in Microsoft Office. The vulnerability can be triggered by crafting an office document that leverages Composite Monikers. An attacker could exploit this vulnerability to execute code in the context of the current user. |
| 8.5 | E17-3edl1 |
BID-100367 CVE-2017-12521 CVSS-8.5 (AV:N/AC:M/AU:S/C:C/I:C/A:C) URL ZDI-17-685 |
Exploits | This strike exploits an Expression Language Injection vulnerability in Hewlett Packard Enterprise (HPE) Intelligent Management Center. The vulnerability is due to improper input validation of HTTP request parameters. A remote, authenticated attacker can execute arbitrary code on the targeted system by sending a crafted HTTP request to the target server. |
| 8.5 | E17-3ecq1 |
BID-100367 CVE-2017-12490 CVSS-8.5 (AV:N/AC:M/AU:S/C:C/I:C/A:C) URL ZDI-17-654 |
Exploits | This strike exploits an Expression Language Injection vulnerability in Hewlett Packard Enterprise (HPE) Intelligent Management Center. The vulnerability is due to improper input validation of some HTTP POST requests payload. A remote, authenticated attacker can execute arbitrary code on the targeted system by sending a crafted HTTP request to the target server. |
| 7.8 | E17-m9zv1 |
BID-100872 CVE-2017-9798 CVSS-7.8 (AV:N/AC:L/AU:N/C:N/I:N/A:C) EXPLOITDB-42745 SECURITYTRACKER-1039387 URL |
Exploits | This strike exploits a memory leak vulnerability in Apache httpd. Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations. |
| 7.8 | D17-m9ja1 |
BID-99298 CVE-2017-8797 CVSS-7.8 (AV:N/AC:L/AU:N/C:N/I:N/A:C) SCIP-102899 SECURITYTRACKER-1038790 URL |
Denial | This strike exploits a denial of service vulnerability in the Linux Kernel. When processing NFS4 LAYOUTGET or GETDEVICEINFO messages with layout_type fields greater than five, a kernel OOPS will occur, causing a denial of service condition. |
| 6.8 | E17-ma001 |
BID-100901 CVE-2017-12615 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) SECURITYTRACKER-1039392 URL |
Exploits | This strike exploits a remote command execution vulnerability in Apache Tomcat. The vulnerability allows attackers to upload arbitrary files to the Tomcat application server by utilizing the HTTP PUT method. By uploading a .JSP file to the Tomcat Application Server, an attacker can execute malicious code on the remote machine. |