Nmap Development mailing list archives
New VA Modules: NSE: 1, OpenVAS: 14, MSF: 2
From: New VA Module Alert Service <postmaster () insecure org>
Date: Tue, 5 Jul 2011 10:01:12 -0700 (PDT)
This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == Nmap Scripting Engine scripts (1) == r24635 ftp-vsftpd-backdoor http://nmap.org/nsedoc/scripts/ftp-vsftpd-backdoor.html Tests for the presence of the vsFTPd 2.3.4 backdoor reported on 2011-07-04. This script attempts to exploit the backdoor using the innocuous id command by default, but that can be changed with the ftp-vsftpd-backdoor.cmd script argument. == OpenVAS plugins (14) == r11273 902537 secpod_cybozu_products_mail_system_xss_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_cybozu_products_mail_system_xss_vuln.nasl?root=openvas&view=markup Cybozu Products Mail System Images Cross-Site Scripting Vulnerability r11273 902533 secpod_cybozu_products_detect.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_cybozu_products_detect.nasl?root=openvas&view=markup Cybozu Products Version Detection r11273 902536 secpod_cybozu_office_xss_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_cybozu_office_xss_vuln.nasl?root=openvas&view=markup Cybozu Office Address Book and User List Cross-Site Scripting Vulnerabilities r11273 902379 secpod_adobe_prdts_mem_crptn_vuln_win_jun11.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_adobe_prdts_mem_crptn_vuln_win_jun11.nasl?root=openvas&view=markup Adobe Reader/Acrobat Memory Corruption Vulnerability (Windows) r11273 902607 secpod_arsc_mult_xss_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_arsc_mult_xss_vuln.nasl?root=openvas&view=markup A Really Simple Chat Multiple XSS Vulnerabilities r11273 902389 secpod_joomla_morfeoshow_sql_inj_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_joomla_morfeoshow_sql_inj_vuln.nasl?root=openvas&view=markup Joomla Component 'com_morfeoshow' SQL Injection Vulnerability r11273 902608 secpod_arsc_mult_sql_injection_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_arsc_mult_sql_injection_vuln.nasl?root=openvas&view=markup A Really Simple Chat Multiple SQL Injection Vulnerabilities r11273 802107 gb_opera_mult_vuln_win_jul11.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_opera_mult_vuln_win_jul11.nasl?root=openvas&view=markup Opera Browser Multiple Vulnerabilities Jul-11 (Windows) r11273 902535 secpod_cybozu_products_xss_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_cybozu_products_xss_vuln.nasl?root=openvas&view=markup Cybozu Products Images Cross-Site Scripting Vulnerability r11273 802111 gb_opera_mult_vuln_win01_jul11.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_opera_mult_vuln_win01_jul11.nasl?root=openvas&view=markup Opera Browser Multiple Vulnerabilities Jul-11 (Windows) r11273 802112 gb_opera_mult_vuln_win02_jul11.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_opera_mult_vuln_win02_jul11.nasl?root=openvas&view=markup Opera Browser Multiple Vulnerabilities Jul-11 (Windows) r11273 802113 gb_opera_src_iframe_dos_vuln_win.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_opera_src_iframe_dos_vuln_win.nasl?root=openvas&view=markup Opera Browser 'SRC' Denial of Service Vulnerability (Windows) r11273 902534 secpod_cybozu_garoon_xss_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_cybozu_garoon_xss_vuln.nasl?root=openvas&view=markup Cybozu Garoon Cross Site Scripting Vulnerability r11274 103185 gb_vsftpd_backdoor_07_2011.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_vsftpd_backdoor_07_2011.nasl?root=openvas&view=markup vsftpd Compromised Source Packages Backdoor Vulnerability == Metasploit modules (2) == r13092 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/misc/hp_omniinet_4.rb HP OmniInet.exe Opcode 20 Buffer Overflow r13093 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/unix/ftp/vsftpd_234_backdoor.rb VSFTPD v2.3.4 Backdoor Command Execution _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: NSE: 1, OpenVAS: 14, MSF: 2 New VA Module Alert Service (Jul 05)