2015-11-13 22:00:59 +00:00
|
|
|
Categories:Security
|
|
|
|
License:MIT
|
|
|
|
Web Site:
|
|
|
|
Source Code:https://github.com/nowsecure/android-vts
|
|
|
|
Issue Tracker:https://github.com/nowsecure/android-vts/issues
|
|
|
|
|
|
|
|
Auto Name:VTS for Android
|
2015-11-16 16:26:11 +00:00
|
|
|
Summary:Check for vulnerabilities
|
2015-11-13 22:00:59 +00:00
|
|
|
Description:
|
2015-11-16 16:26:11 +00:00
|
|
|
This tool was meant to show the end user the attack surface that a given device
|
|
|
|
is susceptible to. In implementing these checks we attempt to minimize or
|
|
|
|
eliminate both false positives/false negatives without negatively affecting
|
|
|
|
system stability. List of current bug checks:
|
|
|
|
|
|
|
|
* ZipBug9950697
|
|
|
|
* Zip Bug 8219321 / Master keys
|
|
|
|
* Zip Bug 9695860
|
|
|
|
* Jar Bug 13678484 / Android FakeID
|
|
|
|
* CVE 2013-6282 / put/get_user
|
|
|
|
* CVE_2011_1149 / PSNueter / Ashmem Exploit
|
|
|
|
* CVE_2014_3153 / Futex bug / Towelroot
|
|
|
|
* CVE 2014-3847 / WeakSauce * StumpRoot
|
|
|
|
* Stagefright bugs
|
|
|
|
* x509 Serialization bug
|
|
|
|
* PingPong root - CVE-2015-3636
|
|
|
|
* Stagefright - CVE-2015-6602
|
2015-11-13 22:00:59 +00:00
|
|
|
* Samsung Remote Code Execution as System
|
2015-11-21 14:15:03 +00:00
|
|
|
* CVE-2015-6608
|
2015-11-13 22:00:59 +00:00
|
|
|
.
|
|
|
|
|
|
|
|
Repo Type:git
|
|
|
|
Repo:https://github.com/nowsecure/android-vts.git
|
|
|
|
|
|
|
|
Build:v.6,6
|
2015-11-16 16:26:11 +00:00
|
|
|
disable=binaries
|
2015-11-13 22:00:59 +00:00
|
|
|
commit=v.6
|
|
|
|
subdir=app
|
|
|
|
gradle=yes
|
|
|
|
|
2015-11-19 05:29:39 +00:00
|
|
|
Build:v.9,9
|
|
|
|
commit=v.9
|
|
|
|
subdir=app
|
|
|
|
gradle=yes
|
|
|
|
|
2015-11-26 05:22:28 +00:00
|
|
|
Build:v.11,11
|
|
|
|
commit=v.11
|
|
|
|
subdir=app
|
|
|
|
gradle=yes
|
|
|
|
|
2015-11-16 16:26:11 +00:00
|
|
|
Auto Update Mode:Version %v
|
2015-11-13 22:00:59 +00:00
|
|
|
Update Check Mode:Tags
|
2015-11-26 05:22:28 +00:00
|
|
|
Current Version:v.11
|
|
|
|
Current Version Code:11
|