| Name | Category | Info |
|---|---|---|
| Bandwidth HTTP2 TLS | System/Network Admin | This simulates the scenario where the client sends a GET request to the server and the server responds by sending a 200 OK response with a video file of size 524288 bytes using HTTP2 protocol. The communication is over HTTP2 and TLS. | Facebook Apr 18 Bandwidth | Social Networking/Search | Simulates the use of the Facebook website as of April 2018. All of the available actions for this flow are exercised. The parameters here are set for high bandwidth that could be used in Sandvine profiles. |
| LwM2M over MQTT | Distributed Computing | Two MQTT clients (the LwM2M Client and the LwM2M Server) connect to a MQTT server. They use two MQTT topics (transport topics) in order to bidirectionally send LwM2M packets (CoAP message format) as MQTT publish message payload. | Twitch Mar18 Bandwidth | Voice/Video/Media | Simulates the use of Twitch.tv as of March 2018. The user loads the twitch.tv page, selects the Browse button and then lists the available Top Channels from which a channel is selected and played. The parameters here are set for high bandwidth that could be used in Sandvine profiles. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E19-7rw61 |
CVE-2019-16662 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) |
Exploits | A command injection vulnerability exists in the rConfig network device configuration management tool. The vulnerability is due to insufficient input validation in the 'ajaxServerSettingsChk.php' module. A remote, unauthenticated attacker can create a malicious HTTP request resulting in arbitrary command execution on the target system with the privileges of the user running the web server. |
| 9.3 | E19-0rpr1 |
CVE-2019-1311 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | This strike exploits a use after free vulnerability in the Microsoft Windows Imaging API component of Microsoft Windows. The vulnerability is due to improper handling of WIM records in memory by the 'wimgapi.dll' library. The vulnerability can be exploited by crafting a malicious WIM image file and enticing a user to download and mount it. Successful exploitation may result in execution of arbitrary code with elevated privileges. |
| 9.3 | E19-0jnm1 |
BID-103032 CVE-2018-0866 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) EXPLOITDB-44153 GOOGLE-1453 |
Exploits | This strike exploits a vulnerability in the Microsoft Internet Explorer browser. Specifically the vulnerability exists within the Javascript engine. An attacker can craft Javascript in such a way that when invoking the lastIndexOf method on String a Use After Free can occur potentially resulting in memory disclosure. This can lead to a denial of service condition in the browser or potentially remote code execution. |
| 7.5 | E19-10pg1 |
CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) EXPLOITDB-47572 URL |
Exploits | This strike exploits a remote code execution in Apache Solr via Velocity template in the VelocityResponseWriter plugin. When params resource loader is set to true, the user will be allowed to specify the loading of related resources by setting the parameters in the request, this allows the attacker to construct a threatening request on the server. Successful exploitation will result in code execution, in the context of the user running the Apache Solr service. |
| 6.8 | E19-0np61 |
BID-103917 CVE-2018-6106 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) GOOGLE-1521 |
Exploits | This strike exploits a vulnerability in the Google Chrome browser. Specifically the vulnerability exists within the Javascript V8 engine. An attacker can craft Javascript in such a way that the AwaitedPromise method can be replaced with user Javascript through the use of a then getter. This may lead to an incorrect state in the generator, which can lead to a denial of service condition in the browser or potentially remote code execution. |
| 6.0 | E19-7mtt1 |
CVE-2019-10097 CVSS-6.0 (AV:N/AC:M/AU:S/C:P/I:P/A:P) URL |
Exploits | This strike exploits a heap buffer overflow vulnerability in the 'mod_remoteip' component of Apache httpd. The vulnerability is due to improper processing of data in the PROXY protocol. Successful exploitation could lead to remote code execution with the privileges of the user running the httpd |
| 4.3 | E19-7s841 |
CVE-2019-17092 CVSS-4.3 (AV:N/AC:M/AU:N/C:N/I:P/A:N) URL |
Exploits | This strike exploits a reflected cross-site scripting vulnerability found in OpenProject Web interface. This vulnerability is due to inadequate input filtering in the web interface, while parsing input passed to 'sortBy' parameter within 'projects' page. By exploiting this vulnerability an attacker could cause arbitrary HTML/script code to be executed by the target user's browser. |
| 2.6 | E19-0jkv1 |
BID-102393 CVE-2018-0767 CVSS-2.6 (AV:N/AC:H/AU:N/C:P/I:N/A:N) EXPLOITDB-43522 GOOGLE-1387 |
Exploits | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically the vulnerability exists within the Javascript Chakra engine. An attacker can craft Javascript in such a way that when the AppendLeftOverItemsFromEndSegment method is invoked an out of bounds memory read will occur. This can lead to a denial of service condition in the browser or potentially remote code execution. |
| Ticket | Info |
|---|---|
| ATIBPS-10946 | The default values for the Server Certificate, Server Private Key, Client Certificate and Client Private Key parameters in the Accept TLS and Start TLS actions were changed to files with 2048-bit keys. |