Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
90404f393e1aa6c6fafeef71235bc634ebdb281bf5d4657ebbf60628cfae95ffCisco AnyConnect Secure Mobility Client for Windows version 4.8.01090 suffer from a privilege escalation vulnerability due to insecure handling of path names.
8ee614424eee5c4644b331ca89e2c2afc6470c9c8941cb5e0f7d3280686ef76cQRadar Community Edition version 7.3.1.6 has a path traversal that exists in the session validation functionality. In particular, the vulnerability is present in the part that handles session tokens (UUIDs). QRadar fails to validate if the user-supplied token is in the correct format. Using path traversal it is possible for authenticated users to impersonate other users, and also to executed arbitrary code (via Java deserialization). The code will be executed with the privileges of the Tomcat system user.
d0089d965548cc9ad0cf3335b0445c8f608d84826c153acdf719f7a4d672de9aQRadar Community Edition version 7.3.1.6 suffers from an authorization bypass vulnerability.
eaefd76762cac1aef9a9ba909eae0231fa2f6033f281a8d3c45881d26db41f86QRadar Community Edition version 7.3.1.6 is vulnerable to instantiation of arbitrary objects based on user-supplied input. An authenticated attacker can abuse this to perform various types of attacks including server-side request forgery and (potentially) arbitrary execution of code.
79acda4a95f3ff77796484c45f9a5e4263e1e7678990f7cefeb06fe52b21e965QRadar Community Edition version 7.3.1.6 suffers from a php object injection vulnerability.
f3ead7ab6cd9ff80673ed0eb62aee04ea3cf3ec0b0842fbda2123d7595ae9847QRadar Community Edition version 7.3.1.6 suffers from a local privilege escalation due to insecure file permissions with run-result-reader.sh.
715d99b55d854b8fb9614afe2a7874cfe20587ea62fbe0dc00f243f7d7096d49QRadar Community Edition version 7.3.1.6 suffers from a reflective cross site scripting vulnerability in the Forensics link analysis page.
de763810bd2f7fcedfeb5bef3c398e9153a25a188ec90a611064997aac9a057bRed Hat Security Advisory 2020-1513-01 - Git is a distributed revision control system with a decentralized architecture. A credential leak vulnerability has been addressed.
c4caf637667ce99c4f0bd3337c845778695775264de1fe4ea35bc47925161cf4Red Hat Security Advisory 2020-1518-01 - Git is a distributed revision control system with a decentralized architecture. A credential leak vulnerability has been addressed.
b1e3d6080cfa1645a6b7c274fe2026fefe3426f7b2a1a3724f1fcf04cfd1d6a1Red Hat Security Advisory 2020-1514-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities.
d480ff02e34872a8c5d2a5061c4987a074dbf37d7dbc240fa7395c14b831c7acQRadar Community Edition version 7.3.1.6 suffers from cross site request forgery and weak access control vulnerabilities.
1caf5adfef98f5b24c0b2fa37febb95cb109d5510d52d085c81c9c3de940faf4QRadar Community Edition version 7.3.1.6 has an issue where the RssFeedItem class of the QRadar web application is used to fetch and parse RSS feeds. No validation is performed on the user-supplied RSS feed URL. Due to the lack of URL validation (whitelisting), it is possible for authenticated attackers to execute Server-Side Request Forgery attacks. Using this issue it is possible to call the Apache Axis AdminService webservice in order to execute arbitrary code with the privileges of the Tomcat user.
c78ec41b4d8e07a1a88990b1959fd41ff5c7e8f2a7dc9c0d3bc5f59588faaa55QRadar Community Edition version 7.3.1.6 is deployed with a default password for the ConfigServices account. Using this default password it is possible to download configuration sets containing sensitive information, including (encrypted) credentials and host tokens. With these host tokens it is possible to access other parts of QRadar.
7b24d2b362e3b645c36d7e340f45ee8ed555752f025a186acb8909e63ea7536dUbuntu Security Notice 4333-1 - It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service.
1967c18bd3169d4327564565e9b7b0b2a4f936862d568280504cb0802ebca14fSky File version 2.1.0 for iOS suffers from cross site scripting and directory traversal vulnerabilities.
1da9b3cb23fa8817040ca9fb3d24cdce84e94c7dadc69c2868cb4c0eed9a1022Mahara version 19.10.2 suffers from a persistent cross site scripting vulnerability.
94fed8e7464056469688c0e2040d40c4ab132e55edc8127c1fa0f1a3a10d8632OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46The haproxy hpack implementation in hpack-tbl.c handles 0-length HTTP headers incorrectly. This can lead to a fully controlled relative out-of-bounds write when processing a malicious HTTP2 request (or response).
6313a8193a04a7546984327f36401b3e595cd897bef3968ddef00a3d7d80f2c5Red Hat Security Advisory 2020-1523-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Various serialization issues have been addressed.
85cc23fbad7d6bfd857fc2345aa818a2fbef4a4b3d09f16cbfca7af55e5e1414Neowise CarbonFTP version 1.4 suffers from an insecure proprietary password encryption implementation. Second version of this exploit that is updated to work with Python 3.
85cb5f2e3f8cc5c5c6046d113ad20c3b308549088088cf06664f3bfe93538150Ubuntu Security Notice 4334-1 - Carlo Arenas discovered that Git incorrectly handled certain URLs containing newlines, empty hosts, or lacking a scheme. A remote attacker could possibly use this issue to trick Git into returning credential information for a wrong host.
820190f1fd2e16e5268a49e7f0499598d94db513cb8eb95a3b7797b7f8419fb0Red Hat Security Advisory 2020-1512-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities.
9664c0aa12f56daa3f3af98d57823537d9c851d3dcc8b1eed8523f97a35365c4P5 FNIP-8x16A / FNIP-4xSH versions 1.0.20 and 1.0.11 suffer from cross site request forgery and cross site scripting vulnerabilities.
37dc134c292cda2331964baf8467bdf49fc496b2b3f1b9cc5c262880a403124fRed Hat Security Advisory 2020-1509-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities.
e025cacebd2c8340f3adefc56b8e0018387c6cff6ed221a7c5ef90a58afb90de
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed