Nmap Development mailing list archives
New VA Modules: NSE: 1, OpenVAS: 2, MSF: 2, Nessus: 54
From: New VA Module Alert Service <postmaster () insecure org>
Date: Thu, 19 Jan 2012 10:00:58 -0800 (PST)
This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == Nmap Scripting Engine scripts (1) == r27869 dns-srv-enum http://nmap.org/nsedoc/scripts/dns-srv-enum.html Enumerates various common service (SRV) records for a given domain name. The service records contain the hostname, port and priority of servers for a given service. The following services are enumerated by the script: - Active Directory Global Catalog - Exchange Autodiscovery - Kerberos KDC Service - Kerberos Passwd Change Service - LDAP Servers - SIP Servers - XMPP Servers == OpenVAS plugins (2) == r12499 103391 gb_OneOrZero_51549.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_OneOrZero_51549.nasl?root=openvas&view=markup OneOrZero AIMS 'index.php' Cross Site Scripting Vulnerability r12499 103392 gb_phpvideopro_51428.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_phpvideopro_51428.nasl?root=openvas&view=markup phpVideoPro Multiple Cross Site Scripting Vulnerabilities == Metasploit modules (2) == r14577 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/http/hp_nnm_ovbuildpath_textfile.rb HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow r14582 http://metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/gather/d20pass.rb General Electric D20 Password Recovery == Nessus plugins (54) == 57589 oracle_rdbms_cpu_jan_2012.nasl http://nessus.org/plugins/index.php?view=single&id=57589 Oracle Database, January 2012 Critical Patch Update 57588 ubuntu_USN-1333-1.nasl http://nessus.org/plugins/index.php?view=single&id=57588 USN-1333-1 : libav vulnerabilities 57587 suse_acroread-7924.nasl http://nessus.org/plugins/index.php?view=single&id=57587 SuSE Security Update: Security update for Acrobat Reader (acroread-7924) 57586 suse_11_acroread-120112.nasl http://nessus.org/plugins/index.php?view=single&id=57586 SuSE Security Update: acroread (2012-01-12) 57585 freebsd_pkg_1ac858b03fae11e1a1270013d3ccd9df.nasl http://nessus.org/plugins/index.php?view=single&id=57585 FreeBSD : OpenTTD -- Denial of service (server) via slow read attack (1ac858b0-3fae-11e1-a127-0013d3ccd9df) 57584 fedora_2012-0018.nasl http://nessus.org/plugins/index.php?view=single&id=57584 Fedora 15 2012-0018 57583 debian_DSA-2389.nasl http://nessus.org/plugins/index.php?view=single&id=57583 Debian DSA-2389-1 : linux-2.6 - privilege escalation/denial of service/information leak 57582 ssl_self_signed_certificate.nasl http://nessus.org/plugins/index.php?view=single&id=57582 SSL Self-Signed Certificate 57581 pci_reachable_database.nasl http://nessus.org/plugins/index.php?view=single&id=57581 PCI DSS compliance : Database Reachable from the Internet 57580 op5_monitor_session_cookie.nasl http://nessus.org/plugins/index.php?view=single&id=57580 op5 Monitor Persistent Session Cookie 57579 op5_monitor_credential_leak.nasl http://nessus.org/plugins/index.php?view=single&id=57579 op5 Monitor Credential Leak 57578 op5_config_command_execution.nasl http://nessus.org/plugins/index.php?view=single&id=57578 op5 Config Arbitrary Command Execution 57577 op5_monitor_detect.nasl http://nessus.org/plugins/index.php?view=single&id=57577 op5 Monitor Detection 57576 op5_portal_command_execution.nasl http://nessus.org/plugins/index.php?view=single&id=57576 op5 Portal Arbitrary Command Execution 57575 op5_portal_detect.nasl http://nessus.org/plugins/index.php?view=single&id=57575 op5 Portal Detection 57574 unbound_1_4_14.nasl http://nessus.org/plugins/index.php?view=single&id=57574 Unbound < 1.4.14 / 1.4.13p2 DoS Vulnerabilities 57573 powerdns_3_0_1.nasl http://nessus.org/plugins/index.php?view=single&id=57573 PowerDNS < 2.9.22.5 / 3.0.1 Traffic Loop DoS 57571 ssl_certificate_chain.nasl http://nessus.org/plugins/index.php?view=single&id=57571 SSL Certificate Chain Analysis 57570 suse_openssl-7923.nasl http://nessus.org/plugins/index.php?view=single&id=57570 SuSE Security Update: Security update for OpenSSL (openssl-7923) 57569 suse_11_libopenssl-devel-120111.nasl http://nessus.org/plugins/index.php?view=single&id=57569 SuSE Security Update: libopenssl-devel (2012-01-11) 57568 mandriva_MDVSA-2012-006.nasl http://nessus.org/plugins/index.php?view=single&id=57568 MDVSA-2012:006 : openssl 57567 mandriva_MDVSA-2012-005.nasl http://nessus.org/plugins/index.php?view=single&id=57567 MDVSA-2012:005 : libxml2 57566 fedora_2012-0248.nasl http://nessus.org/plugins/index.php?view=single&id=57566 Fedora 16 2012-0248 57565 fedora_2012-0247.nasl http://nessus.org/plugins/index.php?view=single&id=57565 Fedora 15 2012-0247 57564 fedora_2012-0233.nasl http://nessus.org/plugins/index.php?view=single&id=57564 Fedora 15 2012-0233 57563 fedora_2012-0166.nasl http://nessus.org/plugins/index.php?view=single&id=57563 Fedora 16 2012-0166 57562 centos_RHSA-2012-0018.nasl http://nessus.org/plugins/index.php?view=single&id=57562 CentOS : RHSA-2012-0018 17839 openssh_211p3.nasl http://nessus.org/plugins/index.php?view=single&id=17839 OpenSSH < 2.1.1p3 Format String Privilege Escalation 17838 mysql_client_symlink_attack.nasl http://nessus.org/plugins/index.php?view=single&id=17838 MySQL < 3.23.50 / 4.0.24 / 4.1.6 / 5.0.3 Insecure Temporary File Creation 17837 mysql_6_0_9.nasl http://nessus.org/plugins/index.php?view=single&id=17837 MySQL < 6.0.9-alpha Access Control Weakness 17836 mysql_5_5_6.nasl http://nessus.org/plugins/index.php?view=single&id=17836 MySQL < 5.5.6 Multiple Denial of Service 17835 mysql_5_1_43_yaSSL.nasl http://nessus.org/plugins/index.php?view=single&id=17835 MySQL < 5.0.90 / 5.1.43 / 5.5.0-m2 Multiple Buffer Overflows 17834 mysql_5_0_92.nasl http://nessus.org/plugins/index.php?view=single&id=17834 MySQL < 5.0.92 Multiple Denial of Service 17833 mysql_5_0_54_5_1_23_6_0_4_DoS.nasl http://nessus.org/plugins/index.php?view=single&id=17833 MySQL < 5.0.54 / 5.1.23 / 6.0.4 Denial of Service 17832 mysql_5_0_40.nasl http://nessus.org/plugins/index.php?view=single&id=17832 MySQL 5.0 < 5.0.40 Multiple Vulnerabilities 17831 mysql_5_0_23_or_5_1_12.nasl http://nessus.org/plugins/index.php?view=single&id=17831 MySQL < 5.0.23 / 5.1.12 Denial of Service 17830 mysql_5_0_18_info_leak.nasl http://nessus.org/plugins/index.php?view=single&id=17830 MySQL 5.0.18 Information Leak 17829 mysql_4_1_23_5_0_42.nasl http://nessus.org/plugins/index.php?view=single&id=17829 MySQL < 4.1.23 / 5.0.42 Access Control Vulnerability 17828 mysql_4_1_13a_or_5_0_11.nasl http://nessus.org/plugins/index.php?view=single&id=17828 MySQL < 4.1.13a / 5.0.11 Zlib Library Buffer Overflow 17827 mysql_4_1_13a_or_5_0_10.nasl http://nessus.org/plugins/index.php?view=single&id=17827 MySQL < 4.1.13a / 5.0.10 Zlib Library Buffer Overflow 17826 mysql_4_1_13_or_5_0_8.nasl http://nessus.org/plugins/index.php?view=single&id=17826 MySQL < 4.1.13 / 5.0.8 DOS Device Name Denial of Service Vulnerabilities 17825 mysql_4_1_13.nasl http://nessus.org/plugins/index.php?view=single&id=17825 MySQL < 4.1.13 Denial of Service 17824 mysql_4_1.nasl http://nessus.org/plugins/index.php?view=single&id=17824 MySQL Weak Hash Algorithm 17823 mysql_4_0_20.nasl http://nessus.org/plugins/index.php?view=single&id=17823 MySQL < 4.0.20 File Overwrite 17822 mysql_4_0_14.nasl http://nessus.org/plugins/index.php?view=single&id=17822 MySQL < 4.0.14 libmysqlclient Buffer Overflow 17821 mysql_3_weak_default_config.nasl http://nessus.org/plugins/index.php?view=single&id=17821 MySQL 3.20.32 - 3.23.52 Weak Default Configuration 17820 mysql_3_23_56.nasl http://nessus.org/plugins/index.php?view=single&id=17820 MySQL < 3.23.56 Writable Configuration Files 17819 mysql_3_23_50_or_4_02.nasl http://nessus.org/plugins/index.php?view=single&id=17819 MySQL < 3.23.50 / 4.0.2 Local Code Execution 17818 mysql_3_23_33.nasl http://nessus.org/plugins/index.php?view=single&id=17818 MySQL < 3.23.33 Multiple Buffer Overflows 17817 mysql_3_23_31.nasl http://nessus.org/plugins/index.php?view=single&id=17817 MySQL < 3.23.31 Buffer Overflow 17816 mysql_3_22_weak_auth.nasl http://nessus.org/plugins/index.php?view=single&id=17816 MySQL 3.x Password Disclosure 17815 mysql_3_22.nasl http://nessus.org/plugins/index.php?view=single&id=17815 MySQL < 3.22 Readable Logs http_ms12-007.nbin tftp_func.inc _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: NSE: 1, OpenVAS: 2, MSF: 2, Nessus: 54 New VA Module Alert Service (Jan 19)