Home page logo

nmap-dev logo Nmap Development mailing list archives

New VA Modules: NSE: 4, MSF: 2
From: New VA Module Alert Service <postmaster () insecure org>
Date: Sun, 20 May 2012 10:00:20 -0700 (PDT)

This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== Nmap Scripting Engine scripts (4) ==

r28632 mysql-dump-hashes http://nmap.org/nsedoc/scripts/mysql-dump-hashes.html
Dumps the password hashes from an MySQL server in a format suitable for
cracking by tools such as John-the-ripper. In order to do so the user
needs to have the appropriate DB privileges (root).

r28632 mysql-query http://nmap.org/nsedoc/scripts/mysql-query.html
Runs a query against a MySQL database and returns the results as a

r28633 distcc-CVE-2004-2687 http://nmap.org/nsedoc/scripts/distcc-CVE-2004-2687.html
Detects and exploits a remote code execution vulnerability in the
distributed compiler daemon distcc. The vulnerability was disclosed in
2002, but is still present in modern implementation due to poor
configuration of the service.

r28642 http-traceroute http://nmap.org/nsedoc/scripts/http-traceroute.html
Exploits the Max-Forwards HTTP header to detect the presence of reverse

== Metasploit modules (2) ==

r15303 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/misc/hp_vsa_exec.rb
HP StorageWorks P4000 Virtual SAN Appliance Command Execution

Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
  • New VA Modules: NSE: 4, MSF: 2 New VA Module Alert Service (May 20)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]