Home page logo
/

nmap-dev logo Nmap Development mailing list archives

New VA Modules: MSF: 6, OpenVAS: 49
From: New VA Module Alert Service <postmaster () insecure org>
Date: Sun, 12 Jan 2014 10:03:12 +0000 (UTC)

This report describes any new scripts/modules/exploits added to Nmap,
Metasploit, Nessus, and OpenVAS since yesterday.

== Metasploit modules (6) ==

821aa47d 
https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/firefox/shell_bind_tcp.rb
Command Shell, Bind TCP (via Firefox XPCOM script)

821aa47d 
https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/firefox/shell_reverse_tcp.rb
Command Shell, Reverse TCP (via Firefox XPCOM script)

a5ebdce2 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/firefox/exec.rb
Firefox XPCOM execute command

b9c46cde https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/firefox/gather/xss.rb
Firefox XSS

a0879b39 
https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/linux/mipsbe/shell_bind_tcp.rb
Linux Command Shell, Bind TCP Inline

130a99f5 
https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/multi/gather/check_malware.rb
Multi Gather Malware Verifier

== OpenVAS plugins (49) ==

r186 gb_typo3_detect.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/gb_typo3_detect.nasl?root=openvas-nvts&view=markup
TYPO3 Detection

r186 2014/gb_typo3_extbase_hmac_unserialization_weakness.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_extbase_hmac_unserialization_weakness.nasl?root=openvas-nvts&view=markup
TYPO3 Extbase HMAC Unserialization Weakness

r186 2014/gb_typo3_mult_vuln_aug_12.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_aug_12.nasl?root=openvas-nvts&view=markup
TYPO3 Multiple Vulnerabilities Aug12

r186 2014/gb_typo3_flowplayer_xss_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_flowplayer_xss_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Flowplayer Cross Site Scripting Vulnerability

r186 2014/gb_typo3_mult_vuln_mar_12.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_mar_12.nasl?root=openvas-nvts&view=markup
TYPO3 Multiple Vulnerabilities Mar12

r186 2014/gb_typo3_debugscript_info_disclosure_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_debugscript_info_disclosure_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Debug Script Information Disclosure Vulnerability

r186 2014/gb_typo3_backend_username_disclosure_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_backend_username_disclosure_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Backend Username Disclosure Vulnerability

r186 2014/gb_typo3_file_backend_xss_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_file_backend_xss_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 File Backend Cross Site Scripting Vulnerability

r186 2014/gb_typo3_backend_editor_info_disclosure.vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_backend_editor_info_disclosure.vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Backend Editor Information Disclosure Vulnerability

r186 2014/gb_typo3_indexed_search_sql_inj_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_indexed_search_sql_inj_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 indexed_search SQL Injection Vulnerability

r186 2014/gb_typo3_dafault_admin_cred_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_dafault_admin_cred_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Default Admin Credentials

r186 2014/gb_typo3_mult_vuln_oct_10.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_oct_10.nasl?root=openvas-nvts&view=markup
TYPO3 Multiple Vulnerabilities Oct10

r186 2014/gb_typo3_frontend_open_redirection_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_frontend_open_redirection_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Frontend Open Redirection Vulnerability

r186 2014/gb_typo3_exception_handler_xss_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_exception_handler_xss_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Exception Handler Cross Site Scripting Vulnerability

r186 2014/gb_typo3_jumpurl_file_disclosure_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_jumpurl_file_disclosure_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 jumpUrl File Disclosure Vulnerability

r186 2014/gb_typo3_exdirect_access_cntrl_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_exdirect_access_cntrl_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 ExtDirect Missing Access Control Vulnerability

r186 2014/gb_typo3_feuser_adminlib_auth_bypass_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_feuser_adminlib_auth_bypass_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 feuser_adminLib Authorization Bypass Vulnerability

r186 2014/gb_typo3_mult_direct_req_path_disclosure_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_direct_req_path_disclosure_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Multiple Direct Request Path Disclosure Vulnerability

r186 2014/gb_typo3_mult_vuln_jul_10.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_jul_10.nasl?root=openvas-nvts&view=markup
TYPO3 Multiple Vulnerabilities Jul13

r186 2014/gb_typo3_backend_open_redirection_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_backend_open_redirection_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Backend Open Redirection Vulnerability

r186 2014/gb_typo3_mult_vuln_dec_13.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_dec_13.nasl?root=openvas-nvts&view=markup
TYPO3 Multiple Vulnerabilities Dec13

r186 2014/gb_typo3_fal_mult_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_fal_mult_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 File Abstraction Layer Multiple Vulnerabilities

r186 2014/gb_typo3_mult_indexed_search_xss_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_indexed_search_xss_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Indexed Search Cross Site Scripting Vulnerability

r186 2014/gb_typo3_mult_vuln_nov_12.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_nov_12.nasl?root=openvas-nvts&view=markup
TYPO3 Multiple Vulnerabilities Nov12

r186 2014/gb_typo3_unspecified_sql_inj_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_unspecified_sql_inj_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Unspecified SQL Injection Vulnerability

r186 2014/gb_typo3_chash_parsing_dos_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_chash_parsing_dos_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 CHash Parsing Denial of Service Vulnerability

r186 2014/gb_typo3_felogin_xss_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_felogin_xss_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 felogin Cross Site Scripting Vulnerability

r186 2014/gb_typo3_file_upload_xss_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_file_upload_xss_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 File Upload Cross Site Scripting Vulnerabilities

r186 2014/gb_typo3_openid_auth_bypass_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_openid_auth_bypass_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 OpenID Authentication Bypass Vulnerability

r186 2014/gb_typo3_mult_vuln_jan_09.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_jan_09.nasl?root=openvas-nvts&view=markup
TYPO3 Multiple Vulnerabilities Jan09

r186 2014/gb_typo3_backend_unspecified_csrf_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_backend_unspecified_csrf_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Backend Unspecified CSRF Vulnerability

r186 2014/gb_typo3_mult_vuln_mar_13.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_mar_13.nasl?root=openvas-nvts&view=markup
TYPO3 Multiple Vulnerabilities Mar13

r186 2014/gb_typo3_autoloader_cmd_exec_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_autoloader_cmd_exec_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Autoloader Command Execution Vulnerability

r186 2014/gb_typo3_ext_manager_xss_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_ext_manager_xss_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Extension Manager Cross Site Scripting Vulnerability

r186 2014/gb_typo3_mail_header_inj_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mail_header_inj_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Mail Header Injection Vulnerability

r186 2014/gb_typo3_mult_vuln_dec_10.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_dec_10.nasl?root=openvas-nvts&view=markup
TYPO3 Multiple Vulnerabilities Dec10

r186 2014/gb_typo3_mult_vuln_feb_10.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_feb_10.nasl?root=openvas-nvts&view=markup
TYPO3 Multiple Vulnerabilities Feb10

r186 2014/gb_typo3_felogin_sys_ext_xss_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_felogin_sys_ext_xss_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Felogin System Extension Cross Site Scripting Vulnerability

r186 2014/gb_typo3_mult_vuln_oct_09.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_oct_09.nasl?root=openvas-nvts&view=markup
TYPO3 Multiple Vulnerabilities Oct09

r186 2014/gb_typo3_swfupload_moviename_xss_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_swfupload_moviename_xss_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 SWFUpload movieName Cross Site Scripting Vulnerability

r186 2014/gb_typo3_mailforms_arbitrary_mail_relay.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mailforms_arbitrary_mail_relay.nasl?root=openvas-nvts&view=markup
TYPO3 mailforms Unspecified Arbitrary Mail Relay Vulnerability

r186 2014/gb_typo3_bck_user_admin_xss_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_bck_user_admin_xss_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 Backend User Administration Cross Site Scripting Vulnerability

r186 2014/gb_typo3_useruid_cmd_exe_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_useruid_cmd_exe_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 userUid Command Execution Vulnerability

r186 2014/gb_typo3_file_abstraction_code_exec_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_file_abstraction_code_exec_vuln.nasl?root=openvas-nvts&view=markup
TYPO3 File Abstraction Code Execution Vulnerability

r187 803791 2014/gb_blogengine_net_info_disc_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_blogengine_net_info_disc_vuln.nasl?root=openvas-nvts&view=markup
BlogEngine.NET 'sioc.axd' Information Disclosure Vulnerability

r187 2014/gb_joomla_lang_parm_xss_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_joomla_lang_parm_xss_vuln.nasl?root=openvas-nvts&view=markup
Joomla! 'lang' Parameter Reflected Cross Site Scripting Vulnerability

r187 2014/gb_wordpress_dewplayer_dir_trav_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_wordpress_dewplayer_dir_trav_vuln.nasl?root=openvas-nvts&view=markup
WordPress Advanced Dewplayer 'dew_file' Directory Traversal
Vulnerability

r187 2014/gb_wordpress_wp_members_mult_xss_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_wordpress_wp_members_mult_xss_vuln.nasl?root=openvas-nvts&view=markup
WordPress WP-Members Multiple Cross Site Scripting Vulnerabilities

r187 2014/gb_phpmyrecipes_mult_vuln.nasl
https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_phpmyrecipes_mult_vuln.nasl?root=openvas-nvts&view=markup
phpMyRecipes Multiple Vulnerabilities
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
  • New VA Modules: MSF: 6, OpenVAS: 49 New VA Module Alert Service (Jan 12)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]