Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
8129d5ada77e1560709a9e18a9acb5fe00993fca262cb66bb440b18e73fb5d2dCalibre Web version 0.6.21 suffers from a persistent cross site scripting vulnerability.
686e04b8fe52c5725bda61d40bbca828f80088e743ec7a871989a6041a45b1d0Ubuntu Security Notice 6974-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
37c3f9b7ef32a073d45c582a69ab42b6107ab985a5d9b0ad42205cec3c8ec0dcHelpdeskz version 2.0.2 suffers from a persistent cross site scripting vulnerability.
a8ac91a3cbedb116396a5b53757d88970af60c29a929c87cc0d371c438839a2eDebian Linux Security Advisory 5757-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
b36cd7bc93a9e6a4f0b3bb03a7b90689eecbec97b3839ed420816280b821c7b1SPIP version 4.2.11 suffers from a code execution vulnerability.
c4d5a7ec857d6143a4dc61f6cfd25f53a0e63155cbfd065edba914d1db5a6f2bLoan Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
ed75910910f3f594bf680ca801e599334e60fa3ca166470f03bfa31c27d4c6c4Ubuntu Security Notice 6973-2 - It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
ae63bfb6e280dd009e2c0a5fe99dec56f207432686e72f972bd7822a124051d0Jobs Finder System version 1.0 suffers from a cross site scripting vulnerability.
faf5a6f2bdf5a78896fae3a3733b2215bd787d63633b35a18fdd4238dbc3d2b4Ubuntu Security Notice 6972-3 - Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service.
3851e01a35e3009f6057ef8b82450d14866f3831ab11b59ea760316705789735HughesNet HT2000W Satellite Modem remote password reset exploit that leverages a path traversal vulnerability.
39985e65e2ad65f7d97ac082c4bb9179894f75c1041378c2a629dcd1f57fe3caHuman Resource Management System version 2024 version 1.0 suffers from a cross site scripting vulnerability.
25f4d7b7ca25178696d74bb308a9abcdd65caa3fc6c471e46b4b16febaa084eaEmployee Record Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
48f74abd4ae2b0a4eefcbc41869e56c73b5b26ad8ea6f55bc7ef2939ebb312a7DETS Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
8e871e7f49c2379860d7b67c7b6819a9dfb93577e9139f8863c582714f30982aAruba 501 version CN12G5W0XX suffers from a remote command execution vulnerability.
c7838fb2e5b92ed1dcaf8819750689cd7714fb6c9f3678ca9f108414bc074c10Bang Resto version 1.0 suffers from an information disclosure vulnerability.
830c31d95b7f59f003c211243b33e2126b35344e02f89fef93aa5788666eaf2aSchool Log Management System version 1.0 suffers from a WYSIWYG code injection vulnerability.
8ecbd78cc0fd66ac18a830457819fd7e6bc3280127a89e27f97777b39eda5335Simple College Website version 1.0 appears to suffers from a remote SQL injection vulnerability that allows an attacker to achieve code execution.
87a1f018cc026cf0415cd9dc7a48aea9bae4864d8fd6cadcb7d274baaacf9e4bThis Metasploit module demonstrates a command injection vulnerability in Ray via cpu_profile.
8df2df72517b571d9dd8bd6cfcba7d7a0e2e3adcc491da6ac95c7d5c7f943993This Metasploit modules demonstrates remote code execution in Ray via the agent job submission endpoint. This is intended functionality as Ray's main purpose is executing arbitrary workloads. By default Ray has no authentication.
276fa27f2b7f4e3368e29c64a43eb5175c7a06d6b1f36b8ce2b8c3203b044082DiCal-RED version 4009 provides a network server on TCP port 2101. This service does not seem to process any input, but it regularly sends data to connected clients. This includes operation messages when they are processed by the device. An unauthenticated attacker can therefore gain information about current emergency situations and possibly also emergency vehicle positions or routes.
ab5d94c2a1f0e4d8bfcda084e05a40a114001865191d658dc9600e79c80e6702DiCal-RED version 4009 makes use of unmaintained third party components with their own vulnerabilities.
ac46a5297fc9b5ee7331f8918ab83a70fa899f2cf27a29ac3f89865c35bbf946DiCal-RED version 4009 is vulnerable to unauthorized log access and other files on the device's file system due to improper authentication checks.
22505e01eb5b8d58240173b875a10f1ce90aedba603dcb8c2cab2ffb9c7b12b6DiCal-RED version 4009 has an administrative web interface that is vulnerable to path traversal attacks in several places. The functions to download or display log files can be used to access arbitrary files on the device's file system. The upload function for new license files can be used to write files anywhere on the device's file system - possibly overwriting important system configuration files, binaries or scripts. Replacing files that are executed during system operation results in a full compromise of the whole device.
7c7db8db22b8d44815d0c4d1894bb2b5c72cd299da13c7d7e62d1b7f68ee685eDiCal-RED version 4009 provides an administrative web interface that requests the administrative system password before it can be used. Instead of submitting the user-supplied password, its MD5 hash is calculated on the client side and submitted. An attacker who knows the hash of the correct password but not the password itself can simply replace the value of the password URL parameter with the correct hash and subsequently gain full access to the administrative web interface.
be90b2b3ba74aa9d5ebd8ad42a421183d9736ccd9ae6ba44a68eee851329062e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed