Sonification of DDoS Attacks: Netflow Melodies and a Tomato Panic Button

A focus on innovation and creativity is ever-present in our work. One of the more prominent examples of that is our annual hackathon, which gives us a chance to fuel up on pizza and flex our coding muscles in a 24-hour programming marathon. Up until this year, these hackathons were limited to a...

Elastic Logstash 'CVE-2016-10363' DoS Vulnerability

Elastic Logstash is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

ManageEngine NetFlow Analyzer Detection (HTTP)

HTTP based detection of ManageEngine NetFlow Analyzer. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ManageEngine Netflow Analyzer / IT360 - Arbitrary File Download Vulnerability

Exploit for multiple platform in category web applications Arbitrary file download in ManageEngine Netflow Analyzer and IT360 Discovered by Pedro Ribeiro email protected, Agile Information Security ========================================================================== Disclosure: 30/11/2014 /...

NfSen 1.3.7 AlienVault OSSIM 4.3.1 - customfmt Command Injection

NfSen 1.3.7 AlienVault OSSIM 4.3.1 - customfmt Command Injection Exploit Title: NfSen/AlienVault remote root exploit command injection in customfmt parameter Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault USM/OSSIM 4.3.1...

NfSen 1.3.7 / AlienVault OSSIM 4.3.1 customfnt Command Injection

Exploit Title: NfSen/AlienVault remote root exploit command injection in customfmt parameter Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault USM/OSSIM 4.3.1 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/...

Elasticsearch Logstash Denial of Service Vulnerability

Elasticsearch Logstash is a set of log analysis and monitoring tools from Elasticsearch Netherlands. The tool provides functions such as search, processing and management of logs or events. A security vulnerability exists in Elasticsearch Logstash versions prior to 2.3.3. A remote attacker can...

CVE-2016-10363

Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and ca...

CVE-2016-10363

Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and ca...

Design/Logic Flaw

Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and ca...

CVE-2016-10363

Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and ca...

CVE-2016-10363

CVE-2016-10363 affects Logstash versions prior to 2.3.3 when using the Netflow Codec plugin. A remote attacker can craft malicious Netflow v5, Netflow v9, or IPFIX packets, exploiting errors not handled by the codec and causing the Logstash process to exit (denial of service). Impact details are ...

Edit and Replay Network Traffic: tcpreplay

Edit and Replay Network Traffic Tcpreplay is a suite of GPLv3 licensed utilities for UNIX and Win32 under Cygwin operating systems for editing and replaying network traffic which was previously captured by tools like tcpdump and Ethereal / Wireshark . It allows you to classify traffic as client o...

AlienVault USM/OSSIM/NfSen Remote Code Execution Vulnerability

AlienVault USM and OSSIM are both products of AlienVault, Inc. in the U.S. USM is a security management platform that provides security monitoring, security event management and reporting, and a threat awareness system, among other features.OSSIM is an open-source security information management...

Unspecified Vulnerability in AlienVault USM/OSSIM/NfSen

AlienVault USM and OSSIM are both products of AlienVault, Inc. in the U.S. USM is a security management platform that provides security monitoring, security event management and reporting, and a threat awareness system, among other features.OSSIM is an open-source security information management...

Cisco NetFlow Generation Appliance SCTP decoder denial of service vulnerability

Cisco NetFlow Generation Appliance is the United States Cisco Cisco company's set of scalable for data centers to achieve traffic visibility solutions. A denial of service vulnerability exists in the processing of SCTP messages by the SCTP decoder in the Cisco NetFlow Generation Appliance. A remo...

Cisco Warns of High Severity Bug in NetFlow Appliance

Warning the device is susceptible to denial of service attacks, Cisco Systems on Wednesday released a patch for its NetFlow Generation Appliance. The flaw traces back to the hardware’s Stream Control Transmission Protocol SCTP used by the appliance, according to a Cisco Security Advisory posted...

CVE-2017-3826

A vulnerability in the Stream Control Transmission Protocol SCTP decoder of the Cisco NetFlow Generation Appliance NGA with software before 1.11a could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service DoS condition. The...

Race condition

A vulnerability in the Stream Control Transmission Protocol SCTP decoder of the Cisco NetFlow Generation Appliance NGA with software before 1.11a could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service DoS condition. The...

CVE-2017-3826

A vulnerability in the Stream Control Transmission Protocol SCTP decoder of the Cisco NetFlow Generation Appliance NGA with software before 1.11a could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service DoS condition. The...