Nmap Development mailing list archives
New VA Modules: NSE: 5, OpenVAS: 4, Nessus: 34
From: New VA Module Alert Service <postmaster () insecure org>
Date: Tue, 23 Aug 2011 10:00:41 -0700 (PDT)
This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == Nmap Scripting Engine scripts (5) == r26156 http-awstatstotals-exec http://nmap.org/nsedoc/scripts/http-awstatstotals-exec.html http-awstatstotals-exec exploits a remote code execution vulnerability in Awstats Totals 1.0 up to 1.14 and possibly other products based on it. [CVE: 2008-3922] r26156 http-joomla-brute http://nmap.org/nsedoc/scripts/http-joomla-brute.html Performs a brute force password attack against Joomla installations. r26156 http-wordpress-brute http://nmap.org/nsedoc/scripts/http-wordpress-brute.html Performs a brute force password attack against Wordpress installations. r26156 http-wp-enum http://nmap.org/nsedoc/scripts/http-wp-enum.html http-wp-enum enumerates usernames in Wordpress installations by exploiting an information disclosure vulnerability existing in versions 2.6, 3.1, 3.1.1, 3.1.3 and 3.2-beta2 and possibly others. r26164 address-info http://nmap.org/nsedoc/scripts/address-info.html Shows extra information about IP addresses. == OpenVAS plugins (4) == r11486 902713 secpod_wordpress_wp_stats_dashboard_mult_xss_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_wordpress_wp_stats_dashboard_mult_xss_vuln.nasl?root=openvas&view=markup WordPress WP-Stats-Dashboard Plugin Multiple Cross-Site Scripting Vulnerabilities r11486 902715 secpod_macosx_packagekit_format_string_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_macosx_packagekit_format_string_vuln.nasl?root=openvas&view=markup Apple Mac OS X PackageKit Format String Vulnerability r11487 103220 gb_greenbone_os_detect.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_greenbone_os_detect.nasl?root=openvas&view=markup Greenbone GSM Detection r11487 103221 gb_wordpress_49271.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_wordpress_49271.nasl?root=openvas&view=markup WordPress UnGallery 'zip' Parameter Local File Disclosure Vulnerability == Nessus plugins (34) == 55957 ubuntu_USN-1194-1.nasl http://nessus.org/plugins/index.php?view=single&id=55957 USN-1194-1 : foomatic-filters vulnerabilities 55956 freebsd_pkg_3f1df2f9cd2211e09bb200215c6a37bb.nasl http://nessus.org/plugins/index.php?view=single&id=55956 FreeBSD : php -- crypt() returns only the salt for MD5 (5471) 55955 fedora_2011-11103.nasl http://nessus.org/plugins/index.php?view=single&id=55955 Fedora 14 2011-11103 55954 fedora_2011-11087.nasl http://nessus.org/plugins/index.php?view=single&id=55954 Fedora 15 2011-11087 55953 fedora_2011-11084.nasl http://nessus.org/plugins/index.php?view=single&id=55953 Fedora 14 2011-11084 55952 fedora_2011-10808.nasl http://nessus.org/plugins/index.php?view=single&id=55952 Fedora 15 2011-10808 55951 fedora_2011-10782.nasl http://nessus.org/plugins/index.php?view=single&id=55951 Fedora 14 2011-10782 55950 fedora_2011-10781.nasl http://nessus.org/plugins/index.php?view=single&id=55950 Fedora 14 2011-10781 55949 fedora_2011-10761.nasl http://nessus.org/plugins/index.php?view=single&id=55949 Fedora 16 2011-10761 55948 fedora_2011-10667.nasl http://nessus.org/plugins/index.php?view=single&id=55948 Fedora 16 2011-10667 55947 fedora_2011-10583.nasl http://nessus.org/plugins/index.php?view=single&id=55947 Fedora 16 2011-10583 55946 fedora_2011-10452.nasl http://nessus.org/plugins/index.php?view=single&id=55946 Fedora 16 2011-10452 55945 fedora_2011-10399.nasl http://nessus.org/plugins/index.php?view=single&id=55945 Fedora 16 2011-10399 55944 fedora_2011-10028.nasl http://nessus.org/plugins/index.php?view=single&id=55944 Fedora 16 2011-10028 55943 fedora_2011-10020.nasl http://nessus.org/plugins/index.php?view=single&id=55943 Fedora 16 2011-10020 55942 debian_DSA-2297.nasl http://nessus.org/plugins/index.php?view=single&id=55942 [DSA2297] DSA-2297-1 icedove 55941 juniper_psn-2011-01-147.nasl http://nessus.org/plugins/index.php?view=single&id=55941 Junos J-Web Weak SSL Ciphers (PSN-2011-01-147) 55940 juniper_psn-2011-02-158.nasl http://nessus.org/plugins/index.php?view=single&id=55940 Junos debug.php Unauthenticated Debug Access (PSN-2011-02-158) 55939 juniper_psn-2011-04-241.nasl http://nessus.org/plugins/index.php?view=single&id=55939 Junos 11.1R1 on EX Series switches causes multiple sfid daemon crashes (PSN-2011-04-241) 55938 juniper_psn-2011-07-296.nasl http://nessus.org/plugins/index.php?view=single&id=55938 Junos PIM rpd DoS (PSN-2011-07-296) 55937 juniper_psn-2011-07-297.nasl http://nessus.org/plugins/index.php?view=single&id=55937 Junos ICMP Ping 'composite next-hop' DoS (PSN-2011-07-297) 55936 juniper_psn-2011-07-298.nasl http://nessus.org/plugins/index.php?view=single&id=55936 Junos Fragmented ICMP Packets DoS (PSN-2011-07-298) 55935 juniper_psn-2011-07-299.nasl http://nessus.org/plugins/index.php?view=single&id=55935 Junos IPv6 over IPv4 Security Policy Bypass (PSN-2011-07-299) 55934 juniper_psn-2011-07-300.nasl http://nessus.org/plugins/index.php?view=single&id=55934 Junos DHCP Relay Agent Traffic Redirection (PSN-2011-07-300) 55933 junos_unsupported.nasl http://nessus.org/plugins/index.php?view=single&id=55933 Unsupported Junos Operating System 55932 junos_version.nasl http://nessus.org/plugins/index.php?view=single&id=55932 Junos Version 55931 glassfish_get_auth_bypass.nasl http://nessus.org/plugins/index.php?view=single&id=55931 Oracle GlassFish Server Administration Console GET Request Authentication Bypass 55930 glassfish_detect.nasl http://nessus.org/plugins/index.php?view=single&id=55930 Oracle GlassFish HTTP Server Version 55929 glassfish_console_detect.nasl http://nessus.org/plugins/index.php?view=single&id=55929 Oracle GlassFish Console 55928 pidgin_2_10_0.nasl http://nessus.org/plugins/index.php?view=single&id=55928 Pidgin < 2.10.0 Multiple Vulnerabilities 55927 citrix_eslt_heap_overflow.nasl http://nessus.org/plugins/index.php?view=single&id=55927 Buffer Overflow in Citrix EdgeSight Load Tester 55925 php_5_3_7.nasl http://nessus.org/plugins/index.php?view=single&id=55925 PHP 5.3 < 5.3.7 Multiple Vulnerabilities citrix_eslt_detect.nbin junos.inc _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: NSE: 5, OpenVAS: 4, Nessus: 34 New VA Module Alert Service (Aug 23)