Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

New VA Modules: NSE: 4, MSF: 1

From: New VA Module Alert Service <postmaster () insecure org>
Date: Sun, 19 Feb 2012 11:24:01 -0800 (PST)
This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== Nmap Scripting Engine scripts (4) ==

r28092 dns-client-subnet-scan http://nmap.org/nsedoc/scripts/dns-client-subnet-scan.html
Performs a domain lookup using the edns-client-subnet [1] option that
adds support for adding subnet information to the query in regards to
where the query is originating from. The script uses this option to
supply a number of geographically distributed locations in an attempt to
enumerate as many different address records as possible. The script also
supports requests using a given subnet.

r28094 http-vuln-cve2010-2861 http://nmap.org/nsedoc/scripts/http-vuln-cve2010-2861.html
This script will execute a directory traversal attack against a
ColdFusion server and try to grab the password hash for the
administrator user. It will then use the salt value (hidden in the web
page) to create the SHA1 HMAC hash that the web server needs for
authentication as admin. You can pass this value to the ColdFusion
server as the admin without cracking the password hash.

r28096 ndmp-fs-info http://nmap.org/nsedoc/scripts/ndmp-fs-info.html
Lists remote file systems by querying the remote device using the
Network Data Management Protocol (ndmp). NDMP is a protocol intended to
transport data between a NAS device and the backup device, removing the
need for the data to pass through the backup server. The following
products are known to support the protocol:
* Amanda
* Bacula
* CA Arcserve
* CommVault Simpana
* EMC Networker
* Hitachi Data Systems
* IBM Tivoli
* Quest Software Netvault Backup
* Symantec Netbackup
* Symantec Backup Exec

r28096 ndmp-version http://nmap.org/nsedoc/scripts/ndmp-version.html
Retrieves version information from the remote Network Data Management
Protocol (ndmp) service. NDMP is a protocol intended to transport data
between a NAS device and the backup device, removing the need for the
data to pass through the backup server. The following products are known
to support the protocol:
* Amanda
* Bacula
* CA Arcserve
* CommVault Simpana
* EMC Networker
* Hitachi Data Systems
* IBM Tivoli
* Quest Software Netvault Backup
* Symantec Netbackup
* Symantec Backup Exec

== Metasploit modules (1) ==

r14755 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/http_traversal.rb
Generic HTTP Directory Traversal Utility
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: