New VA Modules: NSE: 1, OpenVAS: 12, MSF: 4, Nessus: 11

[New VA Module Alert Service <postmaster () insecure org>]

This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== Nmap Scripting Engine scripts (1) ==

r29135 http-phpself-xss http://nmap.org/nsedoc/scripts/http-phpself-xss.html
https://svn.nmap.org/nmap/scripts/http-phpself-xss.nse
Crawls a web server and attempts to find PHP files vulnerable to
reflected cross site scripting via the variable $_SERVER["PHP_SELF"].

== OpenVAS plugins (12) ==

r13694 864530 gb_fedora_2012_9546_vte_fc16.nasl
http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_fedora_2012_9546_vte_fc16.nasl?root=openvas&view=markup
Fedora Update for vte FEDORA-2012-9546

r13694 802880 gb_google_chrome_mult_vuln_jul12_win.nasl
http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_jul12_win.nasl?root=openvas&view=markup
Google Chrome Multiple Vulnerabilities - July 12 (Windows)

r13694 841074 gb_ubuntu_USN_1497_1.nasl
http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1497_1.nasl?root=openvas&view=markup
Ubuntu Update for nova USN-1497-1

r13694 864531 gb_fedora_2012_9029_boost_fc16.nasl
http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_fedora_2012_9029_boost_fc16.nasl?root=openvas&view=markup
Fedora Update for boost FEDORA-2012-9029

r13694 841073 gb_ubuntu_USN_1498_1.nasl
http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1498_1.nasl?root=openvas&view=markup
Ubuntu Update for tiff USN-1498-1

r13694 802881 gb_google_chrome_mult_vuln_jul12_lin.nasl
http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_jul12_lin.nasl?root=openvas&view=markup
Google Chrome Multiple Vulnerabilities - July 12 (Linux)

r13694 802906 gb_pidgin_msn_n_xmpp_dos_vuln_win.nasl
http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_pidgin_msn_n_xmpp_dos_vuln_win.nasl?root=openvas&view=markup
Pidgin MSN and XMPP Denial of Service Vulnerabilities (Windows)

r13694 831692 gb_mandriva_MDVSA_2012_101.nasl
http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2012_101.nasl?root=openvas&view=markup
Mandriva Update for libtiff MDVSA-2012:101 (libtiff)

r13694 802908 gb_wireshark_mult_dos_vuln_macosx_jul12.nasl
http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_wireshark_mult_dos_vuln_macosx_jul12.nasl?root=openvas&view=markup
Wireshark Multiple Denial of Service Vulnerabilities - July 12 (Mac OS
X)

r13694 802907 gb_wireshark_mult_dos_vuln_win_jul12.nasl
http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_wireshark_mult_dos_vuln_win_jul12.nasl?root=openvas&view=markup
Wireshark Multiple Denial of Service Vulnerabilities - July 12 (Windows)

r13694 870784 gb_RHSA-2012_1054-01_libtiff.nasl
http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_RHSA-2012_1054-01_libtiff.nasl?root=openvas&view=markup
RedHat Update for libtiff RHSA-2012:1054-01

r13694 802882 gb_google_chrome_mult_vuln_jul12_macosx.nasl
http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_jul12_macosx.nasl?root=openvas&view=markup
Google Chrome Multiple Vulnerabilities - July 12 (Mac OS X)

== Metasploit modules (4) ==

r15573 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/unix/webapp/tikiwiki_unserialize_exec.rb
Tiki Wiki <= 8.3 unserialize() PHP Code Execution

r15579 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/wangkongbao_traversal.rb
WANGKONGBAO CNS-1000 and 1100 UTM Directory Traversal

r15580 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/unix/webapp/basilic_diff_exec.rb
Basilic 1.5.14 diff.php Arbitrary Command Execution

r15582 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/http/umbraco_upload_aspx.rb
Umbraco CMS Remote Command Execution

== Nessus plugins (11) ==

59856 ubuntu_USN-1498-1.nasl
http://nessus.org/plugins/index.php?view=single&id=59856
USN-1498-1 : tiff vulnerabilities

59855 suse_gtk2-8174.nasl
http://nessus.org/plugins/index.php?view=single&id=59855
SuSE 10 Security Update : gtk2 (ZYPP Patch Number 8174)

59854 suse_gdk-pixbuf-8158.nasl
http://nessus.org/plugins/index.php?view=single&id=59854
SuSE 10 Security Update : gdk-pixbuf (ZYPP Patch Number 8158)

59853 freebsd_pkg_c28ee9cd916e4dcf8ed3e97e5846db6c.nasl
http://nessus.org/plugins/index.php?view=single&id=59853
FreeBSD : typo3 -- Cross-Site Scripting Vulnerability in TYPO3 Core
(c28ee9cd-916e-4dcf-8ed3-e97e5846db6c)

59852 domino_db_password_protected.nasl
http://nessus.org/plugins/index.php?view=single&id=59852
IBM Lotus Domino Password Protected DB Enumeration

59851 hpsmh_7_1_1_1.nasl
http://nessus.org/plugins/index.php?view=single&id=59851
HP System Management Homepage < 7.1 Multiple Vulnerabilities

59850 basilic_command_injection.nasl
http://nessus.org/plugins/index.php?view=single&id=59850
Basilic diff.php Command Injection

59849 irfanview_ecw_heap_overflow.nasl
http://nessus.org/plugins/index.php?view=single&id=59849
IrfanView Formats Plugin ECW Plugin File Handling Buffer Overflow
Vulnerability

59848 irfanview_flashpix_heap_overflow.nasl
http://nessus.org/plugins/index.php?view=single&id=59848
IrfanView FlashPix Plugin Heap Based Buffer Overflow

59847 irfanview_formats_stack_overflow.nasl
http://nessus.org/plugins/index.php?view=single&id=59847
IrfanView Formats Plugin TTF File Buffer Overflow Vulnerability

59846 irfanview_jpeg2000_stack_overflow.nasl
http://nessus.org/plugins/index.php?view=single&id=59846
IrfanView JPEG-2000 Plugin Remote Stack-based Buffer Overflow
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/