Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
45e2416ad0d2f0070d929de4fba81b40Cisco AnyConnect Secure Mobility Client for Windows version 4.8.01090 suffer from a privilege escalation vulnerability due to insecure handling of path names.
e5a3959bc7c5608c73bf90960397d443QRadar Community Edition version 7.3.1.6 has a path traversal that exists in the session validation functionality. In particular, the vulnerability is present in the part that handles session tokens (UUIDs). QRadar fails to validate if the user-supplied token is in the correct format. Using path traversal it is possible for authenticated users to impersonate other users, and also to executed arbitrary code (via Java deserialization). The code will be executed with the privileges of the Tomcat system user.
6cb180e7e16b46cc6581407a5507d0a0QRadar Community Edition version 7.3.1.6 suffers from an authorization bypass vulnerability.
9f24dd39f62a7f642dc8c11ad679f568QRadar Community Edition version 7.3.1.6 is vulnerable to instantiation of arbitrary objects based on user-supplied input. An authenticated attacker can abuse this to perform various types of attacks including server-side request forgery and (potentially) arbitrary execution of code.
f813c8f629536b1985d46109b98d02f8QRadar Community Edition version 7.3.1.6 suffers from a php object injection vulnerability.
829d59fdbec4c7b0c02f591307aaf419QRadar Community Edition version 7.3.1.6 suffers from a local privilege escalation due to insecure file permissions with run-result-reader.sh.
78916b6ddfb832ae9b4373ee1c58da01QRadar Community Edition version 7.3.1.6 suffers from a reflective cross site scripting vulnerability in the Forensics link analysis page.
fe186d0de8d1507e14a349eb48108ff7Red Hat Security Advisory 2020-1513-01 - Git is a distributed revision control system with a decentralized architecture. A credential leak vulnerability has been addressed.
92448ecc0f469715a7665fc80fe26dc2Red Hat Security Advisory 2020-1518-01 - Git is a distributed revision control system with a decentralized architecture. A credential leak vulnerability has been addressed.
47d811b0e848be3fba2137566a691d84Red Hat Security Advisory 2020-1514-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities.
b5f646b1c9f2a6c5b53c34aaa4f4f85cQRadar Community Edition version 7.3.1.6 suffers from cross site request forgery and weak access control vulnerabilities.
c78a8cc9951bc948028d5c3082e91a0fQRadar Community Edition version 7.3.1.6 has an issue where the RssFeedItem class of the QRadar web application is used to fetch and parse RSS feeds. No validation is performed on the user-supplied RSS feed URL. Due to the lack of URL validation (whitelisting), it is possible for authenticated attackers to execute Server-Side Request Forgery attacks. Using this issue it is possible to call the Apache Axis AdminService webservice in order to execute arbitrary code with the privileges of the Tomcat user.
de790813f9ae985ff869c69760705113QRadar Community Edition version 7.3.1.6 is deployed with a default password for the ConfigServices account. Using this default password it is possible to download configuration sets containing sensitive information, including (encrypted) credentials and host tokens. With these host tokens it is possible to access other parts of QRadar.
2a17539a1ba52a631c01849db48b744cUbuntu Security Notice 4333-1 - It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service.
ac5bba68bffcad546f4ea31d25cfd519Sky File version 2.1.0 for iOS suffers from cross site scripting and directory traversal vulnerabilities.
68257141fc51e78cb831d3a1949e1aafMahara version 19.10.2 suffers from a persistent cross site scripting vulnerability.
2ceb51c35c29fa3430da64dc10fe32bcOpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
76766e98997660138cdaf13a187bd234The haproxy hpack implementation in hpack-tbl.c handles 0-length HTTP headers incorrectly. This can lead to a fully controlled relative out-of-bounds write when processing a malicious HTTP2 request (or response).
ec4200ed138e11159b83e1a1d18ff6d3Red Hat Security Advisory 2020-1523-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Various serialization issues have been addressed.
023435ab7c1f431c7ccf9b13d4d2d38eNeowise CarbonFTP version 1.4 suffers from an insecure proprietary password encryption implementation. Second version of this exploit that is updated to work with Python 3.
e7c69cbdc42341fad6f120be67f23e92Ubuntu Security Notice 4334-1 - Carlo Arenas discovered that Git incorrectly handled certain URLs containing newlines, empty hosts, or lacking a scheme. A remote attacker could possibly use this issue to trick Git into returning credential information for a wrong host.
097fd50bb7e0d002001c970367254791Red Hat Security Advisory 2020-1512-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities.
4751448b770f774273258a0d2d4f0ed2P5 FNIP-8x16A / FNIP-4xSH versions 1.0.20 and 1.0.11 suffer from cross site request forgery and cross site scripting vulnerabilities.
1c782b6ec67ea3314c3e252545f9fbdfRed Hat Security Advisory 2020-1509-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include denial of service and deserialization vulnerabilities.
53b5b450e3841b6a69c37703e8015c34
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed