Nmap Development mailing list archives
New VA Modules: NSE: 1, OpenVAS: 9, MSF: 2, Nessus: 13
From: New VA Module Alert Service <postmaster () insecure org>
Date: Tue, 10 Jul 2012 10:01:06 -0700 (PDT)
This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == Nmap Scripting Engine scripts (1) == r29178 ms-sql-dac http://nmap.org/nsedoc/scripts/ms-sql-dac.html https://svn.nmap.org/nmap/scripts/ms-sql-dac.nse Queries the Microsoft SQL Browser service for the DAC (Dedicated Admin Connection) port of a given, or all SQL Server instances. The DAC port is used to connect to the database instance when normal connection attempts fail, for example, when server is hanging, out of memory or in other bad states. In addition, the DAC port provides an admin with access to system objects otherwise not accessible over normal connections. == OpenVAS plugins (9) == r13710 gb_hp_smh_mult_vuln_july12.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_hp_smh_mult_vuln_july12.nasl?root=openvas&view=markup HP System Management Homepage Multiple Vulnerabilities - July 2012 r13710 gb_ms_sharepoint_sever_n_foundation_detect.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_ms_sharepoint_sever_n_foundation_detect.nasl?root=openvas&view=markup Microsoft SharePoint Server and Foundation Detection r13710 841076 gb_ubuntu_USN_1500_1.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1500_1.nasl?root=openvas&view=markup Ubuntu Update for pidgin USN-1500-1 r13710 841075 gb_ubuntu_USN_1499_1.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1499_1.nasl?root=openvas&view=markup Ubuntu Update for linux-ti-omap4 USN-1499-1 r13710 831693 gb_mandriva_MDVSA_2012_102.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_mandriva_MDVSA_2012_102.nasl?root=openvas&view=markup Mandriva Update for krb5 MDVSA-2012:102 (krb5) r13710 gb_mediawiki_uselang_param_xss_vuln.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_mediawiki_uselang_param_xss_vuln.nasl?root=openvas&view=markup MediaWiki 'uselang' Parameter Cross Site Scripting Vulnerability r13710 gb_symantec_pcanywhere_awhost32_code_exec_vuln.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_symantec_pcanywhere_awhost32_code_exec_vuln.nasl?root=openvas&view=markup Symantec pcAnywhere 'awhost32' Remote Code Execution Vulnerability r13710 gb_symantec_pcanywhere_access_server_detect.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_symantec_pcanywhere_access_server_detect.nasl?root=openvas&view=markup Symantec pcAnywhere Access Server Remote Detection r13711 gb_tiki_54298.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_tiki_54298.nasl?root=openvas&view=markup Tiki Wiki CMS Groupware 'unserialize()' Multiple PHP Code Execution Vulnerabilities == Metasploit modules (2) == r15608 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/browser/java_verifier_field_access.rb Java Applet Field Bytecode Verifier Cache Remote Code Execution r15609 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/unix/webapp/hastymail_exec.rb Hastymail 2.1.1 RC1 Command Injection == Nessus plugins (13) == 59903 ubuntu_USN-1500-1.nasl http://nessus.org/plugins/index.php?view=single&id=59903 USN-1500-1 : pidgin vulnerabilities 59902 gentoo_GLSA-201207-10.nasl http://nessus.org/plugins/index.php?view=single&id=59902 GLSA-201207-10 : CUPS: Multiple vulnerabilities 59901 gentoo_GLSA-201207-09.nasl http://nessus.org/plugins/index.php?view=single&id=59901 GLSA-201207-09 : mod_fcgid: Multiple vulnerabilities 59900 gentoo_GLSA-201207-08.nasl http://nessus.org/plugins/index.php?view=single&id=59900 GLSA-201207-08 : Gnash: Multiple vulnerabilities 59899 gentoo_GLSA-201207-07.nasl http://nessus.org/plugins/index.php?view=single&id=59899 GLSA-201207-07 : Keepalived: Denial of Service 59898 gentoo_GLSA-201207-06.nasl http://nessus.org/plugins/index.php?view=single&id=59898 GLSA-201207-06 : JRuby: Denial of Service 59897 gentoo_GLSA-201207-05.nasl http://nessus.org/plugins/index.php?view=single&id=59897 GLSA-201207-05 : pidgin-otr: Arbitrary code execution 59896 gentoo_GLSA-201207-04.nasl http://nessus.org/plugins/index.php?view=single&id=59896 GLSA-201207-04 : X.Org X Server: Privilege escalation 59895 gentoo_GLSA-201207-03.nasl http://nessus.org/plugins/index.php?view=single&id=59895 GLSA-201207-03 : ChaSen: User-assisted execution of arbitrary code 59894 gentoo_GLSA-201207-02.nasl http://nessus.org/plugins/index.php?view=single&id=59894 GLSA-201207-02 : libxml2: User-assisted execution of arbitrary code 59893 gentoo_GLSA-201207-01.nasl http://nessus.org/plugins/index.php?view=single&id=59893 GLSA-201207-01 : sudo: Privilege escalation 59891 ubuntu_USN-1499-1.nasl http://nessus.org/plugins/index.php?view=single&id=59891 USN-1499-1 : linux-ti-omap4 vulnerability 59890 debian_DSA-2509.nasl http://nessus.org/plugins/index.php?view=single&id=59890 Debian DSA-2509-1 : pidgin - remote code execution _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: NSE: 1, OpenVAS: 9, MSF: 2, Nessus: 13 New VA Module Alert Service (Jul 10)