Traffic
File Update November 2008
Traffic IQ Pro is already the most comprehensive testing and validation solution available today for network and inline devices. With its ease of use and extensive library of normal and threat traffic files the product can be used to easily create and replay simple or complex stateful testing scenarios to allow the validation of the configuration of inline network devices such as firewalls, IPS, routers, switches and other critical network systems in a controlled, repeatable and safe way.
Note: Traffic file updates are available to licensed users only.
This update includes the following traffic files:
 Security
Evasion Techniques
Evasion DCERPC append multiple fake bind (CVE-2008-4250)
Evasion DCERPC smb pipeio trans (for CVE-2008-3466)
Evasion HTTP Headers Folding (CVE-2008-0955)
Evasion HTTP Junk Headers (for CVE-2008-0955)
Evasion SMB pad_data_level_2 (CVE-2008-4250)
Evasion SMB pipe_evasion (CVE-2008-4250)
Application
Exploits
Adobe Acrobat and Reader 'util.printf()' Remote Buffer
Overflow
BitDefender 'pdf.xmd' Module PDF Parsing Remote Denial Of
Service
HTTP A-LINK WL54AP3 and WL54AP2 Cross-Site Request Forgery
Vulnerability
HTTP Belkin F5D7230-4 Wireless G Router Authentication
Vulnerability
HTTP Chilkat Crypt ActiveX 'WriteFile()' Insecure Method
Vulnerability
HTTP Google Chrome MetaCharacter URI Obfuscation Vulnerability
HTTP Google Chrome Pop-Up Address Bar URI Spoofing
Vulnerability
HTTP iseemedia LPViewer ActiveX Control Code Execution (shell_bind_tcp)
HTTP iseemedia LPViewer ActiveX Control Code Execution (shell_reverse_tcp)
HTTP iseemedia LPViewer ActiveX Control Code Execution (win_exec)
HTTP NETGEAR WGR614 Administration Interface Remote Denial of
Service
HTTP ooVoo URI Handler Remote Buffer Overflow Vulnerability
HTTP Opera 'file' URI Handling Buffer Overflow Vulnerability
HTTP Opera Web Browser History Search Input Validation
Vulnerability
HTTP SonicWALL Content-Filtering Universal Script Injection
Vulnerability (ie6)
HTTP SonicWALL Content-Filtering Universal Script Injection
Vulnerability (ie7)
HTTP SonicWALL Content-Filtering Universal Script Injection
Vulnerability
HTTP SonicWALL URL Handling Cross Site Scripting Vulnerability
(Cookie-theft)
HTTP Yahoo Messenger YVerInfo.DLL Multiple Buffer Overflow
Vulnerability
IBM Domino Web Access Upload Module inotes6.dll SEH Overwrite
Exploit
Microsoft Communicator SIP INVITE Message Remote Denial of
Service
Microsoft DebugDiag 'CrashHangExt.dll' Remote DoS
Vulnerability
Microsoft Host Integration Server 2006 Command Execution
Vulnerability (MS08-059)
Microsoft Windows Media Player MIDI File MThd Header Parsing
DoS
Microsoft Windows Server Service (MS08-067) Patch Scanner
Microsoft XML Core Services DTD Cross-Domain Scripting
Vulnerability (MS08-069)
mIRC 'PRIVMSG' Command Handling Buffer Overflow Vulnerability
(Vista SP0)
mIRC 'PRIVMSG' Command Handling Buffer Overflow Vulnerability
(WinXP SP3)
mIRC 'PRIVMSG' Command Handling Buffer Overflow Vulnerability
Multiple products MP4 File Remote Denial of Service
Nero ShowTime m3u File Remote Buffer Overflow Vulnerability
Net-SNMP GETBULK Remote Denial of Service Vulnerability
Network-Client FTP Now Heap Buffer Overflow Vulnerability
Numark CUE 5 '.m3u' File Buffer Overflow Vulnerability
Oracle mod_wl HTTP POST Request Denial of Service
Vulnerability
Oracle mod_wl HTTP POST Request Remote Buffer Overflow (Win2k3
SP2)
SIP Siemens C450IP and C475IP Denial of Service Vulnerability
SMB Microsoft Server Service Vulnerability MS08-067 (Win2k
meterpreter_bind_tcp)
SMB Microsoft Server Service Vulnerability MS08-067 (Win2k
win_adduser)
SMB Microsoft Server Service Vulnerability MS08-067 (Win2k
win_exec)
SMB Microsoft Server Service Vulnerability MS08-067 (Win2k
win_shell_bind_tcp)
SMB Microsoft Server Service Vulnerability MS08-067 (WinXP_SP2
win_exec)
Total Video Player 'TVP type' Tag Handling Remote Buffer
Overflow
uTorrent and BitTorrent File Handling Remote Buffer Overflow
Vulnerability
VLC Media Player RealText Processing Buffer Overflow
|
