Karalon - News Update | Network Security Assessment | Vulnerability Assessment | Vulnerability Scanner | Network Security Scanner | Security Assessment

Home Products Downloads News Partners About Us

Karalon News Update
21st August 2006

Traffic File Update August 2006

Traffic IQ Pro is already the most comprehensive testing and validation solution available today for network and inline devices. With its ease of use and extensive library of normal and threat traffic files the product can be used to easily create and replay simple or complex stateful testing scenarios to allow the validation of the configuration of inline network devices such as firewalls, IPS, routers, switches and other critical network systems in a controlled, repeatable and safe way.

Note: Traffic file updates are available to licensed users only.

This update includes the following traffic files:

Application Exploits

HTTP Apache mod_auth_pgsql Multiple Format String Vulnerabilities
HTTP COM Object Instantiation Memory Corruption Vulnerability (CAN-2005-1990)
HTTP IE COM Object Instantiation Memory Corruption Vulnerability (MS06-021) CVE-2006-1303
HTTP IE Content Advisor Memory Corruption Vulnerability (CAN-2005-0555)
HTTP IE Exception Handling Memory Corruption Vulnerability (CVE-2006-2218)
HTTP IE HHCtrl ActiveX Control Memory Corruption Vulnerability
HTTP IE PNG image rendering buffer overflow
HTTP IE Position CSS Denial of Service Vulnerability
HTTP Internet Explorer Address Bar Spoofing Vulnerability (CVE-2006-1626)
HTTP Internet Explorer Status Bar URI Spoofing
HTTP Microsoft DXImageTransform.Microsoft.Light ActiveX Control Vulnerability
HTTP Microsoft IIS 5.1 DLL Request Denial of Service Vulnerability
HTTP Microsoft Internet Explorer .mht files code execution
HTTP Microsoft Windows GDI WMF Handling Vulnerability (MS06-026)
HTTP Mozilla Firefox Deleted Object Reference Vulnerability
HTTP Mozilla Firefox Marquee Denial of Service
HTTP MS Internet Explorer (HTML Tag) Memory Corruption (MS06-013)
HTTP MS Windows Media Player Remote Code Execution (MS06-024)
HTTP Multiple Browser Telnet URI Handler File Manipulation
HTTP PlanetWeb long URL buffer overflow
HTTP Trend Micro ServerProtect isaNVWRequest.dll POST Request Remote Overflow
HTTP Windows COM object as ActiveX allows execution of code (CAN-2005-2831)

Application Traffic

eDirectory 8.7.3 iMonitor Remote Stack Overflow (win32_adduser)
eDirectory 8.7.3 iMonitor Remote Stack Overflow (win32_bind)
eDirectory 8.7.3 iMonitor Remote Stack Overflow (win32_bind_meterpreter)
eDirectory 8.7.3 iMonitor Remote Stack Overflow (win32_reverse)
eDirectory 8.7.3 iMonitor Remote Stack Overflow (win32_reverse_ord)
eDirectory 8.7.3 iMonitor Remote Stack Overflow (win32_reverse_stg)
eDirectory 8.8 iMonitor Remote Stack Overflow (win32_adduser)
eDirectory 8.8 iMonitor Remote Stack Overflow (win32_bind)
eDirectory 8.8 iMonitor Remote Stack Overflow (win32_bind_meterpreter)
eDirectory 8.8 iMonitor Remote Stack Overflow (win32_exec)
eDirectory 8.8 iMonitor Remote Stack Overflow (win32_reverse)
eDirectory 8.8 iMonitor Remote Stack Overflow (win32_reverse_ord)
FTP CesarFTP 0.99g Buffer Overflow (win32_bind_meterpreter)
FTP CesarFTP 0.99g Buffer Overflow (win32_bind_stg)
FTP CesarFTP 0.99g Buffer Overflow (win32_reverse)
FTP CesarFTP 0.99g Buffer Overflow (win32_reverse_meterpreter)
FTP CesarFTP 0.99g Buffer Overflow (win32_reverse_stg)

Standard Protocol Traffic

P2P Bitcomet information exchange

Adware/Spyware

Spyware 4arcadebar (SeekItAll) toolbar download
Spyware ABetterInternet information upload
Spyware ABetterInternet installation
Spyware Hotbar information download
Spyware Hotbar information upload
Spyware Push toolbar information search
Spyware Searchsquire download