New VA Modules: NSE: 7, OpenVAS: 20, MSF: 1, Nessus: 7

[New VA Module Alert Service <postmaster () insecure org>]

This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== Nmap Scripting Engine scripts (7) ==

r27025 hadoop-secondary-namenode-info http://nmap.org/nsedoc/scripts/hadoop-secondary-namenode-info.html
Gets information from an Apache Hadoop secondary NameNode HTTP status
page.

r27025 hbase-region-info http://nmap.org/nsedoc/scripts/hbase-region-info.html
Gets information from an Apache HBase region server HTTP status page.

r27025 hadoop-tasktracker-info http://nmap.org/nsedoc/scripts/hadoop-tasktracker-info.html
Gets information from an Apache Hadoop TaskTracker HTTP status page.

r27025 hadoop-datanode-info http://nmap.org/nsedoc/scripts/hadoop-datanode-info.html
Gets information from an Apache Hadoop DataNode HTTP status page.

r27025 hbase-master-info http://nmap.org/nsedoc/scripts/hbase-master-info.html
Gets information from an Apache HBase master HTTP status page.

r27025 hadoop-jobtracker-info http://nmap.org/nsedoc/scripts/hadoop-jobtracker-info.html
Gets information from an Apache Hadoop JobTracker HTTP status page.

r27025 hadoop-namenode-info http://nmap.org/nsedoc/scripts/hadoop-namenode-info.html
Gets information from an Apache Hadoop NameNode HTTP status page.

== OpenVAS plugins (20) ==

r12040 103336 gb_xampp_50564.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_xampp_50564.nasl?root=openvas&view=markup
XAMPP 'PHP_SELF' Variable Multiple Cross Site Scripting Vulnerabilities

r12040 103337 gb_admin_bot_50562.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_admin_bot_50562.nasl?root=openvas&view=markup
Admin Bot 'news.php' SQL Injection Vulnerability

r12042 831486 gb_mandriva_MDVA_2011_068.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2011_068.nasl?root=openvas&view=markup
Mandriva Update for php-apc MDVA-2011:068 (php-apc)

r12042 831484 gb_mandriva_MDVSA_2011_165.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_165.nasl?root=openvas&view=markup
Mandriva Update for php MDVSA-2011:165 (php)

r12042 831485 gb_mandriva_MDVSA_2011_166.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_166.nasl?root=openvas&view=markup
Mandriva Update for php MDVSA-2011:166 (php)

r12042 831487 gb_mandriva_MDVSA_2011_167.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_167.nasl?root=openvas&view=markup
Mandriva Update for gimp MDVSA-2011:167 (gimp)

r12042 863606 gb_fedora_2011_15241_kernel_fc14.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_15241_kernel_fc14.nasl?root=openvas&view=markup
Fedora Update for kernel FEDORA-2011-15241

r12042 863607 gb_fedora_2011_15117_tor_fc15.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_15117_tor_fc15.nasl?root=openvas&view=markup
Fedora Update for tor FEDORA-2011-15117

r12045 802502 gb_wireshark_bof_n_dos_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_wireshark_bof_n_dos_vuln_win.nasl?root=openvas&view=markup
Wireshark Heap Based BOF and Denial of Service Vulnerabilities (Windows)

r12045 802503 gb_wireshark_csn1_dissector_dos_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_wireshark_csn1_dissector_dos_vuln_win.nasl?root=openvas&view=markup
Wireshark CSN.1 Dissector Denial of Service Vulnerability (Windows)

r12045 801999 gb_ibm_was_admin_console_xss_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ibm_was_admin_console_xss_vuln.nasl?root=openvas&view=markup
IBM WebSphere Application Server Admin Console Cross-site Scripting
Vulnerability

r12045 802269 gb_hp_data_protector_media_operations_bof_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_hp_data_protector_media_operations_bof_vuln.nasl?root=openvas&view=markup
HP Data Protector Media Operations Heap Buffer Overflow Vulnerability

r12045 801996 gb_ibm_http_server_mult_xss_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ibm_http_server_mult_xss_vuln.nasl?root=openvas&view=markup
IBM HTTP Server Multiple Cross Site Scripting Vulnerabilities

r12045 801998 gb_ibm_was_jsf_info_disclosure_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ibm_was_jsf_info_disclosure_vuln.nasl?root=openvas&view=markup
IBM WebSphere Application Server JSF Application Information Disclosure
Vulnerability

r12045 802266 gb_njstar_communicator_minismtp_server_bof_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_njstar_communicator_minismtp_server_bof_vuln.nasl?root=openvas&view=markup
NJStar Communicator MiniSMTP Server Remote Stack Buffer Overflow
Vulnerability

r12045 802267 gb_joomla_techfolio_comp_catid_param_sql_inj_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_techfolio_comp_catid_param_sql_inj_vuln.nasl?root=openvas&view=markup
Joomla! Techfolio Component 'catid' Parameter SQL Injection
Vulnerability

r12045 802268 gb_joomla_barter_sites_category_id_param_sql_inj_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_barter_sites_category_id_param_sql_inj_vuln.nasl?root=openvas&view=markup
Joomla! Barter Sites 'com_listing' Component 'category_id' Parameter SQL
Injection Vulnerability

r12045 802400 gb_ibm_was_jndi_imp_info_disclosure_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ibm_was_jndi_imp_info_disclosure_vuln.nasl?root=openvas&view=markup
IBM WebSphere Application Server JNDI information disclosure
Vulnerability

r12045 802199 gb_cubecart_mult_xss_n_sql_inj_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_cubecart_mult_xss_n_sql_inj_vuln.nasl?root=openvas&view=markup
CubeCart Multiple Cross-Site Scripting and SQL Injection Vulnerabilities

r12045 802505 gb_ffftp_untrusted_search_path_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ffftp_untrusted_search_path_vuln.nasl?root=openvas&view=markup
FFFTP Untrusted Search Path Vulnerability (Windows)

== Metasploit modules (1) ==

r14185 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/squiz_matrix_user_enum.rb
Squiz Matrix User Enumeration Scanner

== Nessus plugins (7) ==

56733 fedora_2011-15119.nasl
http://nessus.org/plugins/index.php?view=single&id=56733
Fedora 15 2011-15119

56732 fedora_2011-15076.nasl
http://nessus.org/plugins/index.php?view=single&id=56732
Fedora 14 2011-15076

56731 fedora_2011-15033.nasl
http://nessus.org/plugins/index.php?view=single&id=56731
Fedora 16 2011-15033

56730 debian_DSA-2340.nasl
http://nessus.org/plugins/index.php?view=single&id=56730
[DSA2340] DSA-2340-1 postgresql-8.3, postgresql-8.4, postgresql-9.0

56729 debian_DSA-2339.nasl
http://nessus.org/plugins/index.php?view=single&id=56729
[DSA2339] DSA-2339-1 nss

56728 debian_DSA-2338.nasl
http://nessus.org/plugins/index.php?view=single&id=56728
[DSA2338] DSA-2338-1 moodle

56727 debian_DSA-2336.nasl
http://nessus.org/plugins/index.php?view=single&id=56727
[DSA2336] DSA-2336-1 ffmpeg
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/