idappcom - News Update | Network Security Assessment | Vulnerability Assessment | Vulnerability Scanner | Network Security Scanner | Security Assessment

Home Products Downloads News About Us My Account

idappcom News Update
31st August 2009

Traffic File Update August 2009

Traffic IQ Pro is already the most comprehensive testing and validation solution available today for network and inline devices. With its ease of use and extensive library of normal and threat traffic files the product can be used to easily create and replay simple or complex stateful testing scenarios to allow the validation of the configuration of inline network devices such as firewalls, IPS, routers, switches and other critical network systems in a controlled, repeatable and safe way.

Note: Traffic file updates are available to licensed users only.

This update includes the following traffic files:

Security Evasion Techniques

Evasion HTTP Header Folding (for CVE-2009-2732)
Evasion HTTP Method Random Case (for CVE-2009-2732)
Evasion HTTP Pad Fake Headers (for CVE-2009-2732)
Evasion HTTP Pad Method URI Count (for CVE-2009-2732)

Application Exploits

BlazeDVD Professional '.PLF' File Remote Buffer Overflow
BlazeDVD Professional '.PLF' File Remote Buffer Overflow_1
Compface '.xbm' File Remote Buffer Overflow Vulnerability
Compface '.xbm' File Remote Buffer Overflow Vulnerability_1
Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability
Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability_1
Firebird 'op_connect_request' Remote Denial Of Service Vulnerability
FTP ProFTP 2.9 Banner Remote Code Execution Vulnerability (win_exec)
FTP ProFTP 2.9 Banner Remote Code Execution Vulnerability (win_shell_bind_tcp)
FTP ProFTP 2.9 Banner Remote Code Execution Vulnerability (win_shell_reverse_ord_tcp)
FTP ProFTP 2.9 Banner Remote Code Execution Vulnerability (win_shell_reverse_tcp)
Google SketchUp '.skp' File Remote Buffer Overflow Vulnerability
HTTP Adobe ColdFusion 'cfadminpassword.cfm' HTML Injection Vulnerability
HTTP Adobe ColdFusion 'enter.cfm' HTML Injection Vulnerability
HTTP Adobe ColdFusion 'searchlog.cfm' HTML Injection Vulnerability
HTTP Adobe ColdFusion '_authenticatewizarduser.cfm' HTML Injection Vulnerability
HTTP Adobe ColdFusion '_logintowizard.cfm' HTML Injection Vulnerability
HTTP Adobe Flex SDK 'index.template.html' Cross Site Scripting Vulnerability
HTTP Adobe JRun 'logviewer.jsp' Directory Traversal Vulnerability
HTTP Alkacon OpenCms Cross-Site Scripting Vulnerabilities
HTTP CA SiteMinder Cross Site Scripting Protection Security Bypass Vulnerability
HTTP CA SiteMinder Unicode Cross Site Scripting Protection Security Bypass Vulnerability
HTTP Microsoft Internet Explorer 8 Denial of Service Vulnerability
HTTP Netgear WNR2000 Multiple Information Disclosure and Security Bypass Vulnerabilities
HTTP Netgear WNR2000 Multiple Information Disclosure and Security Bypass Vulnerabilities_1
HTTP Netgear WNR2000 Multiple Information Disclosure and Security Bypass Vulnerabilities_2
HTTP ntop 'checkHTTPpassword()' Remote Denial of Service Vulnerability
HTTP SQLiteManager 'main.php' Cross Site Scripting Vulnerability
HTTP SupportPRO SupportDesk Cross-Site Scripting Vulnerability
HTTP WordPress 'wp-admin and admin.php' Module Conf Security Bypass Vulnerabilities
HTTP WordPress 'wp-admin and admin.php' Module Conf Security Bypass Vulnerabilities_1
HTTP WordPress 'wp-admin and admin.php' Module Conf Security Bypass Vulnerabilities_2
HTTP WordPress 'wp-admin and admin.php' Module Conf Security Bypass Vulnerabilities_3
JetAudio M3U Playlist Handling Denial of Service Vulnerability
JetAudio M3U Playlist Handling Denial of Service Vulnerability_1
JetAudio M3U Playlist Handling Denial of Service Vulnerability_2
JetAudio M3U Playlist Handling Remote Command Execution Vulnerability
JetAudio M3U Playlist Handling Remote Command Execution Vulnerability_1
JetAudio M3U Playlist Handling Remote Command Execution Vulnerability_2
JetAudio M3U Playlist Handling Remote Command Execution Vulnerability_3
Kaspersky Products URI Parsing Denial of Service Vulnerability
Microsoft Internet Explorer 'li' Element Denial of Service Vulnerability
Microsoft Internet Explorer 'li' Element Denial of Service Vulnerability_1
Microsoft Windows Embedded OpenType Font Engine Denial of Service
SAP Business One License Manager 'NT_Naming_Service.exe' Buffer Overflow
UltraPlayer Malformed '.usk' Playlist File Buffer Overflow Vulnerability
WebKit Floating Point Number Remote Buffer Overflow Vulnerability