Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
562e32370844ff08b49d43a83c6a3a84170947f52ba058432e3b81d9fdadc08cUbuntu Security Notice 4740-1 - It was discovered that Apache Shiro mishandled specially crafted requests. An attacker could use this vulnerability to bypass authentication mechanisms.
b3b8bf514ec38521acd2be501b5bd64089f6ae87f9304453ee94171d077ac559Red Hat Security Advisory 2021-0611-01 - The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly.
47745c5fc42d6a7d68a5d49b3d5f996c8d4a635eda377a44026d8a187d80e8a0Given a scenario where an outgoing call is placed from Asterisk to a remote SIP server it is possible for a crash to occur. The code responsible for negotiating SDP in SIP responses incorrectly assumes that SDP negotiation will always be successful. If a SIP response containing an SDP that can not be negotiated is received a subsequent SDP negotiation on the same call can cause a crash.
a598689c226c0f0b2be7c0f2f5f641be7af78caf65f348109e0446002e06d18fThis program demonstrates a time-of-check-time-of-use TOCTOU vulnerability in Firejail. Winning it causes Firejail to create an insecure overlayfs layout, that is then used to escalate privileges by making /etc/ld.so.preload user writable.
adefafe1c85cc2ef526eedeae1ad122c13edd91a2e7eeb35bc0f9aa07cfe03e9Ubuntu Security Notice 4741-1 - It was discovered that Jackson Databind incorrectly handled deserialization. An attacker could possibly use this issue to execute arbitrary code.
3f87f3755ce52d2f838568100aa5bcddd41562af238a4049341de0c8ae70d50cDue to a signedness comparison mismatch, an authenticated WebRTC client could cause a stack overflow and Asterisk crash by sending multiple hold/unhold requests in quick succession.
514c38f88457c5adefa470f62cfa4733ee26d4eda6458c3b24c7bb21f2ec9701An unauthenticated remote attacker could replay SRTP packets which could cause an Asterisk instance configured without strict RTP validation to tear down calls prematurely.
c6b2cb980ac1c471ada712a10083d5e4a2f109aa8638a11055f9f18afbbc09abdataSIMS Avionics ARINC 664-1 version 4.5.3 suffers from a local buffer overflow vulnerability.
fb2146f71f5492c1997492e5227915f35165c11c8c93ca3251f06a0b3dbb8349When re-negotiating for T.38 if the initial remote response was delayed just enough Asterisk would send both audio and T.38 in the SDP. If this happened, and the remote responded with a declined T.38 stream then Asterisk would crash.
2a9795115e2a46d96ffa9cb29f66fab90c91d64bdafcfd927d79e02c48f5c8b5If a registered user is tricked into dialing a malicious number that sends lots of 181 responses to Asterisk, each one will cause a 181 to be sent back to the original caller with an increasing number of entries in the ???Supported??? header. Eventually the number of entries in the header exceeds the size of the entry array and causes a crash.
2f45006a2c9afadddcf34831d258755849dc791b989f4dce2ef9bb09888bc8d9Online Exam System With Timer version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
3fa34b5f3e08b7d12953e622aa8b45d2e4797b9ced277916db0e75294f3387dbBeauty Parlour Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
34fe4781069f55ef636ebeb487e5c7873e252073bfb2323964a77fb81e0458efBeauty Parlour Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Prof. Kailas Patil in June of 2020.
3af5ffb0c4ba62a9575b929a7d6c4ce9cdaa1cbd415b87c400525e94793a274aBackdoor.Win32.Bionet.10 malware has an ftp service that allows for anonymous login.
404aa1cc25a484f04ec04f3fcdd9b35295adf133838edc77ca4e63911e3d6bdeComment System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
46878eefcae9571cb16bc25507a049e842376b95088b9e7b41522e7641082ae1Backdoor.Win32.DarkKomet.apcc malware suffers from an insecure permissions vulnerability.
aecb3a0c272436b731621f6bcd2825f3baf0858666fecf06db2f2a9d8b681638Backdoor.Win32.DarkKomet.bhfh malware suffers from an insecure permissions vulnerability.
5093711b0c6d00b1510fcead1c8a97d6fde81a882fde3001e630e1feeccf901aOpenText Content Server version 20.3 suffers from multiple persistent cross site scripting vulnerabilities.
dbbfc659d2fde29e9fb6fb4d8b71106fd64cd09ff143fade3c3ea59fbd6c45d6This is a whitepaper that details identifying cross site scripting vulnerabilities in both the Neo and Matrix LMS codebase.
425783c0a58f4b3d8ceaa1ef51c78b248dc59a4e994ea242a952886897d53b3d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed