Nmap Development mailing list archives
New VA Modules: OpenVAS: 39, MSF: 2, Nessus: 23
From: New VA Module Alert Service <postmaster () insecure org>
Date: Fri, 23 Dec 2011 10:03:05 -0800 (PST)
This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == OpenVAS plugins (39) == r12366 103371 gb_Ubiquiti_AirOS_51178.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_Ubiquiti_AirOS_51178.nasl?root=openvas&view=markup Ubiquiti Networks AirOS Remote Command Execution Vulnerability r12366 103372 gb_Siemens_SIMATIC_51177.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_Siemens_SIMATIC_51177.nasl?root=openvas&view=markup Multiple Siemens SIMATIC Products Authentication Bypass Vulnerabilities r12367 870525 gb_RHSA-2011_1845-01_tomcat5.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_RHSA-2011_1845-01_tomcat5.nasl?root=openvas&view=markup RedHat Update for tomcat5 RHSA-2011:1845-01 r12367 902801 secpod_splunk_multiple_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_splunk_multiple_vuln.nasl?root=openvas&view=markup Splunk Multiple Vulnerabilities r12367 902802 secpod_phpmyadmin_setup_host_var_xss_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_phpmyadmin_setup_host_var_xss_vuln.nasl?root=openvas&view=markup phpMyAdmin Setup '$host' Variable Cross Site Scripting Vulnerability r12367 863665 gb_fedora_2011_16903_moodle_fc15.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_16903_moodle_fc15.nasl?root=openvas&view=markup Fedora Update for moodle FEDORA-2011-16903 r12367 831512 gb_mandriva_MDVA_2011_093_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2011_093_1.nasl?root=openvas&view=markup Mandriva Update for psmisc MDVA-2011:093-1 (psmisc) r12367 902651 secpod_tikiwiki_show_errors_stored_xss_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_tikiwiki_show_errors_stored_xss_vuln.nasl?root=openvas&view=markup TikiWiki 'show_errors' Parameter Stored Cross-Site Scripting Vulnerability r12367 902652 secpod_winamp_avi_and_it_file_bof_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_winamp_avi_and_it_file_bof_vuln.nasl?root=openvas&view=markup Winamp AVI And IT Files Parsing Buffer Overflow Vulnerabilities r12367 831511 gb_mandriva_MDVSA_2011_191.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_191.nasl?root=openvas&view=markup Mandriva Update for libarchive MDVSA-2011:191 (libarchive) r12367 863667 gb_fedora_2011_17049_cacti_fc15.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_17049_cacti_fc15.nasl?root=openvas&view=markup Fedora Update for cacti FEDORA-2011-17049 r12367 840851 gb_ubuntu_USN_1311_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1311_1.nasl?root=openvas&view=markup Ubuntu Update for linux USN-1311-1 r12367 840847 gb_ubuntu_USN_1313_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1313_1.nasl?root=openvas&view=markup Ubuntu Update for linux-lts-backport-oneiric USN-1313-1 r12367 840848 gb_ubuntu_USN_1315_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1315_1.nasl?root=openvas&view=markup Ubuntu Update for jasper USN-1315-1 r12367 863669 gb_fedora_2011_16859_perl-PAR-Packer_fc15.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_16859_perl-PAR-Packer_fc15.nasl?root=openvas&view=markup Fedora Update for perl-PAR-Packer FEDORA-2011-16859 r12367 840849 gb_ubuntu_USN_1254_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1254_1.nasl?root=openvas&view=markup Ubuntu Update for thunderbird USN-1254-1 r12367 902778 secpod_mozilla_prdts_mult_vuln_macosx_dec11.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_mozilla_prdts_mult_vuln_macosx_dec11.nasl?root=openvas&view=markup Mozilla Products Multiple Vulnerabilities - Dec 11 (MAC OS X) r12367 863670 gb_fedora_2011_17040_clearsilver_fc15.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_17040_clearsilver_fc15.nasl?root=openvas&view=markup Fedora Update for clearsilver FEDORA-2011-17040 r12367 881059 gb_CESA-2011_1845_tomcat5_centos5_i386.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_CESA-2011_1845_tomcat5_centos5_i386.nasl?root=openvas&view=markup CentOS Update for tomcat5 CESA-2011:1845 centos5 i386 r12367 863666 gb_fedora_2011_17119_icu_fc15.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_17119_icu_fc15.nasl?root=openvas&view=markup Fedora Update for icu FEDORA-2011-17119 r12367 902779 secpod_mozilla_prdts_domattr_modified_mem_crptn_vuln_macosx.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_mozilla_prdts_domattr_modified_mem_crptn_vuln_macosx.nasl?root=openvas&view=markup Mozilla Products DOMAttrModified Memory Corruption Vulnerability (MAC OS X) r12367 902772 secpod_extcalender_sql_inj_n_auth_bypass_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_extcalender_sql_inj_n_auth_bypass_vuln.nasl?root=openvas&view=markup ExtCalendar2 SQL Injection and Authentcation Bypass Vulnerabilities r12367 831514 gb_mandriva_MDVSA_2011_180.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_180.nasl?root=openvas&view=markup Mandriva Update for php-suhosin MDVSA-2011:180 (php-suhosin) r12367 831513 gb_mandriva_MDVSA_2011_190.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2011_190.nasl?root=openvas&view=markup Mandriva Update for libarchive MDVSA-2011:190 (libarchive) r12367 902774 secpod_mozilla_prdts_domattr_modified_mem_crptn_vuln_win.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_mozilla_prdts_domattr_modified_mem_crptn_vuln_win.nasl?root=openvas&view=markup Mozilla Products DOMAttrModified Memory Corruption Vulnerability (Windows) r12367 902648 secpod_homeseer_hs2_web_interface_mult_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_homeseer_hs2_web_interface_mult_vuln.nasl?root=openvas&view=markup HomeSeer HS2 Web Interface Multiple Vulnerabilities r12367 902777 secpod_mozilla_prdts_jar_remote_code_exec_vuln_macosx.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_mozilla_prdts_jar_remote_code_exec_vuln_macosx.nasl?root=openvas&view=markup Mozilla Products jar Files Remote Code Execution Vulnerability (MAC OS X) r12367 840846 gb_ubuntu_USN_1310_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1310_1.nasl?root=openvas&view=markup Ubuntu Update for libarchive USN-1310-1 r12367 902765 secpod_adobe_flex_sdk_swf_files_xss_vuln_win.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_adobe_flex_sdk_swf_files_xss_vuln_win.nasl?root=openvas&view=markup Adobe Flex SDK 'SWF' Files Cross-Site Scripting Vulnerability (Windows) r12367 840853 gb_ubuntu_USN_1312_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1312_1.nasl?root=openvas&view=markup Ubuntu Update for linux USN-1312-1 r12367 840852 gb_ubuntu_USN_1314_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1314_1.nasl?root=openvas&view=markup Ubuntu Update for python3.1 USN-1314-1 r12367 863668 gb_fedora_2011_16859_perl-PAR_fc15.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2011_16859_perl-PAR_fc15.nasl?root=openvas&view=markup Fedora Update for perl-PAR FEDORA-2011-16859 r12367 840850 gb_ubuntu_USN_1316_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1316_1.nasl?root=openvas&view=markup Ubuntu Update for t1lib USN-1316-1 r12367 902776 secpod_mozilla_prdts_dom_frame_dos_vuln_macosx.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_mozilla_prdts_dom_frame_dos_vuln_macosx.nasl?root=openvas&view=markup Mozilla Products DOM Frame Denial of Service Vulnerability (MAC OS X) r12367 902773 secpod_smartertools_smarterstats_mult_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_smartertools_smarterstats_mult_vuln.nasl?root=openvas&view=markup SmarterTools SmarterStats Multiple Vulnerabilities r12367 902650 secpod_pidgin_xmpp_and_silc_protocol_dos_vuln_win.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_pidgin_xmpp_and_silc_protocol_dos_vuln_win.nasl?root=openvas&view=markup Pidgin XMPP And SILC Protocols Denial of Service Vulnerabilities (Win) r12367 831510 gb_mandriva_MDVA_2011_094.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mandriva_MDVA_2011_094.nasl?root=openvas&view=markup Mandriva Update for python MDVA-2011:094 (python) r12367 902775 secpod_mozilla_prdts_mult_vuln_win_dec11.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_mozilla_prdts_mult_vuln_win_dec11.nasl?root=openvas&view=markup Mozilla Products Multiple Vulnerabilities - Dec 11 (Windows) r12368 902599 secpod_nagiosxi_mult_xss_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_nagiosxi_mult_xss_vuln.nasl?root=openvas&view=markup Nagios XI Multiple Cross Site Scripting Vulnerabilities == Metasploit modules (2) == r14442 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/splunk_mappy_exec.rb Splunk Search Remote Code Execution r14449 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/oracle/extjob.rb Oracle Job Scheduler Named Pipe Command Execution == Nessus plugins (23) == 57393 ubuntu_USN-1254-1.nasl http://nessus.org/plugins/index.php?view=single&id=57393 USN-1254-1 : thunderbird vulnerabilities 57392 solaris10_147707.nasl http://nessus.org/plugins/index.php?view=single&id=57392 Solaris 10 (sparc) : 147707-02 57391 redhat-RHSA-2011-1849.nasl http://nessus.org/plugins/index.php?view=single&id=57391 RHSA-2011-1849: kernel 57390 freebsd_pkg_8c83145d2c9511e189b4001ec9578670.nasl http://nessus.org/plugins/index.php?view=single&id=57390 FreeBSD : phpMyAdmin -- Multiple XSS (8c83145d-2c95-11e1-89b4-001ec9578670) 57389 fedora_2011-17400.nasl http://nessus.org/plugins/index.php?view=single&id=57389 Fedora 16 2011-17400 57388 fedora_2011-17119.nasl http://nessus.org/plugins/index.php?view=single&id=57388 Fedora 15 2011-17119 57387 fedora_2011-17111.nasl http://nessus.org/plugins/index.php?view=single&id=57387 Fedora 16 2011-17111 57386 fedora_2011-17101.nasl http://nessus.org/plugins/index.php?view=single&id=57386 Fedora 16 2011-17101 57385 fedora_2011-17049.nasl http://nessus.org/plugins/index.php?view=single&id=57385 Fedora 15 2011-17049 57384 fedora_2011-17042.nasl http://nessus.org/plugins/index.php?view=single&id=57384 Fedora 16 2011-17042 57383 fedora_2011-17040.nasl http://nessus.org/plugins/index.php?view=single&id=57383 Fedora 15 2011-17040 57382 fedora_2011-17015.nasl http://nessus.org/plugins/index.php?view=single&id=57382 Fedora 16 2011-17015 57381 centos_RHSA-2011-1821.nasl http://nessus.org/plugins/index.php?view=single&id=57381 CentOS : RHSA-2011-1821 57380 centos_RHSA-2011-1819.nasl http://nessus.org/plugins/index.php?view=single&id=57380 CentOS : RHSA-2011-1819 57379 centos_RHSA-2011-1814.nasl http://nessus.org/plugins/index.php?view=single&id=57379 CentOS : RHSA-2011-1814 57378 centos_RHSA-2011-1807.nasl http://nessus.org/plugins/index.php?view=single&id=57378 CentOS : RHSA-2011-1807 57377 centos_RHSA-2011-1801.nasl http://nessus.org/plugins/index.php?view=single&id=57377 CentOS : RHSA-2011-1801 57376 centos_RHSA-2011-1791.nasl http://nessus.org/plugins/index.php?view=single&id=57376 CentOS : RHSA-2011-1791 57375 centos_RHSA-2011-1790.nasl http://nessus.org/plugins/index.php?view=single&id=57375 CentOS : RHSA-2011-1790 57374 centos_RHSA-2011-1780.nasl http://nessus.org/plugins/index.php?view=single&id=57374 CentOS : RHSA-2011-1780 57373 centos_RHSA-2011-1777.nasl http://nessus.org/plugins/index.php?view=single&id=57373 CentOS : RHSA-2011-1777 57372 phpmyadmin_pmasa_2011_20.nasl http://nessus.org/plugins/index.php?view=single&id=57372 phpMyAdmin 3.4.x < 3.4.9 Cross-Site Scripting (PMASA-2011-19 and PMASA-2011-20) 57371 manageengine_servicedesk_8_0_0_build15.nasl http://nessus.org/plugins/index.php?view=single&id=57371 ManageEngine ServiceDesk Plus 8.0.0 < Build 8015 Multiple Cross-Site Scripting Vulnerabilities _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: OpenVAS: 39, MSF: 2, Nessus: 23 New VA Module Alert Service (Dec 23)