Nmap Development mailing list archives
New VA Modules: NSE: 2, OpenVAS: 11, Nessus: 6
From: New VA Module Alert Service <postmaster () insecure org>
Date: Wed, 9 Nov 2011 10:01:12 -0800 (PST)
This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == Nmap Scripting Engine scripts (2) == r27029 http-method-tamper http://nmap.org/nsedoc/scripts/http-method-tamper.html Checks if a JBoss target is vulnerable to jmx console authentication bypass. r27031 irc-botnet-channels http://nmap.org/nsedoc/scripts/irc-botnet-channels.html Checks an IRC server for channels that may be used by botnets. == OpenVAS plugins (11) == r12059 902484 secpod_ms11-083.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_ms11-083.nasl?root=openvas&view=markup Microsoft Windows TCP/IP Remote Code Execution Vulnerability (2588516) r12059 902485 secpod_ms11-084.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_ms11-084.nasl?root=openvas&view=markup Windows Kernel-Mode Drivers Remote Code Execution Vulnerability (2617657) r12059 902486 secpod_ms11-085.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_ms11-085.nasl?root=openvas&view=markup Windows Mail and Windows Meeting Space Remote Code Execution Vulnerability (2620704) r12059 902484 secpod_ms11-086.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_ms11-086.nasl?root=openvas&view=markup Microsoft Windows Active Directory LDAPS Authentication Bypass Vulnerability (2630837) r12061 802340 gb_etherape_rpc_call_parsing_dos_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_etherape_rpc_call_parsing_dos_vuln.nasl?root=openvas&view=markup EtherApe RPC Packet Processing Denial of Service Vulnerability r12061 802504 gb_php_is_a_fun_arbitrary_code_exec_vuln_win.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_php_is_a_fun_arbitrary_code_exec_vuln_win.nasl?root=openvas&view=markup PHP 'is_a()' Function Remote Arbitrary Code Execution Vulnerability (Windows) r12061 802196 gb_joomla_mult_components_sql_inj_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_mult_components_sql_inj_vuln.nasl?root=openvas&view=markup Joomla Multiple Components SQL Injection Vulnerabilities r12061 802341 gb_webfilebrowser_file_download_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_webfilebrowser_file_download_vuln.nasl?root=openvas&view=markup Web File Browser 'act' Parameter File Download Vulnerability r12061 802189 gb_joomla_teams_sql_inj_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_teams_sql_inj_vuln.nasl?root=openvas&view=markup Joomla 'Teams' Component SQL Injection Vulnerability r12061 802270 gb_goahead_webserver_mult_stored_xss_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_goahead_webserver_mult_stored_xss_vuln.nasl?root=openvas&view=markup GoAhead Webserver Multiple Stored Cross Site Scripting Vulnerabilities r12061 802500 gb_ms_truetype_font_privilege_elevation_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ms_truetype_font_privilege_elevation_vuln.nasl?root=openvas&view=markup Microsoft Windows TrueType Font Parsing Privilege Elevation Vulnerability == Nessus plugins (6) == 56739 smb_nt_ms11-086.nasl http://nessus.org/plugins/index.php?view=single&id=56739 MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege (2630837) 56738 smb_nt_ms11-085.nasl http://nessus.org/plugins/index.php?view=single&id=56738 MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could Allow Remote Code Execution (2620704) 56737 smb_nt_ms11-084.nasl http://nessus.org/plugins/index.php?view=single&id=56737 MS11-084: Vulnerability in Windows Kernel-Mode Drivers Could Allow Denial of Service (2617657) 56736 smb_nt_ms11-083.nasl http://nessus.org/plugins/index.php?view=single&id=56736 MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) 56735 timthumb_cache_dir_arbitrary_upload.nasl http://nessus.org/plugins/index.php?view=single&id=56735 TimThumb Cache Directory src Parameter Arbitrary PHP File Upload 56734 shockwave_player_apsb11-27.nasl http://nessus.org/plugins/index.php?view=single&id=56734 Shockwave Player <= 11.6.1.629 Multiple Memory Corruption Vulnerabilities (APSB11-27) _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: NSE: 2, OpenVAS: 11, Nessus: 6 New VA Module Alert Service (Nov 09)