[Canvas] CANVAS 7.20 released
Immunity CANVAS
canvas at immunityinc.com
Wed Oct 31 20:05:17 UTC 2018
########################################################################
# *CANVAS Release 7.20* #
########################################################################
*Date*: 31 October 2018
*Version*: 7.20
*Download URL*: https://canvas.immunityinc.com/getcanvas
*Release Notes*:
In this CANVAS release we are bringing you 7 new modules and bugfixes.
Our new modules include an auto privilege escalation module for windows,
two arbitrary kernel read modules targeting Linux, one deserialization
module targeting JBoss <= 4.x, an arbitrary file upload module targeting
Blueimp JQuery-File-Upload, one user enumeration module targeting
OpenSSH <= 7.7 and a generic privilege escalation module targeting
misconfigured sudo.
==Changes==
o spectre_file_leak (Improvements)
o New CANVAS dependency installer available for Linux
o Will install all of our required dependencies including Python 2.7
o Installer available in CANVAS_ROOT/installer/linux_installer.sh
o Documentation available in
CANVAS_ROOT/Documentation/Linux_Install_Guide.txt
==New Modules==
o auto_lpe_windows
o show_timer_leak (CVE-2017-18344)
o dmesg_leak (CVE-2018-14656)
o jbossmq_httpil_deserialization (CVE-2017-7504)
o jquery_file_upload (CVE-2018-9206)
o ssh_enum (CVE-2018-15473)
o sudo_elevate
*CANVAS Tips 'n' Tricks*:
With this release we are also bringing a CANVAS Linux Dependencies
Installer! Be sure to check out the documentation in
CANVAS_ROOT/Documentation/Linux_Install_Guide.txt for more information!
########################################################################
########################################################################
More information about the Canvas
mailing list