| Ticket | Info |
|---|---|
| DE8845 (1462367) | The fix here is to correctly write the default IP address values in IPV6 into the report data regardless the Network Neighborhood's IP version. |
| DE8898 | STUN2 Binding Request and its corresponding Binding Success response now have the same transaction id value. |
| US79063 | Fixed STUN ports issues for the peer-to-peer version of the WhatsApp protocol. There are now 5 request-responses issued and the relevant STUN port remains constant throughout all sessions. |
| US79149 | Fixed missing bind request for local peer, for the peer-to-peer version of the WhatsApp protocol. "Peer to Peer Call Step 7: Local STUN" action was added to superflow "WhatsApp Peer to Peer Voice Call" |
| Ticket | Info |
|---|---|
| US78648 | A new parameter called the "Payload Size" has been added to the SunRpc protocol, "Rpc Call" action. Once the parameter is set to a payload of the size equal to the value set is generated. |
| US78874 | Enhanced Microsoft Lync SIPe by adding the following actions: SERVICE 200 Response, INVITE 100 Response, INVITE 101 Response, INVITE 200 Response, BYE Request, BYE Response. Complemented 'Proxy Authorization Type' parameter choices with 'TLS-DSK'. Corrected the word 'NEGOCIATE' - the correct message type is 'NEGOTIATE'. |
| Name | Category | Info |
|---|---|---|
| Slack Oct17 | Enterprise Applications | Simulates the use of the Slack website as of October 2017. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Skype for Business Nov17 | Voice/Video/Media | Skype for Business is a unified communications platform targeted to businesses. Its main features include instant messaging, voice over IP, voicemail, file transfers, video conferencing, web conferencing and email. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
| Name | Category | Info |
|---|---|---|
| Slack Oct 17 | Enterprise Applications | Simulates the use of the Slack website as of October 2017. All of the available actions for this flow are included. |
| Skype for Business Nov17 IM Chat | Voice/Video/Media | Simulates an instant-messaging session of Skype. |
| Skype for Business Nov17 Audio Call | Voice/Video/Media | Simulates a Skype audio call. |
| Skype for Business Nov17 Video Call | Voice/Video/Media | Simulates a Skype video call. |
| DDoS RPCBomb | Distributed Computing | This Denial of Service attack floods a remote host with RPC call messages. Repeated calls will each consume memory equal to the payload size of the message. The request is large enough to cause UDP fragmentation. |
| Name | Info |
|---|---|
| DDoS RPCBomb | A new DDoS attack RPCbomb has been implemented. The attack performs the actions where the attackers sends a large rpc call message to the server causing memory allocation and udp fragmentation. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 9.3 | E17-ma7h1 |
BID-101590 CVE-2017-13090 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) SECURITYTRACKER-1039661 URL |
Exploits | This strike exploits a heap buffer overflow vulnerability in Wget. Wget can accept HTTP responses using chunked encoding. Due to typecasting, very large negative values will result in a heap buffer overflow. An attacker may respond to an HTTP GET request with an HTTP 200 OK Response with chunked encoding and a chunk with a very large negative size value to exploit this vulnerability. Successful exploitation may result in arbitrary code execution with privileges of the user running Wget, or abnormal program termination. |
| 9.3 | E17-ma7h2 |
BID-101592 CVE-2017-13089 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) SECURITYTRACKER-1039661 URL |
Exploits | This strike exploits a heap buffer overflow vulnerability in Wget. Wget can accept HTTP responses using chunked encoding. Due to typecasting, very large negative values will result in a heap buffer overflow. An attacker may respond to an HTTP GET request with a response of any type other than HTTP 200 OK, with chunked encoding and a chunk with a very large negative size value to exploit this vulnerability. Successful exploitation may result in arbitrary code execution with privileges of the user running Wget, or abnormal program termination. |
| 7.5 | E17-3e391 |
BID-100591 CVE-2017-12149 CVSS-7.5 (AV:N/AC:M/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits a Java unrestricted Deserialization vulnerability in JBoss application server. The vulnerability is due to the way in which the doFilter method does not restrict classes for which it performs deserialization. Successful exploitation will allow an attacker to execute arbitrary code via crafted serialized data. |
| 6.8 | E17-3ep41 |
BID-100603 CVE-2017-12936 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits an Use After Free vulnerability in Graphics Magic - ReadWMFImage function. The vulnerability is due to an out-of-order call of one of the routines handling WMF files. An attacker could execute arbitrary code by enticing a user to open a crafted file using the vulnerable software. |
| 6.8 | E17-3dv93 |
BID-101723 CVE-2017-11861 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) GOOGLE-1343 |
Exploits | This strike exploits a vulnerability in Microsoft Edge. Specifically, the vulnerability exists within the Chakra engine's LowerBoundCheck function. It is possible to craft javascript in such a way, that on a 64bit system, LowerBoundCheck will incorrectly determine whether or not an integer overflow has occurred. When a TypedArray is accessed as a 64bit integer an out of bounds memory access will occur. This can cause a denial of service or potentially lead to remote code execution. |
| 5.0 | E17-3g691 |
BID-101056 CVE-2017-14849 CVSS-5.0 (AV:N/AC:L/AU:N/C:P/I:N/A:N) URL |
Exploits | This strike exploits a directory traversal vulnerability in Node.js 8.5.0. The vulnerability is caused by improper sanitization of the normalize method in a HTTP request. An unauthenticated remote attacker could exploit this vulnerability by sending a crafted HTTP request to the target application, leading to gain unauthorized access to information. |
| 2.1 | E17-0fav1 |
BID-95328 CVE-2017-5223 CVSS-2.1 (AV:L/AC:L/AU:N/C:P/I:N/A:N) EXPLOITDB-43056 |
Exploits | This strike exploits a local information disclosure vulnerability in PHPMailer. The vulnerability is due to insufficient validation of user-supplied input by the msgHTML function. Successful exploitation will allow an attacker to obtain sensitive information on the server. |