Important Information

On August 12th, 2022, many of Keysight’s Network Test, Network Visibility, & Edge to Core (NAS/formerly Ixia) products will migrate to a new license structure.

CRITICAL: If you perform licensing operations after August 12th, 2022, without upgrading the licensing software to the latest version, licenses may not register properly, and some features may be missing. This could impact testing and result in downtime.

For details, click here.

Strike ID:
E20-0yw11
CVSS:
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
5
Year:
2020

Description

This strike replicates an attack known as Bluegate against Remote Desktop Gateway (RDG), exploiting a heap buffer overflow. The flaw is due to unsanitized index parameters when parsing large UDP packets. Successful exploitation allows the attacker to execute arbitrary code on the target system, with the privileges of the user running the RDG daemon. NOTE: Normally, a connection to the RDG is formed through DTLS(Datagram TLS). After the initial handshake, all the conversation is encrypted. To showcase the actual malicious bytestream message, the strike is implemented in such a way as to present the exchange in plain, devoid of any encryption.

CVE

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-0609

References

https://raw.githubusercontent.com/ollypwn/BlueGate/master/BlueGate.py