Nmap Development mailing list archives
New VA Modules: NSE: 1, OpenVAS: 21, Nessus: 17
From: New VA Module Alert Service <postmaster () insecure org>
Date: Wed, 23 Feb 2011 10:01:45 -0800 (PST)
This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == Nmap Scripting Engine scripts (1) == r22350 quake3-master-getservers http://nmap.org/nsedoc/scripts/quake3-master-getservers.html Queries Quake 3 styled master servers for game servers. == OpenVAS plugins (21) == r10417 801751 gb_gatesoft_docusafe_sql_inj_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_gatesoft_docusafe_sql_inj_vuln.nasl?root=openvas&view=markup GateSoft Docusafe 'ECO.asp' SQL Injection Vulnerability r10417 801597 gb_ms_office_excel_art_object_code_exec_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ms_office_excel_art_object_code_exec_vuln.nasl?root=openvas&view=markup Microsoft Office Excel 2003 Invalid Object Type Remote Code Execution Vulnerability r10417 902341 secpod_vlc_media_player_bof_vuln_feb11_win.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_vlc_media_player_bof_vuln_feb11_win.nasl?root=openvas&view=markup VLC Media Player USF and Text Subtitles Decoders BOF Vulnerabilities (Windows) r10417 902338 secpod_awcm_mult_dir_trav_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_awcm_mult_dir_trav_vuln.nasl?root=openvas&view=markup AR Web Content Manager Multiple Directory Traversal Vulnerabilities r10417 801851 gb_phpmyadmin_db_xss_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_phpmyadmin_db_xss_vuln.nasl?root=openvas&view=markup phpMyAdmin 'db' Parameter Stored Cross Site Scripting Vulnerability r10417 801595 gb_ms_office_excel_mult_code_exec_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ms_office_excel_mult_code_exec_vuln.nasl?root=openvas&view=markup Microsoft Office Excel Axis and Art Object Parsing Remote Code Execution Vulnerabilities r10417 900272 secpod_actfax_lpd_lpr_dos_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_actfax_lpd_lpr_dos_vuln.nasl?root=openvas&view=markup ActFax LPD/LPR Server Denial of Service Vulnerability r10417 801729 gb_php_script_directory_sql_inj_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_php_script_directory_sql_inj_vuln.nasl?root=openvas&view=markup PHP Script Directory Software 'sbcat_id' Parameter SQL Injection Vulnerability r10417 801596 gb_ms_office_excel_drawing_layer_code_exec_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ms_office_excel_drawing_layer_code_exec_vuln.nasl?root=openvas&view=markup Microsoft Excel 2007 Office Drawing Layer Remote Code Execution Vulnerability r10417 902292 secpod_ibm_was_sec_bypass_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_ibm_was_sec_bypass_vuln.nasl?root=openvas&view=markup IBM WebSphere Application Server (WAS) Security Bypass Vulnerability r10417 902291 secpod_novell_edirectory_dos_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_novell_edirectory_dos_vuln.nasl?root=openvas&view=markup Novell eDirectory NCP Request Remote Denial of Service Vulnerability r10417 902339 secpod_vlc_media_player_code_exec_vuln_lin.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_vlc_media_player_code_exec_vuln_lin.nasl?root=openvas&view=markup VLC Media Player '.mkv' Code Execution Vulnerability (Linux) r10417 902343 secpod_pivotx_data_manipulation_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_pivotx_data_manipulation_vuln.nasl?root=openvas&view=markup PivotX 'Reset my password' Feature Data Manipulation Vulnerability r10417 900271 secpod_actfax_ftp_retr_cmd_dos_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_actfax_ftp_retr_cmd_dos_vuln.nasl?root=openvas&view=markup ActFax FTP Server Post Auth 'RETR' Command Denial of Service Vulnerability r10417 902342 secpod_vlc_media_player_bof_vuln_feb11_lin.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_vlc_media_player_bof_vuln_feb11_lin.nasl?root=openvas&view=markup VLC Media Player USF and Text Subtitles Decoders BOF Vulnerabilities (Linux) r10417 901185 secpod_ruby_rails_mult_xss_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_ruby_rails_mult_xss_vuln.nasl?root=openvas&view=markup Ruby on Rails Multiple Cross Site Scripting Vulnerabilities r10417 902340 secpod_vlc_media_player_code_exec_vuln_win.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_vlc_media_player_code_exec_vuln_win.nasl?root=openvas&view=markup VLC Media Player '.mkv' Code Execution Vulnerability (Windows) r10417 801594 gb_ms_power_point_code_exec_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ms_power_point_code_exec_vuln.nasl?root=openvas&view=markup Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability r10418 103089 gb_burning_board_46501.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_burning_board_46501.nasl?root=openvas&view=markup Woltlab Burning Board 'hilfsmittel.php' SQL Injection Vulnerability r10418 103088 gb_coursems_46495.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_coursems_46495.nasl?root=openvas&view=markup Course MS Cross Site Scripting, SQL Injection and Local File Include Vulnerabilities r10418 103090 gb_bind_46491.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_bind_46491.nasl?root=openvas&view=markup ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability == Nessus plugins (17) == 52070 ubuntu_USN-1069-1.nasl http://nessus.org/plugins/index.php?view=single&id=52070 USN1069-1 : mailman vulnerabilities 52069 ubuntu_USN-1068-1.nasl http://nessus.org/plugins/index.php?view=single&id=52069 USN1068-1 : aptdaemon vulnerability 52068 suse_java-1_6_0-sun-7342.nasl http://nessus.org/plugins/index.php?view=single&id=52068 SuSE Security Update: Security update for IBM Java 1.6 (java-1_6_0-sun-7342) 52067 suse_11_java-1_6_0-sun-110217.nasl http://nessus.org/plugins/index.php?view=single&id=52067 SuSE Security Update: java-1_6_0-sun (2011-02-17) 52065 redhat-RHSA-2011-0292.nasl http://nessus.org/plugins/index.php?view=single&id=52065 RHSA-2011-0292: java 52064 redhat-RHSA-2011-0291.nasl http://nessus.org/plugins/index.php?view=single&id=52064 RHSA-2011-0291: java 52063 redhat-RHSA-2011-0290.nasl http://nessus.org/plugins/index.php?view=single&id=52063 RHSA-2011-0290: java 52062 redhat-RHSA-2011-0283.nasl http://nessus.org/plugins/index.php?view=single&id=52062 RHSA-2011-0283: kernel 52061 mandriva_MDVSA-2011-035.nasl http://nessus.org/plugins/index.php?view=single&id=52061 MDVSA-2011:035: tomboy 52059 mandriva_MDVA-2011-007.nasl http://nessus.org/plugins/index.php?view=single&id=52059 MDVA-2011:007: clamav 52058 freebsd_pkg_65d163423ec811e09df7001c42d23634.nasl http://nessus.org/plugins/index.php?view=single&id=52058 FreeBSD : asterisk -- Exploitable Stack and Heap Array Overflows (5393) 52056 debian_DSA-2172.nasl http://nessus.org/plugins/index.php?view=single&id=52056 [DSA2172] DSA-2172-1 moodle 52054 mysql_eventum_forgot_password_xss.nasl http://nessus.org/plugins/index.php?view=single&id=52054 MySQL Eventum forgot_password.php XSS 52053 mysql_eventum_detect.nasl http://nessus.org/plugins/index.php?view=single&id=52053 MySQL Eventum Detection 52052 symantec_im_mgr_8_4_17.nasl http://nessus.org/plugins/index.php?view=single&id=52052 Symantec IM Manager IMAdminSchedTask.asp Eval Code Injection Remote Code Execution (SYM11-004) 52050 mod_auth_mysql_bypass.nasl http://nessus.org/plugins/index.php?view=single&id=52050 Mod_auth_mysql Multibyte Encoding SQL Injection moxa_mdmtool_2_3.nbin _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: NSE: 1, OpenVAS: 21, Nessus: 17 New VA Module Alert Service (Feb 23)