Home page logo
/

nmap-dev logo Nmap Development mailing list archives

New VA Modules: NSE: 3, OpenVAS: 32, MSF: 2
From: New VA Module Alert Service <postmaster () insecure org>
Date: Fri, 18 Nov 2011 10:05:56 -0800 (PST)

This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== Nmap Scripting Engine scripts (3) ==

r27108 http-vuln-cve2011-3368 http://nmap.org/nsedoc/scripts/http-vuln-cve2011-3368.html
Check against CVE-2011-3368 "Reverse Proxy Bypass", as described by
http://www.contextis.com/research/blog/reverseproxybypass/ The script
will run 3 tests: o the loopback test, with 3 payloads to handle
different rewrite rules o the internal hosts test. According to
Contextis, we expect a delay before a server error. o The external
website test. This does not mean that you can reach a LAN ip, but this
is a relevant issue anyway.

r27109 nexpose-brute http://nmap.org/nsedoc/scripts/nexpose-brute.html
Performs brute force password auditing against a Nexpose vulnerability
scanner using the API 1.1.

r27110 maxdb-info http://nmap.org/nsedoc/scripts/maxdb-info.html
Retrieves version and database information from a SAP Max DB database.

== OpenVAS plugins (32) ==

r12134 863621 gb_fedora_2011_14673_krb5_fc15.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_14673_krb5_fc15.nasl?root=openvas&view=markup
Fedora Update for krb5 FEDORA-2011-14673

r12134 870515 gb_RHSA-2011_1458-01_bind.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_RHSA-2011_1458-01_bind.nasl?root=openvas&view=markup
RedHat Update for bind RHSA-2011:1458-01

r12134 902749 secpod_ocs_inventory_ng_xss_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_ocs_inventory_ng_xss_vuln.nasl?root=openvas&view=markup
OCS Inventory NG Persistent Cross-site Scripting Vulnerability

r12134 902587 secpod_herberlin_bremsserver_dir_trav_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_herberlin_bremsserver_dir_trav_vuln.nasl?root=openvas&view=markup
Herberlin Bremsserver Directory Traversal Vulnerability

r12134 802515 gb_mozilla_prdts_mult_unspecified_vuln_macosx.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_unspecified_vuln_macosx.nasl?root=openvas&view=markup
Mozilla Products Multiple Unspecified Vulnerabilities (MAC OS X

r12134 802518 gb_mozilla_prdts_xss_n_mem_crptn_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mozilla_prdts_xss_n_mem_crptn_vuln_win.nasl?root=openvas&view=markup
Mozilla Products XSS and Memory Corruption Vulnerabilities (Windows)

r12134 863624 gb_fedora_2011_15256_squid_fc14.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_15256_squid_fc14.nasl?root=openvas&view=markup
Fedora Update for squid FEDORA-2011-15256

r12134 863625 gb_fedora_2011_15856_kernel_fc15.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_15856_kernel_fc15.nasl?root=openvas&view=markup
Fedora Update for kernel FEDORA-2011-15856

r12134 831494 gb_mandriva_MDVSA_2011_175.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_175.nasl?root=openvas&view=markup
Mandriva Update for poppler MDVSA-2011:175 (poppler)

r12134 802513 gb_mozilla_prdts_wrapper_priv_esc_vuln_macosx.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mozilla_prdts_wrapper_priv_esc_vuln_macosx.nasl?root=openvas&view=markup
Mozilla Products 'NoWaiverWrapper' Privilege Escalation Vulnerability
(Windows)

r12134 802517 gb_mozilla_prdts_priv_esc_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mozilla_prdts_priv_esc_vuln_win.nasl?root=openvas&view=markup
Mozilla Products Privilege Escalation Vulnerabily (Windows)

r12134 802510 gb_mozilla_prdts_browser_engine_dos_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mozilla_prdts_browser_engine_dos_vuln_win.nasl?root=openvas&view=markup
Mozilla Products Browser Engine Denial of Service Vulnerabilities
(Windows)

r12134 840809 gb_ubuntu_USN_1264_1.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1264_1.nasl?root=openvas&view=markup
Ubuntu Update for bind9 USN-1264-1

r12134 840808 gb_ubuntu_USN_1266_1.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1266_1.nasl?root=openvas&view=markup
Ubuntu Update for openldap USN-1266-1

r12134 831496 gb_mandriva_MDVSA_2011_176_1.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_176_1.nasl?root=openvas&view=markup
Mandriva Update for bind MDVSA-2011:176-1 (bind)

r12134 870517 gb_RHSA-2011_1455-01_freetype.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_RHSA-2011_1455-01_freetype.nasl?root=openvas&view=markup
RedHat Update for freetype RHSA-2011:1455-01

r12134 802516 gb_mozilla_prdts_xss_n_mem_crptn_vuln_macosx.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mozilla_prdts_xss_n_mem_crptn_vuln_macosx.nasl?root=openvas&view=markup
Mozilla Products XSS and Memory Corruption Vulnerabilities (MAC OS X)

r12134 902586 secpod_adobe_coldfusion_multiple_path_disc_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_adobe_coldfusion_multiple_path_disc_vuln.nasl?root=openvas&view=markup
Adobe ColdFusion Multiple Path Disclosure Vulnerabilities

r12134 863626 gb_fedora_2011_15233_squid_fc15.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_15233_squid_fc15.nasl?root=openvas&view=markup
Fedora Update for squid FEDORA-2011-15233

r12134 802514 gb_mozilla_prdts_mult_vuln_nov11_macosx.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_vuln_nov11_macosx.nasl?root=openvas&view=markup
Mozilla Products Multiple Vulnerabilities (MAC OS X)

r12134 802511 gb_mozilla_prdts_mult_vuln_nov11_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mozilla_prdts_mult_vuln_nov11_win.nasl?root=openvas&view=markup
Mozilla Products Multiple Vulnerabilities (Windows)

r12134 870516 gb_RHSA-2011_1459-01_bind97.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_RHSA-2011_1459-01_bind97.nasl?root=openvas&view=markup
RedHat Update for bind97 RHSA-2011:1459-01

r12134 831495 gb_mandriva_MDVSA_2011_176.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_176.nasl?root=openvas&view=markup
Mandriva Update for bind MDVSA-2011:176 (bind)

r12134 802512 gb_mozilla_prdts_priv_esc_vuln_macosx.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mozilla_prdts_priv_esc_vuln_macosx.nasl?root=openvas&view=markup
Mozilla Products Privilege Escalation Vulnerabily (MAC OS X)

r12134 802509 gb_mozilla_prdts_wrapper_priv_esc_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mozilla_prdts_wrapper_priv_esc_vuln_win.nasl?root=openvas&view=markup
Mozilla Products 'NoWaiverWrapper' Privilege Escalation Vulnerability
(Windows)

r12134 840806 gb_ubuntu_USN_1261_1.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1261_1.nasl?root=openvas&view=markup
Ubuntu Update for quagga USN-1261-1

r12134 863623 gb_fedora_2011_15338_wireshark_fc14.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_15338_wireshark_fc14.nasl?root=openvas&view=markup
Fedora Update for wireshark FEDORA-2011-15338

r12134 863622 gb_fedora_2011_15328_wireshark_fc15.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_15328_wireshark_fc15.nasl?root=openvas&view=markup
Fedora Update for wireshark FEDORA-2011-15328

r12134 863620 gb_fedora_2011_14650_krb5_fc14.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_14650_krb5_fc14.nasl?root=openvas&view=markup
Fedora Update for krb5 FEDORA-2011-14650

r12134 840805 gb_ubuntu_USN_1263_1.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1263_1.nasl?root=openvas&view=markup
Ubuntu Update for icedtea-web USN-1263-1

r12134 902755 secpod_wordpress_mult_plugins_sql_inj_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_wordpress_mult_plugins_sql_inj_vuln.nasl?root=openvas&view=markup
WordPress Multiple Plugins SQL Injection Vulnerabilities

r12134 840807 gb_ubuntu_USN_1265_1.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1265_1.nasl?root=openvas&view=markup
Ubuntu Update for system-config-printer USN-1265-1

== Metasploit modules (2) ==

r14278 http://metasploit.com/redmine/projects/framework/repository/entry/modules/post/linux/manage/sudo.rb
Linux Post Sudo Upgrade Shell

r14280 http://metasploit.com/redmine/projects/framework/repository/entry/modules/post/multi/manage/sudo.rb
Linux Post Sudo Upgrade Shell
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
  • New VA Modules: NSE: 3, OpenVAS: 32, MSF: 2 New VA Module Alert Service (Nov 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault