Nmap Development mailing list archives
New VA Modules: NSE: 1, OpenVAS: 4, MSF: 1, Nessus: 22
From: New VA Module Alert Service <postmaster () insecure org>
Date: Tue, 2 Nov 2010 10:00:38 -0700 (PDT)
This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == Nmap Scripting Engine scripts (1) == r20889 rmi-dumpregistry.nse http://nmap.org/nsedoc/scripts/rmi-dumpregistry.nse This script connects to ta remote RMI registry, and attempts to dump all objects from an RMI Registry. First it tries to determine the names of all objects bound in the registry, and then it tries to determine information about the objects, such as the the class names of the superclasses and interfaces. This may, depending on what the registry is used for, give valuable information about the service. E.g, if the app uses JMX (Java Management eXtensions, you should see an object called "jmxconnector" on it. == OpenVAS plugins (4) == r9333 100887 gb_yaws_44564.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_yaws_44564.nasl?root=openvas&view=markup Yaws URI Directory Traversal Vulnerability r9333 100885 gb_xampp_44579.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_xampp_44579.nasl?root=openvas&view=markup XAMPP Cross Site Scripting and Information Disclosure Vulnerabilities r9333 100886 gb_buffy_44577.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_buffy_44577.nasl?root=openvas&view=markup Buffy 'comb' Command Directory Traversal Vulnerability r9333 100888 gb_project_jug_44569.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_project_jug_44569.nasl?root=openvas&view=markup Project Jug Directory Traversal Vulnerability == Metasploit modules (1) == r10857 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/fileformat/adobe_flashplayer_button.rb Adobe Flash Player "Button" Remote Code Execution == Nessus plugins (22) == 50448 tomcat_3_2_2.nasl http://nessus.org/plugins/index.php?view=single&id=50448 Apache Tomcat 3.x < 3.2.2 Cross-Site Scripting 50447 redhat-RHSA-2010-0819.nasl http://nessus.org/plugins/index.php?view=single&id=50447 RHSA-2010-0819: pam 50446 redhat-RHSA-2010-0817.nasl http://nessus.org/plugins/index.php?view=single&id=50446 RHSA-2010-0817: redhat-release-3AS 50445 mandriva_MDVSA-2010-219.nasl http://nessus.org/plugins/index.php?view=single&id=50445 MDVSA-2010:219: mozilla-thunderbird 50444 fedora_2010-16941.nasl http://nessus.org/plugins/index.php?view=single&id=50444 Fedora 12 2010-16941 50443 fedora_2010-16939.nasl http://nessus.org/plugins/index.php?view=single&id=50443 Fedora 13 2010-16939 50442 fedora_2010-16926.nasl http://nessus.org/plugins/index.php?view=single&id=50442 Fedora 14 2010-16926 50441 fedora_2010-16629.nasl http://nessus.org/plugins/index.php?view=single&id=50441 Fedora 13 2010-16629 50440 fedora_2010-16599.nasl http://nessus.org/plugins/index.php?view=single&id=50440 Fedora 12 2010-16599 50439 fedora_2010-16270.nasl http://nessus.org/plugins/index.php?view=single&id=50439 Fedora 13 2010-16270 50438 fedora_2010-16248.nasl http://nessus.org/plugins/index.php?view=single&id=50438 Fedora 12 2010-16248 50437 fedora_2010-15785.nasl http://nessus.org/plugins/index.php?view=single&id=50437 Fedora 12 2010-15785 50436 Slackware_SSA_2010-305-03.nasl http://nessus.org/plugins/index.php?view=single&id=50436 SSA-2010-305-03 New CVS packages available 50435 Slackware_SSA_2010-060-01.nasl http://nessus.org/plugins/index.php?view=single&id=50435 SSA-2010-060-01 seamonkey 50434 realpage_upload_activex.nasl http://nessus.org/plugins/index.php?view=single&id=50434 RealPage Module Upload ActiveX Control Multiple Vulnerabilities 50433 symantec_im_mgr_whereclause_sqli.nasl http://nessus.org/plugins/index.php?view=single&id=50433 Symantec IM Manager whereClause Parameter SQL Injection (SYM10-010) 50432 symantec_im_mgr_8_4_16.nasl http://nessus.org/plugins/index.php?view=single&id=50432 Symantec IM Manager < 8.4.16 Multiple SQL Injections (SYM10-010) 50431 sawmill_8_1_7_3.nasl http://nessus.org/plugins/index.php?view=single&id=50431 Sawmill 8.x < 8.1.7.3 50430 sawmill_detect.nasl http://nessus.org/plugins/index.php?view=single&id=50430 Sawmill Detection 50429 mandriva_MDVSA-2010-218.nasl http://nessus.org/plugins/index.php?view=single&id=50429 MDVSA-2010:218: php 50428 fedora_2010-11319.nasl http://nessus.org/plugins/index.php?view=single&id=50428 Fedora 12 2010-11319 50427 Slackware_SSA_2010-305-01.nasl http://nessus.org/plugins/index.php?view=single&id=50427 SSA-2010-305-01 seamonkey _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: NSE: 1, OpenVAS: 4, MSF: 1, Nessus: 22 New VA Module Alert Service (Nov 02)