Ansvif is “A Not So Very Intelligent Fuzzer”. It feeds garbage arguments and data into programs trying to induce a fault.

Pcapteller is a tool designed for simple traffic manipulation and replay. The tool allows you to recreate a recorded network traffic scenario that occurred in a foreign network, as it really happened in yours. Basically, the tool reads network packets from a PCAP file, and it replaces a given IP address with one that fits your needs. Afterwards, the manipulated packets are injected into the network. The tool is useful if you want to recreate scenarios where computer attacks or malware infections occurred. Using such scenarios as a base, Pcapteller will make it look like everything is really happening in your network. Pcapteller can help you improving your blue team’s network security monitoring skills, or creating network decoys during red team operations.

A vulnerability exists for Gemtek CPE7000 model ID WLTCS-106 exposing Iperf tool to unauthenticated users. Injecting a command in the perf_measure_server_ip parameter, an attacker can execute arbitrary commands. Since the service runs as root, the remote command execution has the same administrative privileges. The remote shell is obtained uploading the payload and executing it. A reverse shell is preferred rather then a bind one, since firewall won’t allow (by default) incoming connections. Tested on Hardware version V02A and Firmware version 01.01.02.082.

A vulnerability exists for Gemtek CPE7000 model ID WLTCS-106 which allows unauthenticated remote attackers to retrieve a valid Administrative SID.

HP Security Bulletin HPSBGN03582 1 – HPE Helion CloudSystem addressed stack based buffer overflows in glibc’s implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.