 |
|
|
|
|
|
|
|
|
| |
Karalon
News Update
30th September 2007 |
|
|
|
| |
|
|
Traffic
File Update September 2007
Traffic IQ Pro is already the most comprehensive testing and validation solution available today for network and inline devices. With its ease of use and extensive library of normal and threat traffic files the product can be used to easily create and replay simple or complex stateful testing scenarios to allow the validation of the configuration of inline network devices such as firewalls, IPS, routers, switches and other critical network systems in a controlled, repeatable and safe way.
Note: Traffic file updates are available to licensed users only.
This update includes the following traffic files:
 Application
Exploits
Apple QuickTime SMIL File Processing Integer Overflow
HTTP ACTi Network Video Recorder ActiveX DeleteXMLFile() File
Deletion
HTTP ACTi Network Video Recorder ActiveX SaveXMLFile() File
Creation
HTTP Apache Tomcat Cal2.JSP Cross-Site Scripting
HTTP Apache Tomcat Host Manager Servlet (aliases) Cross Site
Scripting
HTTP AtomixMP3 Malformed PLS Playlist File Buffer Overflow
HTTP BaoFeng Storm MPS.DLL (backImage) Buffer Overflow
HTTP BaoFeng Storm MPS.DLL (titleImage) Buffer Overflow
HTTP BaoFeng Storm MPS.DLL (URL) Buffer Overflow
HTTP BaoFeng Storm MPS.DLL advancedOpen() Buffer Overflow
HTTP BaoFeng Storm MPS.DLL isDVDPath() Buffer Overflow
HTTP BaoFeng Storm MPS.DLL rawParse() Buffer Overflow
HTTP Buffalo AirStation WHR-G54S Web Management CSRF
HTTP EDraw Office Viewer (HttpDownloadFileToTempDir) Buffer
Overflow
HTTP GlobalLink GLItemCom.DLL ActiveX Heap Overflow
HTTP GlobalLink glitemflat.dll ActiveX Heap Overflow
HTTP MS IE (EasyMail Objects EMSMTP.DLL ActiveX Control) Buffer
Overflow
HTTP MS IE (eCentrex VOIP Client UACOMX.OCX ActiveX) Buffer
Overflow
HTTP MS IE (PPStream PowerPlayer.DLL) ActiveX Buffer Overflow
HTTP NVR nvUnifiedControl ActiveX Control Buffer Overflow
IAX2 Asterisk Remote Denial of Service
IBM Rational ClearQuest Username SQL Injection
Microsoft DirectX Media SDK (SourceUrl) Buffer Overflow
Microsoft SQL Server sqldmo.dll Buffer Overflow
Microsoft Visual Basic VBP File Processing Buffer Overflow
Microsoft Visual FoxPro FPOLE.OCX ActiveX Buffer Overflow
Microsoft Visual Studio PDWizard ActiveX Control Code Execution
Microsoft Visual Studio VB To VSI Support Library Arbitrary File
Overwrite
Microsoft Windows Agent Remote Command Execution (MS07-051)
Microsoft Windows GDI Metafiles AttemptWrite Code Execution
(MS07-046)
Microsoft Windows MFC Library FindFile() Buffer Overflow
MS Visual Basic VBP File Processing Buffer Overflow (shutdown)
MS Visual Basic VBP File Processing Buffer Overflow (vncinject)
MS Visual Basic VBP File Processing Buffer Overflow
(win32_adduser)
MS Visual Basic VBP File Processing Buffer Overflow (win32_bind)
MS Visual Basic VBP File Processing Buffer Overflow (win32_exec)
POP3 Hexamail Server Remote Buffer Overflow
RealPlayer and HelixPlayer AU Divide-By-Zero DoS
SIP Asterisk Invite Message Remote DoS (CVE-2007-1561)
SIP Cisco IP Phone 7940 and 7960 SIP Message Sequence DoS POC_2
SIP Cisco IP Phone 7940 and 7960 SIP Message Sequence DoS
SIP Thomson SpeedTouch 2030 SIP Empty Message Remote DoS
SIP Thomson SpeedTouch 2030 SIP Invite Message Remote DoS
SMTP Mercury Mail AUTH CRAM-MD5 Overflow (universal_TER32.dll)
SMTP Mercury Mail AUTH CRAM-MD5 Overflow
(Win2003SP0_shell32.dll)
SMTP Mercury Mail AUTH CRAM-MD5 Overflow (WinXPSP0_shell32.dll)
SMTP Mercury Mail AUTH CRAM-MD5 Overflow (WinXPSP1_user32.dll)
SMTP Mercury Mail AUTH CRAM-MD5 Overflow (WinXPSP2_shell32.dll)
SMTP Mercury Mail Transport System AUTH CRAM-MD5 DoS
Sun Java Runtime Environment (JRE) isInstalled.dnsResolve Buffer
Overflow
Unreal Engine Web Server Logging (hell bell attack)
Unreal Engine Web Server Logging Buffer Overflow
VMware IntraProcessLogging.DLL Arbitrary File Overwrite
VMware Workstation CreateProcess and CreateProcessEx Code
Execution
Yahoo Messenger CYFT Object (ft60.dll) Remote Code Execution
|
|
|
| |
|
Copyright Karalon 2004-2008 All rights reserved
|
