| Name | Category | Info |
|---|---|---|
| Windows Updates Feb20 | Data Transfer/File Sharing | Simulates the Download of Updates on Microsoft Windows 10 (Home) Operating System. |
| Disney+ | Voice/Video/Media | Disney+ is an American subscription video on-demand streaming service owned and operated by the Direct-to-Consumer & International (DTCI) division of The Walt Disney Company. The service primarily distributes films and television series produced by The Walt Disney Studios and Walt Disney Television. Original films and television series are also distributed on Disney+. Serving adjacent to Disney's other streaming platforms, Disney+ focuses on "family-oriented entertainment", and features no R-rated or TV-MA-rated programming. The platform relies on HLS (HTTP Live Streaming) for streaming. |
| Name | Category | Info |
|---|---|---|
| Windows Updates Feb20 | Data Transfer/File Sharing | Simulates the Download of Updates on Microsoft Windows 10 (Home) Operating System. |
| Disney+ Video Streaming | Voice/Video/Media | This Super Flow simulates Disney+ Video Streaming using HTTP Live Streaming (HLS). It uses a provided or generated master and media playlists. Playlist segments are delivered separately through HTTP requests/responses. The Super Flow simulates bitrate adaptation to network capabilities by random weighted selection of a stream after each delivery of a group consisting in a video, audio and subtitle segment. | RTP Voice Call Bandwidth | Voice/Video/Media | Simulates RTP voice call between two endpoints and the parameters here are set as to maximize the bandwidth. The call setup occurs directly between the two endpoints using UDP transport, and the RTP stream utilizes the PCMU audio codec and 1340 bytes payload size.[RFC 1035][RFC 3261][RFC 3550][RFC 3605] |
| Name | Info |
|---|---|
| Sandvine 2018 EMEA Upstream | Traffic simulating the upstream mix of applications reported in the Sandvine Global Internet Phenomena Report 2018 for EMEA region. |
| Sandvine 2018 EMEA Downstream | Traffic simulating the mix of applications reported in the Sandvine Global Internet Phenomena Report October 2018 for EMEA downstream applications. |
| Sandvine 2018 Americas Downstream | Traffic simulating the mix of applications reported in the Sandvine Global Internet Phenomena Report 2018 for America. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 9.0 | E20-0k761 |
CVSS-9.0 (AV:N/AC:L/AU:N/C:P/I:P/A:C) CVSSV3-9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H URL |
Exploits | A remote code execution vulnerability exists in ThemeRex Addons WordPress Plugin versions greater than 1.6.50, due to lack of sanitization for user-supplied data. By sending a crafed REST-API request to '/wp-json/trx_addons/v2/get/sc_layout', a remote unauthenticated user may invoke arbitrary PHP functions via 'sc' parameter. |
| 7.5 | E20-xa1u1 |
CVE-2020-8450 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) CVSSV3-7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L URL |
Exploits | A stack-based buffer overflow vulnerability exists in Squid before 4.10 due to incorrect buffer management, when acting as a reverse proxy. By sending a crafted HTTP request with a host string longer than 255 characters in the 'Host' header, a remote attacker may achieve remote code execution on the target host. |
| 7.5 | E20-0zwy1 |
CVE-2020-1938 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) CVSSV3-8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N URL |
Exploits | An arbitrary file read (which can be turned into local file inclusion under special circumstances) exists in Apache Tomcat's AJP Connector, versions before 9.0.31, 8.5.51, and 7.0.100. Dubbed as 'Ghostcat', the flaw exists due to lack of authentication when requesting resources via AJP binary protocol on port 8009. Unauthenticated remote attackers may be able to read arbitrary files residing within server's root path. |
| Ticket | Info |
|---|---|
| ATIBPS-16508 | Fixed strikes E18-5m6i1 and E18-mbfm1 to allow multiple protocols for FileTransfer. |
| ATIBPS-16499 | Changed the category of "Afreeca TV Jan 20" superflow to "Voice/Video/Media". |