Ticket | Info |
---|---|
DE9864 | The multipart messages syntax was corrected in Gmailclassic_130508 SuperFlow by adding a blank line between the header area and the body area. |
Ticket | Info |
---|---|
US89215 | Instagram Bandwidth super flow was restored to use the original flow version Instagram Nov14. A new super flow Instagram Apr18 Bandwidth was added to use the newer version Instagram Apr18. |
Name | Category | Info |
---|---|---|
MQTTOverWebsocket | Distributed Computing | MQTT over WebSocket enables web browser on any device tobecome a full-fledged MQTT client. With MQTT operations such as publish, subscribe etc. could happen in the web browser, web applications can take advantage of highly scalable messaging with a low bandwith overhead. |
Name | Category | Info |
---|---|---|
MQTT Connect and Publish over Websocket | Distributed Computing | MQTT client and server performing connect, publishes activities over Websocket. The client and server first establish Websocket connection via Websocket handshakes; then the client and server exchange MQTT connect, publish, ping, and disconnect messages as payload of Websocket data frames. The containing Websocket connection is terminated in the end. |
MQTT Connect Subscribe and Publish over Websocket | Distributed Computing | Two MQTT clients and one server performing these operations over Websocket: both clients connect to the same server, subscriber client subscribes to a MQTT topic, publish client publishes messages to the same topic, subscriber then receives messages from the server published by publisher. Subscriber unsubscribes from the topic, then both clients disconnect from the server. In the end the containing Websocket connections are terminated by both clients. |
GmailClassic TLSv1.2 | Email/WebMail | Simulates a Google Mail Classic session with Lawful Intercept. The client sends a message request with an embedded Lawful Intercept keyword or needle, in an attempt to test the LI system.TLSv1.2 and cipher AES128-GCM-SHA256 are used for encrypted traffic. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. You can remove all the interactions to a host by deleting that host from the Hosts list. Several versions of this protocol may exist. The version that will be run is appended to the client "Host Nickname" found in the Hosts list. The most recent version will be run if the version number found there is invalid or does not exist. |
Google Play Sandvine Bandwidth TLSv1.2 | Mobile | Simulates Google Play search, view and download with parameters set for high bandwidth. TLSv1.2 and cipher AES128-GCM-SHA256 are used for encrypted traffic. |
Facebook Android TLSv1.2 | Social Networking/Search | Simulates an Android Facebook session by resembling a Facebook API session but with a few differences (DNS and TLSv1.2 are both used).[RFC 1035] |
Facebook iOS TLSv1.2 | Social Networking/Search | Simulates the Facebook iOS application which uses the legacy REST server. TLSv1.2 and cipher AES128-GCM-SHA256 are used for encrypted traffic. |
Google Map Search TLSv1.2 | Social Networking/Search | A search using Google Maps. TLSv1.2 and cipher AES128-GCM-SHA256 are used for encrypted traffic. |
Instagram Apr18 Bandwidth | Social Networking/Search | Instagram simulation of signing in, photo viewing and commenting, as well as sharing a photo before logging out. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The 'Max. Request/Response Pairs per Action' and 'Max. Generated File Size' flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Instagram Bandwidth TLSv1.2 | Social Networking/Search | Instagram simulation of signing in, photo viewing and commenting, as well as sharing a photo before logging out. TLSv1.2 is used for encrypted traffic. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The 'Max. Request/Response Pairs per Action' and 'Max. Generated File Size' flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Twitter View Favorites TLSv1.2 | Social Networking/Search | Simulates the Twitter Service (API version 1.1) utilizing the TwitterAPI Client. The client logs into the service, views the home timeline and then views favorites. TLSv1.2 and cipher AES128-GCM-SHA256 are used for encrypted traffic. |
iTunes Mobile App Store TLSv1.2 | Voice/Video/Media | A mobile device purchasing and downloading an app from the Apple iTunes store. This uses the ITunes (ITMS) protocol. TLSv1.2 and cipher AES128-GCM-SHA256 are used for encrypted traffic. |
iTunes Mobile Music TLSv1.2 | Voice/Video/Media | A mobile device purchasing and downloading music from the Apple iTunes store. This uses the ITunes (ITMS) protocol. TLSv1.2 and cipher AES128-GCM-SHA256 are used for encrypted traffic. |
CVSS | ID | References | Category | Info |
---|---|---|---|---|
9.0 | E18-0gzp1 |
CVE-2017-7413 CVSS-9.0 (AV:N/AC:L/AU:S/C:C/I:C/A:C) URL |
Exploits | The strike exploits an OS command injection vulnerability in Horde Groupware Webmail client. The vulnerability originates from the lack of sanitation in handling the 'generate_email' parameter when generating PGP keys. The parameter will be later passed as a command line argument to the 'gpg' binary, allowing arbitrary commands execution on the host system. |
9.0 | E17-0gl01 |
CVE-2017-6884 CVSS-9.0 (AV:N/AC:L/AU:S/C:C/I:C/A:C) EXPLOITDB-41782 |
Exploits | This strike exploits a command injection vulnerability in Zyxel EMG2926 home router. The vulnerability is due to improper validation of input passed to 'nslookup' function located in the diagnostic tools. By exploiting this vulnerability, a remote unauthenticated attacker can execute arbitrary OS commands on the target router. |
7.6 | E18-0hxo1 |
BID-103986 CVE-2018-8145 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-45011 URL |
Exploits | This strike exploits a vulnerability in the Microsoft Edge browser. It is possible to cause a heap buffer to overflow by creating new objects with specific elements as arguments that repeat in javascript. When this code is executed a buffer overflows and a denial of service condition occurs. Remote code execution may also be possible. |
7.6 | D18-majo1 |
BID-102405 CVE-2018-0758 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-43491 GOOGLE-1380 SECURITYTRACKER-1040100 |
Denial | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in Javascript Chakra engine. Because there is not an Integer Overflow check in place, it is possible to craft Javascript in such a way that causes a bug to occur when LowerSetConcatStrMuliItem is called to concatenate strings. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
7.5 | E18-0p8g1 |
CVE-2018-8096 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) EXPLOITDB-45136 URL |
Exploits | This strike exploits an authentication bypass on Datalust Seq web server. This vulnerability is due to improper use of a HTTP parameter "Name:isauthenticationenabled" under HTTP PUT request. A remote attacker can exploit this vulnerability by sending crafted HTTP PUT request to the system. Successful exploitation results in authentication bypass on target server. |
7.5 | E18-0l7x1 |
BID-104763 CVE-2018-2893 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | An insecure deserialization vulnerability was found in Oracle WebLogic Server. The vulnerability is due to insufficient validation of serialized data within T3 requests. The vulnerability can be exploited by sending a specially crafted serialized object. Successful exploitation can result in arbitrary code execution in the context of the user running WebLogic. |
7.5 | E18-8vf31 |
CVE-2018-1000207 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits a remote code execution vulnerability found in Modx Revolution CMS. The vulnerability is due to improper input validation while processing parameters before passing them into 'phpthumb' class. An attacker could exploit this vulnerability by crafting a special HTML POST request that can create a file with custom a filename and content. This can result in execution of arbitrary commands under the privileges of web server daemon user. |
6.8 | E18-5kws1 |
CVE-2018-14300 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) URL ZDI-18-760 |
Exploits | This strike exploits a use-afer-free vulnerability in Foxit Reader. This vulnerability is due to improper handling of an annotation object. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PDF file, resulting in possible execution of arbitrary code. |
6.8 | E18-5igq1 |
CVE-2018-11130 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits a heap use-after-free vulnerability in VCFTools program package. The vulnerability is due to inexistent validation of 'FORMAT' input contained within the VCF file to be analyzed. An attacker could potentially run arbitrary code or possibly have unspecified other impact on the target system by enticing a user to analyze a maliciously crafted VCF file. |
6.8 | E18-5i981 |
BID-104580 CVE-2018-10860 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits a directory traversal vulnerability in Perl Archive. The filename field of zip files is not sanitized for directory traversal characters. Files unzipped with Perl Archive may overwrite files in the location specified in the directory traversal. An attacker can exploit this by sending a specially crafted zip file to the target and enticing them to use Perl Archive to unzip the file. Successful exploitation may result in arbitrary file overwrite. |
6.8 | E18-m9x71 |
BID-100610 CVE-2017-5116 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) GOOGLE-759624 SECURITYTRACKER-1039291 |
Exploits | This strike exploits a vulnerability in the Google Chrome browser. Specifically, the vulnerability exists in Javascript v8 engine. It is possible to craft Javascript in such a way that when the main thread parses the WebAssembly Code, the worker thread can also modify this code at the same time causing out of bounds memory access. This may lead to a denial of service condition in the browser, or potentially remote code execution. |
6.0 | E18-5kyk1 |
CVE-2018-14364 CVSS-6.0 (AV:N/AC:M/AU:S/C:P/I:P/A:P) URL |
Exploits | This strike exploits a directory traversal vulnerability in GitLab. The GitLab projects import component does not properly validate the imported files, which allows an attacker to write symbolic links to public accessible locations on the server. By importing a project containing crafted symbolic links, an attacker could read arbitrary files from the file system to further leverage the vulnerability to a code execution scenario. |
6.0 | E18-5jtr1 |
BID-104569 CVE-2018-12895 CVSS-6.0 (AV:N/AC:M/AU:S/C:P/I:P/A:P) URL |
Exploits | The strike exploits an authenticated directory traversal vulnerability in WordPress platform. The vulnerability is due to the lack of sanitization of the 'thumb' POST parameter while handling media files metadata within 'post.php', and can be exploited by any account with edit rights. As a consequence, an attacker may delete arbitrary files within the file system which can be leveraged to code execution by changing the platform's configuration. |
6.0 | E18-5l011 |
BID-104914 CVE-2018-14417 CVSS-6.0 (AV:N/AC:M/AU:S/C:P/I:P/A:P) URL |
Exploits | This strike exploits a remote code execution in SoftNAS Cloud. The vulnerability is caused by insufficient validation of 'recentVersion' parameter on HTTP requests. Successful exploitation could allow an attacker to trigger a remote command execution on the target server. |
5.8 | E18-mbfm1 |
BID-104699 CVE-2018-5019 CVSS-5.8 (AV:N/AC:M/AU:N/C:P/I:N/A:P) SECURITYTRACKER-1041250 URL |
Exploits | This strike exploits an out-of-bounds read vulnerability in Adobe Acrobat Reader. The vulnerability is due to improper parsing of an embedded font by the CoolType module. An exploit could be triggered by opening a crafted XPS document. Successful exploitation could result in information disclosure which could be used to further compromise the target system. |
4.6 | E18-0psy1 |
CVE-2018-8834 CVSS-4.6 (AV:L/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits a heap buffer overflow vulnerability in OMRON CX-One CX-FLnet. The vulnerability is due to improper parsing of the parameters in a FLN configuration file. An attacker can entice a target to open a specially crafted FLN configuration file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the application. |
4.6 | E18-0osa1 |
CVE-2018-7514 CVSS-4.6 (AV:L/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike exploits a stack buffer overflow vulnerability in OMRON CX-One CX-Montion. The vulnerability is due to improper parsing of the parameters in a MCI configuration file. An attacker can entice a target to open a specially crafted MCI configuration file to trigger the vulnerability. Successful exploitation may result in execution of arbitrary code or abnormal termination of the application. |
3.5 | E18-5l251 |
CVE-2018-14493 CVSS-3.5 (AV:N/AC:M/AU:S/C:N/I:P/A:N) EXPLOITDB-45160 |
Exploits | This strike exploits a store cross-site scripting vulnerability in Open-AudIT Community 2.2.6. This vulnerability is due to improper http input filtering the parameter "groups". By exploiting this vulnerability an attacker could cause arbitrary HTML/script code to be executed by the target user's browser. |