Nmap Development mailing list archives
New VA Modules: MSF: 1, Nessus: 58
From: New VA Module Alert Service <postmaster () insecure org>
Date: Sat, 19 Nov 2011 10:00:24 -0800 (PST)
This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == Metasploit modules (1) == r14283 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/misc/wireshark_lua.rb Wireshark console.lua pre-loading vulnerability == Nessus plugins (58) == 56875 macosx_flash_player_11_1_102_55.nasl http://nessus.org/plugins/index.php?view=single&id=56875 Flash Player for Mac <= 10.3.183.10 / 11.0.1.152 Multiple Vulnerabilities (APSB11-28) 56874 flash_player_apsb11-28.nasl http://nessus.org/plugins/index.php?view=single&id=56874 Flash Player <= 10.3.183.10 / 11.0.1.152 Multiple Vulnerabilities (APSB11-28) 56873 itunes_10_5_1_banner.nasl http://nessus.org/plugins/index.php?view=single&id=56873 iTunes < 10.5.1 Update Authenticity Verification Weakness (uncredentialed check) 56872 itunes_10_5_1.nasl http://nessus.org/plugins/index.php?view=single&id=56872 iTunes < 10.5.1 Update Authenticity Verification Weakness (credentialed check) 56871 macosx_itunes_10_5_1.nasl http://nessus.org/plugins/index.php?view=single&id=56871 iTunes < 10.5.1 Update Authenticity Verification Weakness (Mac OS X) 56870 ubuntu_USN-1267-1.nasl http://nessus.org/plugins/index.php?view=single&id=56870 USN-1267-1 : freetype vulnerabilities 56869 ubuntu_USN-1266-1.nasl http://nessus.org/plugins/index.php?view=single&id=56869 USN-1266-1 : openldap vulnerability 56868 ubuntu_USN-1265-1.nasl http://nessus.org/plugins/index.php?view=single&id=56868 USN-1265-1 : system-config-printer vulnerability 56867 redhat-RHSA-2011-1459.nasl http://nessus.org/plugins/index.php?view=single&id=56867 RHSA-2011-1459: bind97 56866 redhat-RHSA-2011-1458.nasl http://nessus.org/plugins/index.php?view=single&id=56866 RHSA-2011-1458: bind 56865 fedora_2011-15856.nasl http://nessus.org/plugins/index.php?view=single&id=56865 Fedora 15 2011-15856 56864 fedora_2011-15256.nasl http://nessus.org/plugins/index.php?view=single&id=56864 Fedora 14 2011-15256 56863 fedora_2011-15233.nasl http://nessus.org/plugins/index.php?view=single&id=56863 Fedora 15 2011-15233 56862 bind9_981_p1.nasl http://nessus.org/plugins/index.php?view=single&id=56862 ISC BIND 9 Query.c Logging Resolver Denial of Service 56861 ubuntu_USN-1264-1.nasl http://nessus.org/plugins/index.php?view=single&id=56861 USN-1264-1 : bind9 vulnerability 56860 ubuntu_USN-1263-1.nasl http://nessus.org/plugins/index.php?view=single&id=56860 USN-1263-1 : icedtea-web, openjdk-6, openjdk-6b18 vulnerabilities 56859 redhat-RHSA-2011-1455.nasl http://nessus.org/plugins/index.php?view=single&id=56859 RHSA-2011-1455: freetype 56858 mandriva_MDVSA-2011-176.nasl http://nessus.org/plugins/index.php?view=single&id=56858 MDVSA-2011:176-1 : bind 56857 freebsd_pkg_90cc149410ac11e1b3ec0024e830109b.nasl http://nessus.org/plugins/index.php?view=single&id=56857 FreeBSD : BIND -- Remote DOS (90cc1494-10ac-11e1-b3ec-0024e830109b) 56856 debian_DSA-2347.nasl http://nessus.org/plugins/index.php?view=single&id=56856 [DSA2347] DSA-2347-1 bind9 56818 pci_dss_potential_xsrf.nasl http://nessus.org/plugins/index.php?view=single&id=56818 CGI Generic Cross-Site Request Forgery Detection (potential) 17728 tomcat_6_0_13.nasl http://nessus.org/plugins/index.php?view=single&id=17728 Apache Tomcat < 6.0.13 Multiple Vulnerabilities 17727 tomcat_5_5_23.nasl http://nessus.org/plugins/index.php?view=single&id=17727 Apache Tomcat 5.0.x <= 5.0.30 / 5.5.x < 5.5.23 Content-Length HTTP Request Smuggling 17726 tomcat_4_1_36.nasl http://nessus.org/plugins/index.php?view=single&id=17726 Apache Tomcat 4.x < 4.1.36 Multiple Vulnerabilities 17725 sun_java_web_console_uri_redirect.nasl http://nessus.org/plugins/index.php?view=single&id=17725 Sun Java Web Console BeginLogin.jsp redirect_url Parameter URI Redirection 17724 sendmail_8_13_8.nasl http://nessus.org/plugins/index.php?view=single&id=17724 Sendmail < 8.13.8 Header Processing Overflow DoS 17723 samba_smbmnt.nasl http://nessus.org/plugins/index.php?view=single&id=17723 Samba smbmnt Local Privilege Escalation 17722 samba_mksmbpasswd.nasl http://nessus.org/plugins/index.php?view=single&id=17722 Samba < 3.0.2 mksmbpasswd.sh Uninitialized Passwords 17721 samba_3_0_6.nasl http://nessus.org/plugins/index.php?view=single&id=17721 Samba < 3.0.6 Unspecified Remote Memory Leak Information Disclosure 17720 samba_3_0_5.nasl http://nessus.org/plugins/index.php?view=single&id=17720 Samba SWAT 3.0.2 - 3.0.4 HTTP Basic Auth base64 Buffer Overflow 17719 samba_3_0_26.nasl http://nessus.org/plugins/index.php?view=single&id=17719 Samba idmap_ad.so Winbind nss_info Extension Local Privilege Escalation 17718 proftpd_1_3_1_rc1.nasl http://nessus.org/plugins/index.php?view=single&id=17718 ProFTPD < 1.3.1rc1 mod_ctrls Module pr_ctrls_recv_request Function Local Overflow 17717 php_symlink_function_race_condition.nasl http://nessus.org/plugins/index.php?view=single&id=17717 PHP Symlink Function Race Condition open_basedir Bypass 17716 php_sendmail_argument_injection.nasl http://nessus.org/plugins/index.php?view=single&id=17716 PHP mb_send_mail() Function Parameter Security Bypass 17715 php_ip2long_sql_injection.nasl http://nessus.org/plugins/index.php?view=single&id=17715 PHP ip2long Function String Validation Weakness 17714 php_ffi_security_bypass.nasl http://nessus.org/plugins/index.php?view=single&id=17714 PHP Foreign Function Interface Arbitrary DLL Loading safe_mode Restriction Bypass 17713 php_5_1_5.nasl http://nessus.org/plugins/index.php?view=single&id=17713 PHP 5.1.x < 5.1.5 Multiple Vulnerabilities 17712 php_5_1_2.nasl http://nessus.org/plugins/index.php?view=single&id=17712 PHP 5.1.x < 5.1.2 Multiple Vulnerabilities 17711 php_5_1_0.nasl http://nessus.org/plugins/index.php?view=single&id=17711 PHP 5.x < 5.1.0 Multiple Vulnerabilities 17710 php_4_4_4.nasl http://nessus.org/plugins/index.php?view=single&id=17710 PHP < 4.4.4 Security Bypass Vulnerability 17709 php_4_4_2.nasl http://nessus.org/plugins/index.php?view=single&id=17709 PHP < 4.4.2 Multiple Cross-Site Scripting Vulnerabilities 17708 oracle9iAS_http_request_smuggling.nasl http://nessus.org/plugins/index.php?view=single&id=17708 Oracle 9i Application Server HTTP Request Smuggling 17707 openssl_0_9_5a.nasl http://nessus.org/plugins/index.php?view=single&id=17707 OpenSSL < 0.9.5a /dev/random Check Failure 17706 openssh_rhel_43.nasl http://nessus.org/plugins/index.php?view=single&id=17706 Red Hat Enterprise Linux OpenSSH ChrootDirectory Local Privilege Escalation 17705 openssh_opie.nasl http://nessus.org/plugins/index.php?view=single&id=17705 OPIE w/ OpenSSH Account Enumeration 17704 openssh_challenge_response.nasl http://nessus.org/plugins/index.php?view=single&id=17704 OpenSSH S/KEY Authentication Account Enumeration 17703 openssh_59.nasl http://nessus.org/plugins/index.php?view=single&id=17703 OpenSSH < 5.9 Multiple DoS 17702 openssh_361p2.nasl http://nessus.org/plugins/index.php?view=single&id=17702 OpenSSH < 3.6.1p2 Multiple Vulnerabilities 17701 openssh_34p1.nasl http://nessus.org/plugins/index.php?view=single&id=17701 OpenSSH < 3.4p1 scp Traversal Arbitrary File Overwrite 17700 openssh_210.nasl http://nessus.org/plugins/index.php?view=single&id=17700 OpenSSH < 2.1.0 /dev/random Check Failure 17699 openssh_122.nasl http://nessus.org/plugins/index.php?view=single&id=17699 OpenSSH < 1.2.2 sshd Local TCP Redirection Connection Masking Weakness 17698 mysql_user_defined_functions_restrictions.nasl http://nessus.org/plugins/index.php?view=single&id=17698 MySQL User-Defined Functions Multiple Vulnerabilities 17697 mysql_5_0_21.nasl http://nessus.org/plugins/index.php?view=single&id=17697 MySQL < 4.0.27 / 4.1.19 / 5.0.21 Information Disclosure 17696 apache_utf7_xss.nasl http://nessus.org/plugins/index.php?view=single&id=17696 Apache HTTP Server 403 Error Page UTF-7 Encoded XSS 17695 apache_smb_document_root.nasl http://nessus.org/plugins/index.php?view=single&id=17695 Apache Mixed Platform AddType Directive Information Disclosure 17694 apache_scriptalias_in_htdocs_dir_traversal2.nasl http://nessus.org/plugins/index.php?view=single&id=17694 Apache on Windows mod_alias URL Validation Canonicalization CGI Source Disclosure 17693 apache_mod_suexec.nasl http://nessus.org/plugins/index.php?view=single&id=17693 Apache mod_suexec Multiple Privilege Escalation Vulnerabilities 17692 apache_mod_negotiation_xss.nasl http://nessus.org/plugins/index.php?view=single&id=17692 Apache mod_negotiation Multi-Line Filename Upload Vulnerabilities _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: MSF: 1, Nessus: 58 New VA Module Alert Service (Nov 19)