| Ticket | Info |
|---|---|
| US80585 | The previous superflow - BreakingPoint Twitch.tv - has been deprecated |
| US83534 | Added fixed content size HTTP attribute for the media stream in BBC iPlayer Radio SuperFlow. Removed the "Connection: close" HTTP attribute from some messages in BBC iPlayer Radio and BBC iPlayer SuperFlows. |
| US84659 | The encoding of syslog messages over TCP was changed to comply with RFC 6587 (Section 3.4.1).Syslog messages are now preceded by their length and a space character. |
| US84660 | The 'Proxy' tag was added to the following Syslog Super Flows:1. ClientSim Syslog2. Syslog3. Syslog TLS |
| Name | Category | Info |
|---|---|---|
| Twitch Mar18 | Voice/Video/Media | Twitch is a live streaming platform that primarily focuses on video game live streaming, "real life" streams and music broadcast; content on the site can either be viewed live or via video on demand. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. |
| JSONRPC | Remote Access | JSON-RPC is a stateless, light-weight remote procedure call (RPC) protocol. Primarily this specification defines several data structures and the rules around their processing. It is transport agnostic in that the concepts can be used within the same process, over sockets, over http, or in many various message passing environments. It uses JSON (RFC 4627) as data format. |
| STRATUM | Remote Access | Stratum is an extension of JSON-RPC for cryptocurrency mining client to communicate with the mining pool server. |
| Name | Category | Info |
|---|---|---|
| Twitch Mar 18 | Voice/Video/Media | Simulates the use of Twitch.tv as of March 2018. The user loads the twitch.tv page, selects the Browse button and then lists the available Top Channels from which a channel is selected and played. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The 'Max. Request/Response Pairs per Action' and 'Max. Generated File Size' flow parameters can be used to control the number and size of the interactions performed by the actions. |
| JSON-RPC Array Parameters | Remote Access | The client and server use JSON-RPC with array parameters to communicate.The client first sends a request to server and the sever replies with a success response;next, the client sends a notification to server and server does not reply;finally, the client sends a request and the server replies with a error repsone. |
| JSON-RPC Dictionary Parameters | Remote Access | The client and server use JSON-RPC with dictionary parameters to communicate.The client first sends a request to server and the sever replies with a success response;next, the client sends a notification to server and server does not reply;finally, the client sends a request and the server replies with a error repsone with extra data. |
| Stratum | Remote Access | Stratum is an extension of JSON-RPC for cryptocurrency mining client to communicate with the minging pool serverThe client first sends a request to subscribe to the pool server;the server responds with Set Difficulty reponse and the actual notification on difficulty;the server then sends several notifications on mining jobs;the client sends server with mining worker credentials to start mining. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E18-a4su1 |
CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) EXPLOITDB-44374 |
Exploits | This strike exploits a code execution vulnerability in osCommerce 2.3.4.1. This vulnerability is due to improper sanitization of the HTTP data when the client sends http traffic to the server. A remote attacker can trigger this vulnerability by sending a malicious request to the web interface. This results in the ability to execute system commands on the target device. |
| 10.0 | E18-0ouo1 |
CVE-2018-7600 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | This strike exploits a vulnerability in Drupal Core open-source CMS. The vulnerability is due to improper validation of user-supplied data while performing serverside deserialization of php objects. A malicious user can exploit this vulnerability by sending multiple HTTP POST requests including php-serialized objects. When exploited, the vulnerability can result in complete compromise of the target server. |
| 10.0 | E18-0om91 |
CVE-2018-7297 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) EXPLOITDB-44368 URL |
Exploits | This strike exploits a code execution vulnerability in the HomeMatic CCU2 control unit. This vulnerability is due to improper sanitization for the HTTP header when server sends http traffic back to client. A remote attacker can trigger this vulnerability by sending malicious request to web interface, results in read/write access and execute system commands on the target device. |
| 7.6 | E18-3dwl1 |
BID-102085 CVE-2017-11909 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-43467 GOOGLE-1384 |
Exploits | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the Javascript Chakra engine. It is possible to create Javascript in such a way that allows for the RemoveEmptyLoopAfterMemOp function to remove empty function loops. However, when this is called it may not take all branches into consideration and can potentially break the control flow. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.6 | E18-3dup1 |
BID-101733 CVE-2017-11841 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-43181 GOOGLE-1366 |
Exploits | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the Javascript Chakra engine. It is possible to create Javascript in such a way that when a call is made to an Inlinee method the returned method is incorrect and it will potentially skip returning the proper instruction. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.6 | E18-3dtj2 |
BID-101126 CVE-2017-11799 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-42998 GOOGLE-1333 |
Exploits | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the Javascript Chakra engine. It is possible to create Javascript in such a way that a change to the opcode of an instruction can generate a bailout but some calling patterns are not considered, and some pointers are not freed or unlinked. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
| 7.5 | E18-0omu1 |
CVE-2018-7318 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) EXPLOITDB-44163 |
Exploits | This strike exploits an SQL injection vulnerability in the CheckList component for Joomla!. The vulnerability is due to the improper sanitization of requests sent to the application. An attacker could exploit this by sending specifically crafted packets, potentially resulting in the execution of SQL commands which may lead to information disclosure. |
| 7.5 | E18-0nli1 |
CVE-2018-5974 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) EXPLOITDB-44126 SCIP-113518 |
Exploits | This strike exploits an SQL injection vulnerability in the SimpleCalendar component for Joomla!. The vulnerability is due to the improper sanitization of requests sent to the application. An attacker could exploit this by sending specifically crafted packets, potentially resulting in the execution of SQL commands which may lead to information disclosure. |
| 7.5 | E18-0mmb1 |
CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits a remote code execution vulnerability in Docker daemon API. An attacker can start a docker container, attach host's /etc to the container and read/write files in etc. |
| 7.5 | E18-0orl1 |
BID-103203 CVE-2018-7489 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits an insecure deserialization vulnerability in FasterXML jackson-databind. The vulnerability is due to improper validation of user input used in deserialization and instantiation of Java objects. This is an incomplete fix for CVE-2017-7525. By sending a maliciously crafted JSON input, an attacker could achieve remote code execution in the context of the vulnerable application. |
| 6.8 | E18-0jqy1 |
BID-103593 CVE-2018-0986 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) EXPLOITDB-44402 SECURITY_TRACKER-1040631 URL |
Exploits | This strike exploits a remote code execution vulnerability in Microsoft Malware Protection Engine. The vulnerability is due to how the engine handles specially crafted RAR files during scanning. By exploiting this vulnerability, an attacker could execute arbitrary code in the security context of the LocalSystem account and take control of the system. |
| 6.8 | E18-0y8c1 |
CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) EXPLOITDB-44365 |
Exploits | This strike exploits a stack based buffer overflow vulnerability in Allok Video Joiner 4.6.1217. If a register key is imported with an overly large amount of data, the stack can overflow allowing for remote code execution. |
| 6.4 | E17-0xa41 |
CVSS-6.4 (AV:N/AC:L/AU:N/C:P/I:P/A:N) EXPLOITDB-43132 URL |
Exploits | This strike exploits a remote code execution in Mako Server application when default installation including tutorials was performed. The vulnerability is due to improper sanitization of HTTP PUT requests to "save.lsp" web page. By sending a maliciously crafted HTTP request, a remote, unauthenticated attacker could execute arbitrary operating system commands. |
| 5.5 | E18-3fvh1 |
BID-103201 CVE-2017-14461 CVSS-5.5 (AV:N/AC:L/AU:S/C:P/I:N/A:P) URL |
Exploits | This strike exploits an out-of-bounds read vulnerability in Dovecot. If multiple To or From fields are present and certain special character requirements are met, such as the inclusion of the '(' or '[' characters without the corresponding closing characters, a heap buffer over-read will occur. An attacker can send a specially crafted SMTP message to exploit this vulnerability. Successful exploitation may result in information disclosure or abnormal termination of the dovecot process, resulting in a denial of service condition. |
| 5.0 | E18-0osz1 |
CVE-2018-7539 CVSS-5.0 (AV:N/AC:L/AU:N/C:P/I:N/A:N) URL |
Exploits | This strike exploits a directory traversal vulnerability within the fuzzd webserver running the Appear TV Maintenance Centre application. A remote, unauthenticated attacker could exploit this vulnerability by sending a specially crafted HTTP request to the target server. Successful exploitation results in the disclosure of arbitrary file contents from the target server. |
| 5.0 | E18-0n6r1 |
CVE-2018-5443 CVSS-5.0 (AV:N/AC:L/AU:N/C:P/I:N/A:N) URL ZDI-18-143 |
Exploits | This strike exploits a SQL injection vulnerability in Advantech WebAccess Node. The vulnerability is due to lack of proper validation of user-supplied data used to construct SQL queries. A specially crafted HTTP request could allow the attacker to access and modify sensitive information within the SQL database. |
| 5.0 | E17-3d6m1 |
BID-99515 CVE-2017-10974 CVSS-5.0 (AV:N/AC:L/AU:N/C:P/I:N/A:N) EXPLOITDB-42303 |
Exploits | This strike exploits a local file information disclosure vulnerability in YAWS application. The root cause of this flaw is a directory traversal vulnerability. The vulnerability is due to invalidation of user input sent in requested URLs. Successful exploitation will allow an attacker to obtain sensitive information from the server, including SSL private key, configuration files and access logs. |
| 5.0 | E18-0o8a1 |
CVE-2018-6794 CVSS-5.0 (AV:N/AC:L/AU:N/C:N/I:P/A:N) URL |
Exploits | This strike exploits a content detection bypass in Suricata. Suricata has state dependent connection, and as such will not perform some detection on TCP session which has not completed the TCP handshake and become established. However, many HTTP client applications, such as wget, curl, and some web browsers, will still process data received before the TCP session is established. An attacker could send malicious content during the TCP handshake, before the session is established, and the malicious content would not be processed by Suricata. Successful exploitation would bypass detection by Suricata. |