Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

New VA Modules: NSE: 2, OpenVAS: 11, Nessus: 6

From: New VA Module Alert Service <postmaster () insecure org>
Date: Wed, 9 Nov 2011 10:01:12 -0800 (PST)
This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== Nmap Scripting Engine scripts (2) ==

r27029 http-method-tamper http://nmap.org/nsedoc/scripts/http-method-tamper.html
Checks if a JBoss target is vulnerable to jmx console authentication
bypass.

r27031 irc-botnet-channels http://nmap.org/nsedoc/scripts/irc-botnet-channels.html
Checks an IRC server for channels that may be used by botnets.

== OpenVAS plugins (11) ==

r12059 902484 secpod_ms11-083.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_ms11-083.nasl?root=openvas&view=markup
Microsoft Windows TCP/IP Remote Code Execution Vulnerability (2588516)

r12059 902485 secpod_ms11-084.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_ms11-084.nasl?root=openvas&view=markup
Windows Kernel-Mode Drivers Remote Code Execution Vulnerability
(2617657)

r12059 902486 secpod_ms11-085.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_ms11-085.nasl?root=openvas&view=markup
Windows Mail and Windows Meeting Space Remote Code Execution
Vulnerability (2620704)

r12059 902484 secpod_ms11-086.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_ms11-086.nasl?root=openvas&view=markup
Microsoft Windows Active Directory LDAPS Authentication Bypass
Vulnerability (2630837)

r12061 802340 gb_etherape_rpc_call_parsing_dos_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_etherape_rpc_call_parsing_dos_vuln.nasl?root=openvas&view=markup
EtherApe RPC Packet Processing Denial of Service Vulnerability

r12061 802504 gb_php_is_a_fun_arbitrary_code_exec_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_php_is_a_fun_arbitrary_code_exec_vuln_win.nasl?root=openvas&view=markup
PHP 'is_a()' Function Remote Arbitrary Code Execution Vulnerability
(Windows)

r12061 802196 gb_joomla_mult_components_sql_inj_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_mult_components_sql_inj_vuln.nasl?root=openvas&view=markup
Joomla Multiple Components SQL Injection Vulnerabilities

r12061 802341 gb_webfilebrowser_file_download_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_webfilebrowser_file_download_vuln.nasl?root=openvas&view=markup
Web File Browser 'act' Parameter File Download Vulnerability

r12061 802189 gb_joomla_teams_sql_inj_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_teams_sql_inj_vuln.nasl?root=openvas&view=markup
Joomla 'Teams' Component SQL Injection Vulnerability

r12061 802270 gb_goahead_webserver_mult_stored_xss_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_goahead_webserver_mult_stored_xss_vuln.nasl?root=openvas&view=markup
GoAhead Webserver Multiple Stored Cross Site Scripting Vulnerabilities

r12061 802500 gb_ms_truetype_font_privilege_elevation_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ms_truetype_font_privilege_elevation_vuln.nasl?root=openvas&view=markup
Microsoft Windows TrueType Font Parsing Privilege Elevation
Vulnerability

== Nessus plugins (6) ==

56739 smb_nt_ms11-086.nasl
http://nessus.org/plugins/index.php?view=single&id=56739
MS11-086: Vulnerability in Active Directory Could Allow Elevation of
Privilege (2630837)

56738 smb_nt_ms11-085.nasl
http://nessus.org/plugins/index.php?view=single&id=56738
MS11-085: Vulnerability in Windows Mail and Windows Meeting Space Could
Allow Remote Code Execution (2620704)

56737 smb_nt_ms11-084.nasl
http://nessus.org/plugins/index.php?view=single&id=56737
MS11-084: Vulnerability in Windows Kernel-Mode Drivers Could Allow
Denial of Service (2617657)

56736 smb_nt_ms11-083.nasl
http://nessus.org/plugins/index.php?view=single&id=56736
MS11-083: Vulnerability in TCP/IP Could Allow Remote Code Execution
(2588516)

56735 timthumb_cache_dir_arbitrary_upload.nasl
http://nessus.org/plugins/index.php?view=single&id=56735
TimThumb Cache Directory src Parameter Arbitrary PHP File Upload

56734 shockwave_player_apsb11-27.nasl
http://nessus.org/plugins/index.php?view=single&id=56734
Shockwave Player <= 11.6.1.629 Multiple Memory Corruption
Vulnerabilities (APSB11-27)
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: