Nmap Development mailing list archives
New VA Modules: MSF: 1, Nessus: 47, OpenVAS: 13
From: New VA Module Alert Service <postmaster () insecure org>
Date: Sat, 22 Nov 2014 10:00:57 +0000 (UTC)
This report describes any new scripts/modules/exploits added to Nmap, Metasploit, Nessus, and OpenVAS since yesterday. == Metasploit modules (1) == e4064279 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/fileformat/ms14_060_sandworm.rb MS14-060 Microsoft Windows OLE Package Manager Code Execution == Nessus plugins (47) == 79388 clamav_0_98_5.nasl http://nessus.org/plugins/index.php?view=single&id=79388 ClamAV < 0.98.5 Multiple DoS 79387 livezilla_5_3_0_8.nasl http://nessus.org/plugins/index.php?view=single&id=79387 LiveZilla < 5.3.0.8 XSS 79386 drupal_7_34.nasl http://nessus.org/plugins/index.php?view=single&id=79386 Drupal 6.x / 7.x < 6.34 / 7.34 Multiple Vulnerabilities 79385 wordpress_google_calendar_events_xss.nasl http://nessus.org/plugins/index.php?view=single&id=79385 Google Calendar Events Plugin for WordPress 'admin-ajax.php' XSS 79384 ibm_rational_swg21682120.nasl http://nessus.org/plugins/index.php?view=single&id=79384 IBM Rational Software Architect Design Manager / Engineering Lifecycle Manager / Rhapsody Design Manager < 4.0.7 XSRF 79383 ubuntu_USN-2413-1.nasl http://nessus.org/plugins/index.php?view=single&id=79383 Ubuntu 14.04 : apparmor vulnerability (USN-2413-1) 79382 ubuntu_USN-2412-1.nasl http://nessus.org/plugins/index.php?view=single&id=79382 Ubuntu 12.04 LTS / 14.04 / 14.10 : ruby1.8, ruby1.9.1, ruby2.0, ruby2.1 vulnerability (USN-2412-1) 79381 sl_20141120_libxml2_on_SL5_x.nasl http://nessus.org/plugins/index.php?view=single&id=79381 Scientific Linux Security Update : libxml2 on SL5.x i386/x86_64 79380 redhat-RHSA-2014-1885.nasl http://nessus.org/plugins/index.php?view=single&id=79380 RHEL 5 : libxml2 (RHSA-2014:1885) 79379 redhat-RHSA-2014-1882.nasl http://nessus.org/plugins/index.php?view=single&id=79379 RHEL 6 : java-1.7.0-ibm (RHSA-2014:1882) 79378 redhat-RHSA-2014-1881.nasl http://nessus.org/plugins/index.php?view=single&id=79378 RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2014:1881) 79377 redhat-RHSA-2014-1880.nasl http://nessus.org/plugins/index.php?view=single&id=79377 RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2014:1880) 79376 oraclelinux_ELSA-2014-3094.nasl http://nessus.org/plugins/index.php?view=single&id=79376 Oracle Linux 5 : bash (ELSA-2014-3094) 79375 oraclelinux_ELSA-2014-3093.nasl http://nessus.org/plugins/index.php?view=single&id=79375 Oracle Linux 6 : bash (ELSA-2014-3093) 79374 oraclelinux_ELSA-2014-3092.nasl http://nessus.org/plugins/index.php?view=single&id=79374 Oracle Linux 7 : bash (ELSA-2014-3092) 79373 oraclelinux_ELSA-2014-1885.nasl http://nessus.org/plugins/index.php?view=single&id=79373 Oracle Linux 5 : libxml2 (ELSA-2014-1885) 79372 oraclelinux_ELSA-2014-1873.nasl http://nessus.org/plugins/index.php?view=single&id=79372 Oracle Linux 6 : libvirt (ELSA-2014-1873) 79371 oraclelinux_ELSA-2014-1870.nasl http://nessus.org/plugins/index.php?view=single&id=79371 Oracle Linux 6 / 7 : libXfont (ELSA-2014-1870) 79370 oraclelinux_ELSA-2014-1861.nasl http://nessus.org/plugins/index.php?view=single&id=79370 Oracle Linux 7 : mariadb (ELSA-2014-1861) 79369 oraclelinux_ELSA-2014-1859.nasl http://nessus.org/plugins/index.php?view=single&id=79369 Oracle Linux 5 : mysql55-mysql (ELSA-2014-1859) 79368 openSUSE-2014-692.nasl http://nessus.org/plugins/index.php?view=single&id=79368 openSUSE Security Update : emacs (openSUSE-SU-2014:1460-1) 79367 mandriva_MDVSA-2014-217.nasl http://nessus.org/plugins/index.php?view=single&id=79367 Mandriva Linux Security Advisory : clamav (MDVSA-2014:217) 79366 mandriva_MDVSA-2014-216.nasl http://nessus.org/plugins/index.php?view=single&id=79366 Mandriva Linux Security Advisory : php-ZendFramework (MDVSA-2014:216) 79365 freebsd_pkg_890b6b2270fa11e491ae5453ed2e2b49.nasl http://nessus.org/plugins/index.php?view=single&id=79365 FreeBSD : kwebkitpart, kde-runtime -- insufficient input validation (890b6b22-70fa-11e4-91ae-5453ed2e2b49) 79364 freebsd_pkg_5a35bc56702711e4a4a3001999f8d30b.nasl http://nessus.org/plugins/index.php?view=single&id=79364 FreeBSD : yii -- Remote arbitrary PHP code execution (5a35bc56-7027-11e4-a4a3-001999f8d30b) 79363 fedora_2014-15200.nasl http://nessus.org/plugins/index.php?view=single&id=79363 Fedora 20 : kernel-3.17.3-200.fc20 (2014-15200) 79362 debian_DSA-3075.nasl http://nessus.org/plugins/index.php?view=single&id=79362 Debian DSA-3075-1 : drupal7 - security update 79361 centos_RHSA-2014-1885.nasl http://nessus.org/plugins/index.php?view=single&id=79361 CentOS 5 : libxml2 (CESA-2014:1885) 79360 appletv_7_0_2.nasl http://nessus.org/plugins/index.php?view=single&id=79360 Apple TV < 7.0.2 Multiple Vulnerabilities 79359 cisco-sn-CSCuq65542-asa.nasl http://nessus.org/plugins/index.php?view=single&id=79359 Cisco ASA SSL VPN Information Disclosure (CSCuq65542) 79354 ubuntu_USN-2410-1.nasl http://nessus.org/plugins/index.php?view=single&id=79354 Ubuntu 14.04 / 14.10 : oxide-qt vulnerabilities (USN-2410-1) 79353 suse_11_firefox31-201411-141115.nasl http://nessus.org/plugins/index.php?view=single&id=79353 SuSE 11.3 Security Update : MozillaFirefox (SAT Patch Number 9972) 79352 redhat-RHSA-2014-1877.nasl http://nessus.org/plugins/index.php?view=single&id=79352 RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:1877) 79351 redhat-RHSA-2014-1876.nasl http://nessus.org/plugins/index.php?view=single&id=79351 RHEL 5 : java-1.7.0-ibm (RHSA-2014:1876) 79350 openSUSE-2014-691.nasl http://nessus.org/plugins/index.php?view=single&id=79350 openSUSE Security Update : dbus-1 (openSUSE-SU-2014:1454-1) 79349 openSUSE-2014-690.nasl http://nessus.org/plugins/index.php?view=single&id=79349 openSUSE Security Update : dbus-1 (openSUSE-SU-2014:1455-1) 79348 openSUSE-2014-689.nasl http://nessus.org/plugins/index.php?view=single&id=79348 openSUSE Security Update : polarssl (openSUSE-SU-2014:1457-1) 79347 mandriva_MDVSA-2014-215.nasl http://nessus.org/plugins/index.php?view=single&id=79347 Mandriva Linux Security Advisory : gnutls (MDVSA-2014:215) 79346 fedora_2014-5897.nasl http://nessus.org/plugins/index.php?view=single&id=79346 Fedora 20 : nrpe-2.15-2.fc20 (2014-5897) 79345 fedora_2014-14699.nasl http://nessus.org/plugins/index.php?view=single&id=79345 Fedora 19 : drupal7-ckeditor-1.16-2.fc19 (2014-14699) 79344 fedora_2014-14674.nasl http://nessus.org/plugins/index.php?view=single&id=79344 Fedora 20 : drupal7-ckeditor-1.16-2.fc20 (2014-14674) 79343 fedora_2014-10468.nasl http://nessus.org/plugins/index.php?view=single&id=79343 Fedora 20 : icecream-1.0.1-8.20140822git.fc20 (2014-10468) 79342 fedora_2014-10451.nasl http://nessus.org/plugins/index.php?view=single&id=79342 Fedora 20 : geary-0.6.3-1.fc20 (2014-10451) 79341 fedora_2014-10366.nasl http://nessus.org/plugins/index.php?view=single&id=79341 Fedora 19 : icecream-1.0.1-8.20140822git.fc19 (2014-10366) 79340 f5_bigip_SOL15852.nasl http://nessus.org/plugins/index.php?view=single&id=79340 F5 Networks BIG-IP : Linux kernel vulnerability (SOL15852) 79339 debian_DSA-3074.nasl http://nessus.org/plugins/index.php?view=single&id=79339 Debian DSA-3074-1 : php5 - security update 79338 centos_RHSA-2014-1873.nasl http://nessus.org/plugins/index.php?view=single&id=79338 CentOS 6 : libvirt (CESA-2014:1873) == OpenVAS plugins (13) == r819 2014/sw_dropbear_ssh_8439.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/sw_dropbear_ssh_8439.nasl?root=openvas-nvts&view=markup Dropbear SSH Server Username Remote Format String Buffer Overflow r819 2014/gb_wordpress_71204.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_wordpress_71204.nasl?root=openvas-nvts&view=markup WordPress CM Download Manager Plugin Remote PHP Code Execution Vulnerability r820 2014/gb_libreoffice_impress_remote_rce_vuln_win.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_libreoffice_impress_remote_rce_vuln_win.nasl?root=openvas-nvts&view=markup LibreOffice Impress Remote Socket Manager RCE Vulnerability Nov14 (Windows) r820 2014/gb_ruby_encodes_denial_of_service_vuln_win.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ruby_encodes_denial_of_service_vuln_win.nasl?root=openvas-nvts&view=markup Ruby 'encodes' function Denial-of-Service Vulnerability (Windows) r820 2014/gb_ruby_str_buf_cat_dos_vuln_win.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ruby_str_buf_cat_dos_vuln_win.nasl?root=openvas-nvts&view=markup Ruby 'str_buf_cat' function Denial-of-Service Vulnerability (Windows) r820 2014/gb_windows_services_stop.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_windows_services_stop.nasl?root=openvas-nvts&view=markup Windows Services Stop r820 2014/gb_allplayer_bof_vuln_nov14_win.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_allplayer_bof_vuln_nov14_win.nasl?root=openvas-nvts&view=markup ALLPlayer Buffer Overflow Vulnerability - Nov14 (Windows) r820 gb_allplayer_detect_win.nasl https://wald.intevation.org/scm/viewvco.php/scripts/gb_allplayer_detect_win.nasl?root=openvas-nvts&view=markup ALLPlayer Version Detection (Windows) r820 2014/gb_zte_zxdsl_admin_pass_remote_disc_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_zte_zxdsl_admin_pass_remote_disc_vuln.nasl?root=openvas-nvts&view=markup ZTE ZXDSL Modem /adminpasswd.cgi Admin Password Remote Disclosure Vulnerability r820 gb_libreoffice_detect_macosx.nasl https://wald.intevation.org/scm/viewvco.php/scripts/gb_libreoffice_detect_macosx.nasl?root=openvas-nvts&view=markup LibreOffice Version Detection (Mac OS X) r820 2014/gb_windows_services_start.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_windows_services_start.nasl?root=openvas-nvts&view=markup Windows Services Start r820 2014/gb_piwigo_rate_param_sql_inj_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_piwigo_rate_param_sql_inj_vuln.nasl?root=openvas-nvts&view=markup Piwigo 'rate' Parameter SQL Injection Vulnerability r820 2014/gb_libreoffice_impress_remote_rce_vuln_macosx.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_libreoffice_impress_remote_rce_vuln_macosx.nasl?root=openvas-nvts&view=markup LibreOffice Impress Remote Socket Manager RCE Vulnerability Nov14 (Mac OS X) _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: MSF: 1, Nessus: 47, OpenVAS: 13 New VA Module Alert Service (Nov 22)