Nmap Development mailing list archives
New VA Modules: NSE: 2, Nessus: 14
From: New VA Module Alert Service <postmaster () insecure org>
Date: Mon, 25 Jul 2011 10:00:23 -0700 (PDT)
This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == Nmap Scripting Engine scripts (2) == r25249 http-litespeed-sourcecode-download http://nmap.org/nsedoc/scripts/http-litespeed-sourcecode-download.html http-litespeed-sourcecode-download.nse exploits a null-byte poisoning vulnerability in Litespeed Web Servers 4.0.x before 4.0.15 to retrieve the target script's source code by sending a HTTP request with a null byte followed by a .txt file extension (CVE-2010-2333). r25251 http-axis2-dir-traversal http://nmap.org/nsedoc/scripts/http-axis2-dir-traversal.html http-axis2-dir-traversal exploits a directory traversal vulnerability in Apache Axis2 version 1.4.1 by sending a specially crafted request to the parameter <code>xsd</code> (OSVDB-59001). By default it will try to retrieve the configuration file of the Axis2 service <code>'/conf/axis2.xml'</code> using the path '/axis2/services/' to return the username and password of the admin account. == Nessus plugins (14) == 55667 redhat-RHSA-2011-1087.nasl http://nessus.org/plugins/index.php?view=single&id=55667 RHSA-2011-1087: java 55666 mandriva_MDVSA-2011-118.nasl http://nessus.org/plugins/index.php?view=single&id=55666 MDVSA-2011:118 : wireshark 55665 mandriva_MDVSA-2011-117.nasl http://nessus.org/plugins/index.php?view=single&id=55665 MDVSA-2011:117 : krb5-appl 55664 mandriva_MDVSA-2011-116.nasl http://nessus.org/plugins/index.php?view=single&id=55664 MDVSA-2011:116 : curl 55663 fedora_2011-9541.nasl http://nessus.org/plugins/index.php?view=single&id=55663 Fedora 15 2011-9541 55662 fedora_2011-9330.nasl http://nessus.org/plugins/index.php?view=single&id=55662 Fedora 15 2011-9330 55661 fedora_2011-9325.nasl http://nessus.org/plugins/index.php?view=single&id=55661 Fedora 15 2011-9325 55660 fedora_2011-9311.nasl http://nessus.org/plugins/index.php?view=single&id=55660 Fedora 15 2011-9311 55659 fedora_2011-9309.nasl http://nessus.org/plugins/index.php?view=single&id=55659 Fedora 14 2011-9309 55658 fedora_2011-9269.nasl http://nessus.org/plugins/index.php?view=single&id=55658 Fedora 14 2011-9269 55657 fedora_2011-9127.nasl http://nessus.org/plugins/index.php?view=single&id=55657 Fedora 14 2011-9127 55656 fedora_2011-9062.nasl http://nessus.org/plugins/index.php?view=single&id=55656 Fedora 14 2011-9062 55655 fedora_2011-8867.nasl http://nessus.org/plugins/index.php?view=single&id=55655 Fedora 14 2011-8867 55654 fedora_2011-8844.nasl http://nessus.org/plugins/index.php?view=single&id=55654 Fedora 15 2011-8844 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: NSE: 2, Nessus: 14 New VA Module Alert Service (Jul 25)