New VA Modules: NSE: 2, OpenVAS: 9, MSF: 2, Nessus: 3

[New VA Module Alert Service <postmaster () insecure org>]

This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== Nmap Scripting Engine scripts (2) ==

r20905 broadcast-dns-service-discovery.nse http://nmap.org/nsedoc/scripts/broadcast-dns-service-discovery.nse
Attempts to discover a hosts services using the DNS Service Discovery
protocol. It does so by sending a multicast query and collects responses
from all responding hosts.

r20911 broadcast-upnp-info.nse http://nmap.org/nsedoc/scripts/broadcast-upnp-info.nse
Attempts to extract system information from the UPnP service by running
a multicast query.

== OpenVAS plugins (9) ==

r9335 902270 secpod_home_ftp_server_dir_trav_vun.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_home_ftp_server_dir_trav_vun.nasl?root=openvas&view=markup
Home FTP Server Multiple Directory Traversal Vulnerabilities

r9335 801533 gb_mongoose_web_server_mult_dir_traversal_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_mongoose_web_server_mult_dir_traversal_vuln.nasl?root=openvas&view=markup
Mongoose Web Server Multiple Directory Traversal Vulnerabilities

r9335 801532 gb_oracle_sjs_web_server_response_splitting_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_oracle_sjs_web_server_response_splitting_vuln.nasl?root=openvas&view=markup
Oracle Sun Java System Web Server HTTP Response Splitting Vulnerability

r9335 801622 gb_realwin_scada_bof_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_realwin_scada_bof_vuln.nasl?root=openvas&view=markup
RealWin SCADA System Buffer Overflow Vulnerability

r9335 801476 gb_adobe_shockwave_player_arbitrary_code_exec_vuln_oct10.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_adobe_shockwave_player_arbitrary_code_exec_vuln_oct10.nasl?root=openvas&view=markup
Adobe Shockwave player Arbitrary Code Execution Vulnerability

r9335 801475 gb_firefox_unspecified_vuln_oct10_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_firefox_unspecified_vuln_oct10_win.nasl?root=openvas&view=markup
Mozilla Firefox Unspecified Vulnerability Oct-10 (Windows)

r9340 100891 gb_webmedia_explorer_44598.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_webmedia_explorer_44598.nasl?root=openvas&view=markup
Webmedia Explorer HTML Injection Vulnerability

r9340 100890 gb_freepbx_43454.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_freepbx_43454.nasl?root=openvas&view=markup
FreePBX System Recordings Menu Arbitrary File Upload Vulnerability

r9340 100889 gb_freepbx_detect.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_freepbx_detect.nasl?root=openvas&view=markup
FreePBX Detection

== Metasploit modules (2) ==

r10865 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/http/coldfusion_fckeditor.rb
ColdFusion 8.0.1 Arbitrary File Upload and Execute.

r10887 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/http/webster_http.rb
Webster HTTP Server GET Buffer Overflow

== Nessus plugins (3) ==

50451 db2_97fp3.nasl
http://nessus.org/plugins/index.php?view=single&id=50451
DB2 9.7 < Fix Pack 3 Multiple Vulnerabilities

50450 fisheye_code_metrics_xss.nasl
http://nessus.org/plugins/index.php?view=single&id=50450
Atlassian FishEye Code Metrics Report Plugin XSS

50449 fisheye_detect.nasl
http://nessus.org/plugins/index.php?view=single&id=50449
Atlassian FishEye Detection
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/