Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
c05bd6e6ad0ecffe2cd0da935f7edf67
Qualys discovered a remote command execution vulnerability in Exim versions 4.87 to 4.91.
bad52ccc6a1c8c1cead9b91ad808d490
Debian Linux Security Advisory 4454-2 - Vincent Tondellier reported that the qemu update issued as DSA 4454-1 did not correctly backport the support to define the md-clear bit to allow mitigation of the MDS vulnerabilities. Updated qemu packages are now available to correct this issue.
a03da932c9916c53240d8d18629d8df3
Gentoo Linux Security Advisory 201906-1 - A vulnerability in Exim could allow a remote attacker to execute arbitrary commands. Versions less than 4.92 are affected.
47d2f53b79d941614c48975ccb557cca
Red Hat Security Advisory 2019-1400-01 - The AMQ Client enables connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol.
c6e5a45204c63898aa6ed0709b98d327
Red Hat Security Advisory 2019-1399-01 - The AMQ Client enables connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol. This update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 7.
4ed6c521bfdb01e7e852ba12e94df8d3
Red Hat Security Advisory 2019-1398-01 - The AMQ Client enables connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol. This update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 7.
79712c085bc14708a1c4887ecca16d11
Ubuntu Security Notice 4011-2 - USN-4011-1 fixed several vulnerabilities in Jinja2. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Olivier Dony discovered that Jinja incorrectly handled str.format. An attacker could possibly use this issue to escape the sandbox. Various other issues were also addressed.
334f54291ccbae418a095a0d4322c3fc
Ubuntu Security Notice 4011-1 - Olivier Dony discovered that Jinja incorrectly handled str.format. An attacker could possibly use this issue to escape the sandbox. This issue only affected Ubuntu 16.04 LTS. Brian Welch discovered that Jinja incorrectly handled str.format_map. An attacker could possibly use this issue to escape the sandbox.
35714135c42e4cbc629e4cd3cd3d4236
Supra Smart Cloud TV suffers from an openLiveURL() remote file inclusion vulnerability.
25ecf7c683b48930b3f5f26642c4927a
Ubuntu Security Notice 4008-3 - USN-4008-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Robert Swiecki discovered that the Linux kernel did not properly apply Address Space Layout Randomization in some situations for setuid elf binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid elf binary. Various other issues were also addressed.
db49ff8f595ab9c220359728c2fce6de
Ubuntu Security Notice 3991-2 - USN-3991-1 fixed vulnerabilities in Firefox. The update caused a regression which resulted in issues when upgrading between Ubuntu releases. This update fixes the problem. Multiple security issues were discovered in Firefox.
dfe92b399280a2bd7624c1594870919f