AndroidVTS / android-vts

Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.
Other
1.02k stars 272 forks source link

Error running several tests on Android 4.2.2 #69

Closed Timon34 closed 9 years ago

Timon34 commented 9 years ago

Current v.9 from November 18, 2015 is used

On KENEKSI Fire 2 running Android 4.2.2 several errors 'Error running the test' occurs (see screenshot at http://snag.gy/QYdJH.jpg ).

We see 'Error running the test: Test error' for CVE-2015-1539 CVE-2015-3824 CVE-2015-3828 sf-itunes-poc and 'Error running the test: com.android.org.conscrypt.OpenSSLX509Certificate' for CVE-2015-3825 Could it be fixed in the next versions?

Fuzion24 commented 9 years ago

@Timon34 would it be possible for you to add the logcat logs here?

Timon34 commented 9 years ago

Could you please tell me who should be developer of logcat? In Google Play I found several apps with similar name and don't know what to use. Sorry for my 'dark'. And what type of logs do you need (if there is a difference). I also have a tablet running Android 4.4.2 that also shows several errors 'Error running the test: Test error'. I can make logs there too, if you'll give me more detailed instructions. Sorry, but I don't have root access on all devices.

Timon34 commented 9 years ago

Here are screenshots from other device

Current v.9 from November 18, 2015 is used

On DEXP Ursus 10M 3G running Android 4.4.2 several errors 'Error running the test' occurs (see screenshot at http://snag.gy/nlkfT.jpg ).

We see 'Error running the test: Test error' for CVE-2015-1539 CVE-2015-3828 (they are similar to errors that are presents on KENEKSI device from original post)

I'm still ready to provide logs to you, if you'll give me more detailed instructions.

Fuzion24 commented 9 years ago

https://github.com/nowsecure/android-vts/issues/48#issuecomment-157886541

Fuzion24 commented 9 years ago

https://github.com/nowsecure/android-vts/pull/83

Fuzion24 commented 9 years ago

In general, if you are not running the newest version of Android, you should consider your device extremely vulnerable.