Ticket | Info |
---|---|
DE8785 | Replaced "rand" method with equivalent code which employs the global seed for Strike for CVE-2014-2309. |
DE10436 (BUG1510963) | Strike for CVE-2009-3840 was sending invalid exploit traffic. To work correctly, Error Code 1 and Error Code 2 must match, be less than -5, and be little endian. The strike was not sending matched error codes and was in big endian. This has been fixed. |
DE10437 (BUG1511483) | The Strike with ID E18-3dwq1 has had its Javascript modified to allow it to properly go through our obfuscation engine. |
DE10447 | The transport protocol of the WhatsApp Flow was changed from UDP to TCP, except for the audio/video traffic. |
DE10448 | Fixed cryptographic error reported when running GmailClassic SuperFlows through proxy. |
DE10450 | Fix Strike for CVE-2014-9267 for undeclared variables. |
DE10451 | Fix Strike E13-4o001 for undeclared variables. |
DE10460 | Modified session.rb so that frames whose size is greater than the max_mtu for IPv6 will be properly reported as an error and not timeout. |
Ticket | Info |
---|---|
US96550 | Adding Support for NP token for Subscribe action in MQTT. |
CVSS | ID | References | Category | Info |
---|---|---|---|---|
10.0 | E19-7nvx1 |
CVE-2019-11469 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) EXPLOITDB-46740 |
Exploits | This strike exploits an SQL injection vulnerability in Zoho ManageEngine Applications Manager. The vulnerability is caused by insufficient validation of user input "resourcetype" on HTTP requests which are used to create SQL queries. Successful exploitation could allow an attacker abilities to execute SQL queries on the target server. |
10.0 | E19-8vx91 |
BID-106176 CVE-2018-1000861 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | This strike exploits a remote code execution vulnerability in Jenkins. The vulnerability is due to improper filtering of the "value" parameter when invoking a method on Java objects. An attacker could exploit this vulnerability by sending a crafted HTTP request to the target server. Successful exploitation results in remote code execution on the target server. |
10.0 | E19-0r901 |
CVE-2019-0708 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | This strike replicates an attack known as Bluekeep against a Microsoft Windows RDP Server (Remote Desktop Services), exploiting a use-after-free vulnerability. The flaw resides in a single memory zone being addressed by two different pointers when creating a RDP channel with the name 'MS_T120', when the connection is set up. A successful exploitation grants the attacker complete control over the target system. |
9.3 | E19-0r6i1 |
CVE-2019-0618 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL ZDI-19-194 |
Exploits | This strike exploits an remote code execution vulnerability in the GDI+ (Graphics Device Interface) module of Microsoft Windows. The vulnerability is due to improper handling of EMF records in memory by the 'DoRotatedStretchBlt' method pertaining to 'gdiplus.dll' library. The vulnerability can be exploited by crafting a malicious EMF file and enticing a user to download and open it. Successful exploitation may result in execution of arbitrary code with the privileges of the application using the vulnerable module. |
7.5 | E19-0r8p1 |
CVE-2019-0697 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) |
Exploits | This strike reproduces an attack on Microsoft Windows' DHCP client, on a buffer overflow vulnerability. The flaw results from the lack of field counting when parsing 'Options' fields in a DHCP ACK packet, resulting in overwrite of memory areas. As a consequence of exploiting this bug, a remote attacker controlling a DHCP server may take advantage and gain control of vulnerable Windows-based DHCP clients. |
6.8 | D19-0mbs1 |
CVE-2018-4328 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) GOOGLE-1610 |
Denial | This strike exploits a vulnerability in Apple Safari Webkit. Specifically, the vulnerability exists when making a call to the InlineTextBox::paint method. It is possible to craft Javascript in such a way that when invoking this method memory corruption will occur leading to an out of bounds memory read. This can lead to a denial of service or potentially allow for remote code execution to occur. |
6.4 | E19-5m6w1 |
BID-105317 CVE-2018-15960 CVSS-6.4 (AV:N/AC:L/AU:N/C:N/I:P/A:P) |
Exploits | This strike exploits a directory traversal vulnerability in Adobe ColdFusion CKEditor. The vulnerability is due to improper sanitization in the file upload.cfm. An attacker could exploit this vulnerability by sending a crafted HTTP request to the target server. By successfully exploiting this vulnerability, a remote, unauthenticated attacker could upload arbitrary files to the target server. |
5.1 | D19-0v6c1 |
CVE-2019-5796 CVSS-5.1 (AV:N/AC:H/AU:N/C:P/I:P/A:P) GOOGLE-1748 |
Denial | This strike exploits a vulnerability in Google Chrome. Specifically, the vulnerability exists when ExtensionsGuestViewMessageFilter is destroyed while concurrently modifying ProcessIdToFilterMap. When this happens a race condition will occur which can lead to a denial of service in the browser. |