Ticket | Info |
---|---|
ATIBPS-16215 | The 1-arm SuperFlow should have the External Host IP in the NN set to 8.8.4.4 or 1.1.1.1 to work against the real service. THIS ONLY WORKS AGAINST DNS.GOOGLE ON OCTOBER 2019. Please refer to this link for more details: https://www.ixiacom.com/company/blog/using-breakingpoint-test-dns-over-https-doh-services-part-1. |
ATIBPS-16151 | Added PORT_SET extension (RFC 7753) in MAP Request/Response for PCPv2. |
ATIBPS-11178 | NAT tag has been added to the Blackberry Enterprise Receive Email superflow to make it NAT compatible. |
ATIBPS-14064 | Added proper description for the action Voice Data under the Skype Call Superflow. |
ATIBPS-14050 | Added preliminary support for Authoritative Name servers as part of the response action for DNS. |
ATIBPS-10136 | Updated all canned superflows to use 2048 length keys and certs as per the industry standard. |
ATIBPS-9911 | The canned malware description has been changed to more specifically describe what composes canned malware. |
ATIBPS-16154 | IKEv2 VPN scenario has been added to Simulated IPSec over UDP protocol. |
Name | Category | Info |
---|---|---|
Redis | Database | Redis is an in-memory data structure project implementing a distributed, in-memory key-value database with optional durability. Redis made popular the idea of a system that can be considered at the same time a store and a cache, using a design where data is always modified and read from the main computer memory, but also stored on disk in a format that is unsuitable for random access, only to reconstruct the data back in memory once the system restarts. |
Office 365 Outlook People Oct19 | Social Networking/Search | Simulates the use of the Office 365 Outlook People website as of October 2019. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Name | Category | Info |
---|---|---|
ClientSim Redis Append Request | Database | This simulates the Append to key workflow for the Redis protocol on a particular key. |
ClientSim Redis Basic Requests | Database | This simulates Set, Get, Delete, Exists, Dbsize, Ping, Rename and Append Redis requests on a particular set of keys. |
ClientSim Redis Rename Request | Database | This simulates the Rename key workflow for the Redis protocol on a particular key. |
LwM2M over CoAP | Distributed Computing/IoT | Added LWM2M over CoAP superflow (without DTLS encryption). |
Office 365 Outlook People Oct19 | Social Networking/Search | Simulates the use of the Office 365 Outlook People.The user accesses the sign in page, signs in, creates a new contact, searches for a contact, deletes a contact and signs out. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Office 365 Outlook People Oct19 Create and Delete a Contact | Social Networking/Search | Simulates the use of the Office 365 Outlook People.The user accesses the sign in page, signs in, creates a new contact, deletes a contact and signs out. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Office 365 Outlook People Oct19 Search for a Contact | Social Networking/Search | Simulates the use of the Office 365 Outlook People.The user accesses the sign in page, signs in, searches for a contact and signs out. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
PCPv2 Map Request PORT_SET Superflow | Testing and Measurement | This simulates a basic PCPv2 session with Map Request scenario, including PORT_SET Allocation Option described in RFC 7753. |
Redis Append Request | Database | This simulates both the client and server for an Append to key workflow for the Redis protocol on a particular key. |
Redis Basic Requests | Database | This simulates Set, Get, Delete, Exists, Dbsize, Ping, Rename and Append Redis requests and responses on a particular set of keys. | Redis Rename Request | Database | This simulates both the client and server for a Rename key workflow for the Redis protocol on a particular key. |
Simulated IKEv2/IPSec VPN (Download Traffic) | Remote Access | Simulates IKEv2/IPSec VPN traffic from a client attempting to download data. The client performs the IKEv2 parameter negotiation and NAT discovery with the VPN server over UDP port 500. Then it proceeds in EAP exchanges with the server to establish IKEv2/IPSec over UDP port 4500 and stream ESP packets. The ESP payload-sizes and the distribution are configured to follow a file download pattern. |
Simulated IKEv2/IPSec VPN (Upload Traffic) | Remote Access | Simulates IKEv2/IPSec VPN traffic from a client attempting to upload data. The client performs the IKEv2 parameter negotiation and NAT discovery with the VPN server over UDP port 500. Then it proceeds in EAP exchanges with the server to establish IKEv2/IPSec over UDP port 4500 and stream ESP packets. The ESP payload-sizes and the distribution are configured to follow a file upload pattern. |
CVSS | ID | References | Category | Info |
---|---|---|---|---|
9.0 | E19-7osq1 |
CVE-2019-12650 CVSS-9.0 (AV:N/AC:L/AU:S/C:C/I:C/A:C) URL |
Exploits | This strike exploits a command injection vulnerability in the WebUI component of Cisco IOS XE. The vulnerability is due to improper validation of user-supplied 'snortcheck.lua' form data via the WebUI. An user with low privilege access can exploit this vulnerability by sending a crafted HTTP request to the target server. Successful exploitation results in execution of Cisco console commands with administrative privileges. |
7.6 | E19-0pdv1 |
BID-104637 CVE-2018-8291 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-45215 GOOGLE-1576 |
Exploits | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically the vulnerability exists within the Javascript Chakra engine. An attacker can craft Javascript in such a way that the CopyFrom method does not copy all fields, including the IsShadowed field, from another descriptor to "this". This causes type confusion to occur, and can lead to a denial of service condition in the browser or potentially remote code execution. |
7.5 | E19-zrrp6 |
CVE-2014-4725 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) EXPLOITDB-33991 URL |
Exploits | This strike exploits a file upload vulnerability in the Wordpress Plugin MailPoet Newsletters. The vulnerability allows for the unauthenticated attacker to take advantage of the plugin's use of the admin_init hook by uploading a theme using wp-admin/admin-post.php. By exploiting this vulnerability, an unauthenticated attacker can upload arbitrary files on the server and execute them. |
5.0 | E19-7t3d1 |
CVE-2019-18217 CVSS-5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P) |
Exploits | A logic error exists in ProFTPD 1.3.6rc2, resulting in infinite loops getting triggered by commands with 4100 or more characters. An unauthenticated, remote attacker can exploit this vulnerability by sending an excessively long command to the target server. Successful exploitation causes an infinite loop leading to full CPU usage. |
4.3 | E19-0w6t1 |
CVE-2019-7109 CVSS-4.3 (AV:N/AC:M/AU:N/C:P/I:N/A:N) URL |
Exploits | An out-of-bounds read vulnerability exists in several Adobe Acrobat products containing the 'acrodistdll.dll' shared library. The OOB read occurs whenever comments placed inside postscript objects are processed and no new line character is further detected. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted JOBOPTIONS file. Successful exploitation of this vulnerability could lead to information disclosure. |
Ticket | Info |
---|---|
ATIBPS-16212 | Fixed an issue where HTTP2 Post and Response does not split message to frames when the message is longer than SETTINGS_MAX_FRAME_SIZE. If the payload message is longer than specified SETTINGS_MAX_FRAME_SIZE, it is now separated into frames before sending to the receiver. |
ATIBPS-16199 | Deleted strikes G08-3cp01 due to SSL payload without decryption. |
ATIBPS-16203 | Deleted strikes G05-39w01 due to bad TCP packets. |
ATIBPS-16186 | Updated destination port for E06-6qv02. |
ATIBPS-16157 | Fix reference and traversal path for strike for E18-ua3e1 (Jenkins Accept-Language Header Directory Traversal). |
ATIBPS-16143 | Fixed Diameter protocol bug where user assigned hop-by-hop ID and end-to-end ID were ignored. |
ATIBPS-16121 | Updated E19-0bdt2 to match the 'Multiplex ID' value within the 'SMB_COM_TRANSACTION_SECONDARY' request to the 'FID' of the 'SMB_COM_WRITE_ANDX' request. |
ATIBPS-16120 | The strike E16-5ed01 has had 2 of it's directory traversal options modified to include the correct attack vector. |
ATIBPS-8109 | Fixed an issue for strike E18-0olw1 where the header in SIP was "Allow" and should be "Accept". |
ATIBPS-8109 | Fixed the exploit for strike E18-0ou61 by adding the overlong HTTP "Accept" header. |