Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
4b057abad3704dddd9861058718b2764c379deefac39b188c5f99478318f2462Ubuntu Security Notice 3124-1 - Christian Holler, Andrew McCreight, Dan Minor, Tyson Smith, Jon Coppeard, Jan-Ivar Bruaroey, Jesse Ruderman, Markus Stange, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. A same-origin policy bypass was discovered with local HTML files in some circumstances. An attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.
186fc72529bc55503b5bee038a51d2256f957a0adfbd4fa065e59591da446ee3Gentoo Linux Security Advisory 201611-11 - Multiple vulnerabilities have been found in QEMU, the worst of which could cause a Denial of Service condition. Versions less than 2.7.0-r6 are affected.
f65df48e99a50acb2abf2cd6d8af4cac73a92399ae257cbb493db0dd555963e0SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a directory traversal vulnerability.
62cc4d036331589bf67b67e77af5807e4474a073efb99c6620b5006901f5230bSAP NetWeaver AS ABAP version 7.4 suffers from a directory traversal vulnerability.
84ff922450ca8f53eaea6f84e5101ea1a2bb7652412f540755f0c5b78015f1e1A specially crafted web-page can cause an integer underflow in Microsoft Edge. This causes CTextExtractor::GetBlockText to read data outside of the bounds of a memory block.
a984d8735416e8243d6142b60aab6cfce17d75a9759a5602e935e16a782f911ePalo Alto Networks PanOS suffers from a root_reboot local privilege escalation vulnerability.
77b90d6716d58a4f8b814a7d51d68c8130edeff0b31b29a1ae4d36ee5932035cPalo Alto Networks PanOS suffers from a root_trace local privilege escalation vulnerability.
fa9287845339b7532fe00af817e6a9f334b941965b54b7b6772bb41d07ad920dA specially crafted web-page can cause the iertutil.dll module of Microsoft Internet Explorer 11 to free some memory while it still holds a reference to this memory. The module can be made to use this reference after the memory has been freed. Unlike many use-after-free bugs in MSIE, this issue, and apparently all code in this module, is not mitigated by MemGC. This issue appears to have been addressed in July 2016, as it failed to reproduce after the July security updates were installed.
01af43626269ff73fc6b2ea76ed5f2d57b9d1846e598b777c8690711208858f4Relevanssi Premium version 1.14.4 suffers from a remote SQL injection vulnerability.
679c29060b65dc84d082552b03e799104a81dfec85db097aec556548b1eac5f6An unserialization vulnerability in Relevanssi Premium version 1.14.4 could allow for code execution.
6927b4ab7d5885556bd754c2ad01701b0d593da38e2a88a2428cccf5bb0216fcHuawei Flybox B660 3G/4G router suffers from an authentication bypass vulnerability.
ce58a278dfaa72cd2defb07b73ca0a656ab89651fb916c124e23668738c7977aHabari CMS version 0.9.2 suffers from a cross site scripting vulnerability.
5bb8887354a1174390325a4d811786b9db49c94b97aafe970f995fca834927b7Post Indexer version 3.0.6.1 suffers from a man-in-the-middle vulnerability that may allow for arbitrary code execution.
ae251345f938c977f6f946b8a67e335ec898d22c843c43fc210bb0cdd04d4b34Post Indexer version 3.0.6.1 suffers from a remote SQL injection vulnerability.
29834485d983a58f496acf14a03989b41aa447ba1ef4b268ba5ec7b3d8676a83Teradata Studio Express version 15.12.00.00 suffers from a /tmp race condition.
583918d299382692f75adf180be7fce3356ec3b11412eae6360e55551f4db194Palo Alto Networks PanOS suffers from a stack buffer overflow in the appweb3 embedded webserver.
46316d54fe0b1eaeb6e793d9de3a88060515fc612e68480aff0ecc2569c52c70Apple iOS version 1.0 suffers from multiple access permission vulnerabilities.
f62e2deaf755703843eec2ea1bba1cf6e4d4dd682c549ac566c53be70a175bb2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed