Home page logo
/

nmap-dev logo Nmap Development mailing list archives

New VA Modules: MSF: 1, Nessus: 58
From: New VA Module Alert Service <postmaster () insecure org>
Date: Sat, 19 Nov 2011 10:00:24 -0800 (PST)

This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== Metasploit modules (1) ==

r14283 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/misc/wireshark_lua.rb
Wireshark console.lua pre-loading vulnerability

== Nessus plugins (58) ==

56875 macosx_flash_player_11_1_102_55.nasl
http://nessus.org/plugins/index.php?view=single&id=56875
Flash Player for Mac <= 10.3.183.10 / 11.0.1.152 Multiple
Vulnerabilities (APSB11-28)

56874 flash_player_apsb11-28.nasl
http://nessus.org/plugins/index.php?view=single&id=56874
Flash Player <= 10.3.183.10 / 11.0.1.152 Multiple Vulnerabilities
(APSB11-28)

56873 itunes_10_5_1_banner.nasl
http://nessus.org/plugins/index.php?view=single&id=56873
iTunes < 10.5.1 Update Authenticity Verification Weakness
(uncredentialed check)

56872 itunes_10_5_1.nasl
http://nessus.org/plugins/index.php?view=single&id=56872
iTunes < 10.5.1 Update Authenticity Verification Weakness (credentialed
check)

56871 macosx_itunes_10_5_1.nasl
http://nessus.org/plugins/index.php?view=single&id=56871
iTunes < 10.5.1 Update Authenticity Verification Weakness (Mac OS X)

56870 ubuntu_USN-1267-1.nasl
http://nessus.org/plugins/index.php?view=single&id=56870
USN-1267-1 : freetype vulnerabilities

56869 ubuntu_USN-1266-1.nasl
http://nessus.org/plugins/index.php?view=single&id=56869
USN-1266-1 : openldap vulnerability

56868 ubuntu_USN-1265-1.nasl
http://nessus.org/plugins/index.php?view=single&id=56868
USN-1265-1 : system-config-printer vulnerability

56867 redhat-RHSA-2011-1459.nasl
http://nessus.org/plugins/index.php?view=single&id=56867
RHSA-2011-1459: bind97

56866 redhat-RHSA-2011-1458.nasl
http://nessus.org/plugins/index.php?view=single&id=56866
RHSA-2011-1458: bind

56865 fedora_2011-15856.nasl
http://nessus.org/plugins/index.php?view=single&id=56865
Fedora 15 2011-15856

56864 fedora_2011-15256.nasl
http://nessus.org/plugins/index.php?view=single&id=56864
Fedora 14 2011-15256

56863 fedora_2011-15233.nasl
http://nessus.org/plugins/index.php?view=single&id=56863
Fedora 15 2011-15233

56862 bind9_981_p1.nasl
http://nessus.org/plugins/index.php?view=single&id=56862
ISC BIND 9 Query.c Logging Resolver Denial of Service

56861 ubuntu_USN-1264-1.nasl
http://nessus.org/plugins/index.php?view=single&id=56861
USN-1264-1 : bind9 vulnerability

56860 ubuntu_USN-1263-1.nasl
http://nessus.org/plugins/index.php?view=single&id=56860
USN-1263-1 : icedtea-web, openjdk-6, openjdk-6b18 vulnerabilities

56859 redhat-RHSA-2011-1455.nasl
http://nessus.org/plugins/index.php?view=single&id=56859
RHSA-2011-1455: freetype

56858 mandriva_MDVSA-2011-176.nasl
http://nessus.org/plugins/index.php?view=single&id=56858
MDVSA-2011:176-1 : bind

56857 freebsd_pkg_90cc149410ac11e1b3ec0024e830109b.nasl
http://nessus.org/plugins/index.php?view=single&id=56857
FreeBSD : BIND -- Remote DOS (90cc1494-10ac-11e1-b3ec-0024e830109b)

56856 debian_DSA-2347.nasl
http://nessus.org/plugins/index.php?view=single&id=56856
[DSA2347] DSA-2347-1 bind9

56818 pci_dss_potential_xsrf.nasl
http://nessus.org/plugins/index.php?view=single&id=56818
CGI Generic Cross-Site Request Forgery Detection (potential)

17728 tomcat_6_0_13.nasl
http://nessus.org/plugins/index.php?view=single&id=17728
Apache Tomcat < 6.0.13 Multiple Vulnerabilities

17727 tomcat_5_5_23.nasl
http://nessus.org/plugins/index.php?view=single&id=17727
Apache Tomcat 5.0.x <= 5.0.30 / 5.5.x < 5.5.23 Content-Length HTTP
Request Smuggling

17726 tomcat_4_1_36.nasl
http://nessus.org/plugins/index.php?view=single&id=17726
Apache Tomcat 4.x < 4.1.36 Multiple Vulnerabilities

17725 sun_java_web_console_uri_redirect.nasl
http://nessus.org/plugins/index.php?view=single&id=17725
Sun Java Web Console BeginLogin.jsp redirect_url Parameter URI
Redirection

17724 sendmail_8_13_8.nasl
http://nessus.org/plugins/index.php?view=single&id=17724
Sendmail < 8.13.8 Header Processing Overflow DoS

17723 samba_smbmnt.nasl
http://nessus.org/plugins/index.php?view=single&id=17723
Samba smbmnt Local Privilege Escalation

17722 samba_mksmbpasswd.nasl
http://nessus.org/plugins/index.php?view=single&id=17722
Samba < 3.0.2 mksmbpasswd.sh Uninitialized Passwords

17721 samba_3_0_6.nasl
http://nessus.org/plugins/index.php?view=single&id=17721
Samba < 3.0.6 Unspecified Remote Memory Leak Information Disclosure

17720 samba_3_0_5.nasl
http://nessus.org/plugins/index.php?view=single&id=17720
Samba SWAT 3.0.2 - 3.0.4 HTTP Basic Auth base64 Buffer Overflow

17719 samba_3_0_26.nasl
http://nessus.org/plugins/index.php?view=single&id=17719
Samba idmap_ad.so Winbind nss_info Extension Local Privilege Escalation

17718 proftpd_1_3_1_rc1.nasl
http://nessus.org/plugins/index.php?view=single&id=17718
ProFTPD < 1.3.1rc1 mod_ctrls Module pr_ctrls_recv_request Function Local
Overflow

17717 php_symlink_function_race_condition.nasl
http://nessus.org/plugins/index.php?view=single&id=17717
PHP Symlink Function Race Condition open_basedir Bypass

17716 php_sendmail_argument_injection.nasl
http://nessus.org/plugins/index.php?view=single&id=17716
PHP mb_send_mail() Function Parameter Security Bypass

17715 php_ip2long_sql_injection.nasl
http://nessus.org/plugins/index.php?view=single&id=17715
PHP ip2long Function String Validation Weakness

17714 php_ffi_security_bypass.nasl
http://nessus.org/plugins/index.php?view=single&id=17714
PHP Foreign Function Interface Arbitrary DLL Loading safe_mode
Restriction Bypass

17713 php_5_1_5.nasl
http://nessus.org/plugins/index.php?view=single&id=17713
PHP 5.1.x < 5.1.5 Multiple Vulnerabilities

17712 php_5_1_2.nasl
http://nessus.org/plugins/index.php?view=single&id=17712
PHP 5.1.x < 5.1.2 Multiple Vulnerabilities

17711 php_5_1_0.nasl
http://nessus.org/plugins/index.php?view=single&id=17711
PHP 5.x < 5.1.0 Multiple Vulnerabilities

17710 php_4_4_4.nasl
http://nessus.org/plugins/index.php?view=single&id=17710
PHP < 4.4.4 Security Bypass Vulnerability

17709 php_4_4_2.nasl
http://nessus.org/plugins/index.php?view=single&id=17709
PHP < 4.4.2 Multiple Cross-Site Scripting Vulnerabilities

17708 oracle9iAS_http_request_smuggling.nasl
http://nessus.org/plugins/index.php?view=single&id=17708
Oracle 9i Application Server HTTP Request Smuggling

17707 openssl_0_9_5a.nasl
http://nessus.org/plugins/index.php?view=single&id=17707
OpenSSL < 0.9.5a /dev/random Check Failure

17706 openssh_rhel_43.nasl
http://nessus.org/plugins/index.php?view=single&id=17706
Red Hat Enterprise Linux OpenSSH ChrootDirectory Local Privilege
Escalation

17705 openssh_opie.nasl
http://nessus.org/plugins/index.php?view=single&id=17705
OPIE w/ OpenSSH Account Enumeration

17704 openssh_challenge_response.nasl
http://nessus.org/plugins/index.php?view=single&id=17704
OpenSSH S/KEY Authentication Account Enumeration

17703 openssh_59.nasl
http://nessus.org/plugins/index.php?view=single&id=17703
OpenSSH < 5.9 Multiple DoS

17702 openssh_361p2.nasl
http://nessus.org/plugins/index.php?view=single&id=17702
OpenSSH < 3.6.1p2 Multiple Vulnerabilities

17701 openssh_34p1.nasl
http://nessus.org/plugins/index.php?view=single&id=17701
OpenSSH < 3.4p1 scp Traversal Arbitrary File Overwrite

17700 openssh_210.nasl
http://nessus.org/plugins/index.php?view=single&id=17700
OpenSSH < 2.1.0 /dev/random Check Failure

17699 openssh_122.nasl
http://nessus.org/plugins/index.php?view=single&id=17699
OpenSSH < 1.2.2 sshd Local TCP Redirection Connection Masking Weakness

17698 mysql_user_defined_functions_restrictions.nasl
http://nessus.org/plugins/index.php?view=single&id=17698
MySQL User-Defined Functions Multiple Vulnerabilities

17697 mysql_5_0_21.nasl
http://nessus.org/plugins/index.php?view=single&id=17697
MySQL < 4.0.27 / 4.1.19 / 5.0.21 Information Disclosure

17696 apache_utf7_xss.nasl
http://nessus.org/plugins/index.php?view=single&id=17696
Apache HTTP Server 403 Error Page UTF-7 Encoded XSS

17695 apache_smb_document_root.nasl
http://nessus.org/plugins/index.php?view=single&id=17695
Apache Mixed Platform AddType Directive Information Disclosure

17694 apache_scriptalias_in_htdocs_dir_traversal2.nasl
http://nessus.org/plugins/index.php?view=single&id=17694
Apache on Windows mod_alias URL Validation Canonicalization CGI Source
Disclosure

17693 apache_mod_suexec.nasl
http://nessus.org/plugins/index.php?view=single&id=17693
Apache mod_suexec Multiple Privilege Escalation Vulnerabilities

17692 apache_mod_negotiation_xss.nasl
http://nessus.org/plugins/index.php?view=single&id=17692
Apache mod_negotiation Multi-Line Filename Upload Vulnerabilities
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
  • New VA Modules: MSF: 1, Nessus: 58 New VA Module Alert Service (Nov 19)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]