Most Kali Linux packages are outdated or vulnerable
Since Kali Linux Rolling is based on Debian, most the packages are outdated or vulnerable. For example, the Firefox and Firefox-ESR have two 0day vulnerabilities recently and they have been fixed by the Firefox official. Meanwhile, most of the Linux distributions are updated accordingly, e.g. Ubuntu. However, Firefox-ESR in Kali is still vulnerable.
I think that the packages in Kali Linux should be up-to-date as it is a security Linux distribution. Nobody will used a vulnerable penetration testing tool to do the security stuff.
Hope Kali Linux team can look into it and improve it in the near future.
Last edited by samiux; 2019-06-24 at 18:32.
Reason: fixed typo
While you do not know attack, how can you know about defense? (未知攻,焉知防?)
Think like a criminal and act as a professional.
Not only Try Harder but also Try Smarter!