Nmap Development mailing list archives
New VA Modules: NSE: 1, MSF: 2, Nessus: 37, OpenVAS: 18
From: New VA Module Alert Service <postmaster () insecure org>
Date: Thu, 12 Jun 2014 10:01:17 +0000 (UTC)
This report describes any new scripts/modules/exploits added to Nmap, Metasploit, Nessus, and OpenVAS since yesterday. == Nmap Scripting Engine scripts (1) == r32988 ssl-ccs-injection http://nmap.org/nsedoc/scripts/ssl-ccs-injection.html https://svn.nmap.org/nmap/scripts/ssl-ccs-injection.nse Author: Claudiu Perta <claudiu.perta () gmail com> Detects whether a server is vulnerable to the SSL/TLS "CCS Injection" vulnerability (CVE-2014-0160), first discovered by Masashi Kikuchi. The script is based on the ccsinjection.c code authored by Ramon de C Valle (https://gist.github.com/rcvalle/71f4b027d61a78c42607) == Metasploit modules (2) == c032b8ce https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/python/shell_reverse_tcp.rb Command Shell, Reverse TCP (via python) 9b55f514 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/ssl/openssl_ccs.rb OpenSSL CCS Injection Scanner == Nessus plugins (37) == 74470 vmware_esxi_5_5_build_1881737_remote.nasl http://nessus.org/plugins/index.php?view=single&id=74470 ESXi 5.5 < Build 1881737 OpenSSL Library Multiple Vulnerabilities (remote check) 74469 httpd_extended_support.nasl http://nessus.org/plugins/index.php?view=single&id=74469 Web Server on Extended Support 74468 aix_openssl_advisory8.nasl http://nessus.org/plugins/index.php?view=single&id=74468 AIX OpenSSL Advisory : openssl_advisory8.doc 74467 oracle_siebel_server_apr_2014_cpu.nasl http://nessus.org/plugins/index.php?view=single&id=74467 Oracle Siebel UI Framework CVE-2014-2468 Remote Security Vulnerability (April 2014 CPU) 74465 vmware_VMSA-2014-0006.nasl http://nessus.org/plugins/index.php?view=single&id=74465 VMSA-2014-0006 : VMware product updates address OpenSSL security vulnerabilities 74464 ubuntu_USN-2242-1.nasl http://nessus.org/plugins/index.php?view=single&id=74464 Ubuntu 10.04 LTS / 12.04 LTS / 13.10 / 14.04 : dpkg vulnerabilities (USN-2242-1) 74463 suse_11_xorg-x11-devel-140515.nasl http://nessus.org/plugins/index.php?view=single&id=74463 SuSE 11.3 Security Update : xorg-x11-libs (SAT Patch Number 9272) 74462 suse_11_kernel-140604.nasl http://nessus.org/plugins/index.php?view=single&id=74462 SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 9328 / 9329 / 9330) 74461 redhat-RHSA-2014-0743.nasl http://nessus.org/plugins/index.php?view=single&id=74461 RHEL 6 : qemu-kvm (RHSA-2014:0743) 74460 redhat-RHSA-2014-0742.nasl http://nessus.org/plugins/index.php?view=single&id=74460 RHEL 5 / 6 : thunderbird (RHSA-2014:0742) 74459 redhat-RHSA-2014-0741.nasl http://nessus.org/plugins/index.php?view=single&id=74459 RHEL 5 / 6 : firefox (RHSA-2014:0741) 74458 redhat-RHSA-2014-0740.nasl http://nessus.org/plugins/index.php?view=single&id=74458 RHEL 5 : kernel (RHSA-2014:0740) 74457 oraclelinux_ELSA-2014-0743.nasl http://nessus.org/plugins/index.php?view=single&id=74457 Oracle Linux 6 : qemu-kvm (ELSA-2014-0743) 74456 oraclelinux_ELSA-2014-0742.nasl http://nessus.org/plugins/index.php?view=single&id=74456 Oracle Linux 6 : thunderbird (ELSA-2014-0742) 74455 oraclelinux_ELSA-2014-0741.nasl http://nessus.org/plugins/index.php?view=single&id=74455 Oracle Linux 6 : firefox (ELSA-2014-0741) 74454 mandriva_MDVSA-2014-121.nasl http://nessus.org/plugins/index.php?view=single&id=74454 Mandriva Linux Security Advisory : libgadu (MDVSA-2014:121) 74453 mandriva_MDVSA-2014-120.nasl http://nessus.org/plugins/index.php?view=single&id=74453 Mandriva Linux Security Advisory : miniupnpc (MDVSA-2014:120) 74452 mandriva_MDVSA-2014-119.nasl http://nessus.org/plugins/index.php?view=single&id=74452 Mandriva Linux Security Advisory : mediawiki (MDVSA-2014:119) 74451 mandriva_MDVSA-2014-118.nasl http://nessus.org/plugins/index.php?view=single&id=74451 Mandriva Linux Security Advisory : emacs (MDVSA-2014:118) 74450 mandriva_MDVSA-2014-117.nasl http://nessus.org/plugins/index.php?view=single&id=74450 Mandriva Linux Security Advisory : libcap-ng (MDVSA-2014:117) 74449 mandriva_MDVSA-2014-116.nasl http://nessus.org/plugins/index.php?view=single&id=74449 Mandriva Linux Security Advisory : file (MDVSA-2014:116) 74448 mandriva_MDVSA-2014-115.nasl http://nessus.org/plugins/index.php?view=single&id=74448 Mandriva Linux Security Advisory : php (MDVSA-2014:115) 74447 mandriva_MDVSA-2014-114.nasl http://nessus.org/plugins/index.php?view=single&id=74447 Mandriva Linux Security Advisory : squid (MDVSA-2014:114) 74446 mandriva_MDVSA-2014-113.nasl http://nessus.org/plugins/index.php?view=single&id=74446 Mandriva Linux Security Advisory : python-django (MDVSA-2014:113) 74445 gentoo_GLSA-201406-08.nasl http://nessus.org/plugins/index.php?view=single&id=74445 GLSA-201406-08 : Adobe Flash Player: Multiple vulnerabilities 74444 freebsd_pkg_888a0262f0d911e3ba0cb4b52fce4ce8.nasl http://nessus.org/plugins/index.php?view=single&id=74444 FreeBSD : mozilla -- multiple vulnerabilities (888a0262-f0d9-11e3-ba0c-b4b52fce4ce8) 74443 cisco-sn-CSCun69561-asa.nasl http://nessus.org/plugins/index.php?view=single&id=74443 Cisco ASA RADIUS radius_rcv_auth DoS (CSCun69561) 74441 mozilla_thunderbird_24_6.nasl http://nessus.org/plugins/index.php?view=single&id=74441 Mozilla Thunderbird < 24.6 Multiple Vulnerabilities 74440 mozilla_firefox_30.nasl http://nessus.org/plugins/index.php?view=single&id=74440 Firefox < 30.0 Multiple Vulnerabilities 74439 mozilla_firefox_24_6_esr.nasl http://nessus.org/plugins/index.php?view=single&id=74439 Firefox ESR 24.x < 24.6 Multiple Vulnerabilities 74438 macosx_thunderbird_24_6.nasl http://nessus.org/plugins/index.php?view=single&id=74438 Thunderbird < 24.6 Multiple Vulnerabilities (Mac OS X) 74437 macosx_firefox_30.nasl http://nessus.org/plugins/index.php?view=single&id=74437 Firefox < 30.0 Multiple Vulnerabilities (Mac OS X) 74436 macosx_firefox_24_6_esr.nasl http://nessus.org/plugins/index.php?view=single&id=74436 Firefox ESR 24.x < 24.6 Multiple Vulnerabilities (Mac OS X) 74435 macosx_google_chrome_35_0_1916_153.nasl http://nessus.org/plugins/index.php?view=single&id=74435 Google Chrome < 35.0.1916.153 Multiple Vulnerabilities (Mac OS X) 74434 google_chrome_35_0_1916_153.nasl http://nessus.org/plugins/index.php?view=single&id=74434 Google Chrome < 35.0.1916.153 Multiple Vulnerabilities oracle_siebel_server_installed.nbin windows_autoruns_malware.nbin == OpenVAS plugins (18) == r496 2014/gb_lync_ms14-036.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_lync_ms14-036.nasl?root=openvas-nvts&view=markup Microsoft Lync Remote Code Execution Vulnerabilities (2967487) r496 2014/gb_ms_live_meeting_ms14-036.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms_live_meeting_ms14-036.nasl?root=openvas-nvts&view=markup Microsoft Live Meeting Remote Code Execution Vulnerability (2967487) r496 2014/gb_ms14-030.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-030.nasl?root=openvas-nvts&view=markup Microsoft Remote Desktop Tampering Vulnerability (2969259) r496 2014/gb_ms14-031.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-031.nasl?root=openvas-nvts&view=markup Microsoft Windows TCP Protocol Denial of Service Vulnerability (2962478) r496 2014/gb_ms14-033.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-033.nasl?root=openvas-nvts&view=markup Microsoft Window XML Core Services Information Disclosure Vulnerability (2966061) r496 2014/gb_realplayer_mem_corrup_vuln_jun14_macosx.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_realplayer_mem_corrup_vuln_jun14_macosx.nasl?root=openvas-nvts&view=markup RealNetworks RealPlayer '.3gp' Memory Corruption Vulnerability Jun14 (Mac OS X) r496 2014/gb_lync_attendee_ms14-036.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_lync_attendee_ms14-036.nasl?root=openvas-nvts&view=markup Microsoft Lync Attendee Remote Code Execution Vulnerabilities (2967487) r496 2014/gb_ms_compat_pack_ms14-034.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms_compat_pack_ms14-034.nasl?root=openvas-nvts&view=markup Microsoft Office Compatibility Pack Remote Code Execution Vulnerability (2969261) r496 2014/gb_ms14-035.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-035.nasl?root=openvas-nvts&view=markup Microsoft Internet Explorer Multiple Vulnerabilities (2969262) r496 2014/gb_realplayer_mem_corrup_vuln_jun14_win.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_realplayer_mem_corrup_vuln_jun14_win.nasl?root=openvas-nvts&view=markup RealNetworks RealPlayer '.3gp' Memory Corruption Vulnerability Jun14 (Windows) r496 2014/gb_ms_graphics_component_ms14-036.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms_graphics_component_ms14-036.nasl?root=openvas-nvts&view=markup Microsoft Windows Graphics Component Multiple Vulnerabilities (2967487) r496 2014/gb_ms_winword_ms14-034.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms_winword_ms14-034.nasl?root=openvas-nvts&view=markup Microsoft Office Word Remote Code Execution Vulnerability (2969261) r496 2014/gb_ms14-032_lync_server.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-032_lync_server.nasl?root=openvas-nvts&view=markup Microsoft Lync Server Information Disclosure Vulnerability (2969258) r496 2014/gb_ms_office_ms14-036.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms_office_ms14-036.nasl?root=openvas-nvts&view=markup Microsoft Office Remote Code Execution Vulnerabilities (2967487) r496 2014/gb_xoops_glossaire_module_sql_inj_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_xoops_glossaire_module_sql_inj_vuln.nasl?root=openvas-nvts&view=markup XOOPS Glossaire Module 'glossaire-aff.php' SQL Injection Vulnerability r496 gb_ms_live_meeting_detect.nasl https://wald.intevation.org/scm/viewvco.php/scripts/gb_ms_live_meeting_detect.nasl?root=openvas-nvts&view=markup Microsoft Live Meeting Version Detection r498 702955 2014/deb_2955.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/deb_2955.nasl?root=openvas-nvts&view=markup Debian Security Advisory DSA 2955-1 (iceweasel - security update r498 702956 2014/deb_2956.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/deb_2956.nasl?root=openvas-nvts&view=markup Debian Security Advisory DSA 2956-1 (icinga - security update _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: NSE: 1, MSF: 2, Nessus: 37, OpenVAS: 18 New VA Module Alert Service (Jun 12)