Nmap Development mailing list archives
New VA Modules: NSE: 2, OpenVAS: 25, Nessus: 26
From: New VA Module Alert Service <postmaster () insecure org>
Date: Wed, 25 Jan 2012 10:02:14 -0800 (PST)
This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == Nmap Scripting Engine scripts (2) == r27896 broadcast-dhcp6-discover http://nmap.org/nsedoc/scripts/broadcast-dhcp6-discover.html Sends a DHCPv6 request (Solicit) to the DHCPv6 multicast address. It parses the response and extracts the address along with any options returned by the server. r27899 iax2-brute http://nmap.org/nsedoc/scripts/iax2-brute.html Performs brute force password guessing against the Asterisk IAX2 protocol. Guessing fails when a large number of attempts is made due to the maxcallnumber limit (default 2048). In case your getting "ERROR: Too many retries, aborted ..." after a while, this is most likely what's happening. In order to avoid this problem try: - reducing the size of your dictionary - use the brute delay option to introduce a delay between guesses - split the guessing up in chunks and wait for a while between them == OpenVAS plugins (25) == r12516 863701 gb_fedora_2012_0440_wireshark_fc15.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2012_0440_wireshark_fc15.nasl?root=openvas&view=markup Fedora Update for wireshark FEDORA-2012-0440 r12516 secpod_oracle_virtualbox_detect_macosx.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_oracle_virtualbox_detect_macosx.nasl?root=openvas&view=markup Oracle VM VirtaulBox Version Detection (Mac OS X) r12516 863702 gb_fedora_2012_0709_xkeyboard-config_fc15.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2012_0709_xkeyboard-config_fc15.nasl?root=openvas&view=markup Fedora Update for xkeyboard-config FEDORA-2012-0709 r12516 902905 secpod_google_chrome_navigation_entry_mult_vuln_macosx.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_google_chrome_navigation_entry_mult_vuln_macosx.nasl?root=openvas&view=markup Google Chrome Multiple Vulnerabilities - Jan12 (Mac OS X) r12516 902903 secpod_google_chrome_navigation_entry_mult_vuln_win.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_google_chrome_navigation_entry_mult_vuln_win.nasl?root=openvas&view=markup Google Chrome Multiple Vulnerabilities - Jan12 (Windows) r12516 902809 secpod_ibm_lotus_symphony_iof_vuln_lin.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_ibm_lotus_symphony_iof_vuln_lin.nasl?root=openvas&view=markup IBM Lotus Symphony Image Object Integer Overflow Vulnerability (Linux) r12516 802565 gb_cogent_cascade_n_opc_datahub_mult_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_cogent_cascade_n_opc_datahub_mult_vuln.nasl?root=openvas&view=markup Cogent OPC DataHub and Cascade DataHub XSS and CRLF Vulnerabilities r12516 863704 gb_fedora_2012_0702_openssl_fc15.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2012_0702_openssl_fc15.nasl?root=openvas&view=markup Fedora Update for openssl FEDORA-2012-0702 r12516 840875 gb_ubuntu_USN_1340_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1340_1.nasl?root=openvas&view=markup Ubuntu Update for linux-lts-backport-oneiric USN-1340-1 r12516 902790 secpod_joomla_mult_components_sql_inj_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_joomla_mult_components_sql_inj_vuln.nasl?root=openvas&view=markup Joomla Jomdirectory and Advert Components SQL Injection Vulnerabilities r12516 902787 secpod_annuaire_php_xss_vuln.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_annuaire_php_xss_vuln.nasl?root=openvas&view=markup Annuaire PHP 'sites_inscription.php' Cross Site Scripting Vulnerability r12516 840870 gb_ubuntu_USN_1341_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1341_1.nasl?root=openvas&view=markup Ubuntu Update for linux USN-1341-1 r12516 863700 gb_fedora_2012_0861_kernel_fc15.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2012_0861_kernel_fc15.nasl?root=openvas&view=markup Fedora Update for kernel FEDORA-2012-0861 r12516 840873 gb_ubuntu_USN_1344_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1344_1.nasl?root=openvas&view=markup Ubuntu Update for linux USN-1344-1 r12516 840874 gb_ubuntu_USN_1345_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1345_1.nasl?root=openvas&view=markup Ubuntu Update for linux USN-1345-1 r12516 840872 gb_ubuntu_USN_1263_2.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1263_2.nasl?root=openvas&view=markup Ubuntu Update for openjdk-6 USN-1263-2 r12516 840871 gb_ubuntu_USN_1337_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1337_1.nasl?root=openvas&view=markup Ubuntu Update for linux-lts-backport-natty USN-1337-1 r12516 840876 gb_ubuntu_USN_1346_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1346_1.nasl?root=openvas&view=markup Ubuntu Update for curl USN-1346-1 r12516 840877 gb_ubuntu_USN_1338_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1338_1.nasl?root=openvas&view=markup Ubuntu Update for rsyslog USN-1338-1 r12516 863703 gb_fedora_2012_0462_emacs_fc15.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_fedora_2012_0462_emacs_fc15.nasl?root=openvas&view=markup Fedora Update for emacs FEDORA-2012-0462 r12516 870532 gb_RHSA-2012_0060-01_openssl.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_RHSA-2012_0060-01_openssl.nasl?root=openvas&view=markup RedHat Update for openssl RHSA-2012:0060-01 r12516 902904 secpod_google_chrome_navigation_entry_mult_vuln_lin.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_google_chrome_navigation_entry_mult_vuln_lin.nasl?root=openvas&view=markup Google Chrome Multiple Vulnerabilities - Jan12 (Linux) r12516 902789 secpod_oracle_virtualbox_unspecified_vuln_macosx.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_oracle_virtualbox_unspecified_vuln_macosx.nasl?root=openvas&view=markup Oracle VM VirtualBox Unspecified Vulnerability (MAC OS X) r12516 840869 gb_ubuntu_USN_1339_1.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ubuntu_USN_1339_1.nasl?root=openvas&view=markup Ubuntu Update for qemu-kvm USN-1339-1 r12516 902808 secpod_ibm_lotus_symphony_iof_vuln_win.nasl http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_ibm_lotus_symphony_iof_vuln_win.nasl?root=openvas&view=markup IBM Lotus Symphony Image Object Integer Overflow Vulnerability (Windows) == Nessus plugins (26) == 57666 google_chrome_16_0_912_77.nasl http://nessus.org/plugins/index.php?view=single&id=57666 Google Chrome < 16.0.912.77 Multiple Vulnerabilities 57665 ubuntu_USN-1341-1.nasl http://nessus.org/plugins/index.php?view=single&id=57665 USN-1341-1 : linux vulnerabilities 57664 ubuntu_USN-1340-1.nasl http://nessus.org/plugins/index.php?view=single&id=57664 USN-1340-1 : linux-lts-backport-oneiric vulnerabilities 57663 ubuntu_USN-1339-1.nasl http://nessus.org/plugins/index.php?view=single&id=57663 USN-1339-1 : qemu-kvm vulnerability 57662 ubuntu_USN-1338-1.nasl http://nessus.org/plugins/index.php?view=single&id=57662 USN-1338-1 : rsyslog vulnerability 57661 ubuntu_USN-1337-1.nasl http://nessus.org/plugins/index.php?view=single&id=57661 USN-1337-1 : linux-lts-backport-natty vulnerabilities 57660 ubuntu_USN-1336-1.nasl http://nessus.org/plugins/index.php?view=single&id=57660 USN-1336-1 : linux vulnerability 57659 suse_kernel-7918.nasl http://nessus.org/plugins/index.php?view=single&id=57659 SuSE Security Update: Security update for Linux kernel (kernel-7918) 57658 suse_java-1_6_0-ibm-7926.nasl http://nessus.org/plugins/index.php?view=single&id=57658 SuSE Security Update: Security update for IBM Java (java-1_6_0-ibm-7926) 57657 redhat-RHSA-2012-0052.nasl http://nessus.org/plugins/index.php?view=single&id=57657 RHSA-2012-0052: kernel 57656 gentoo_GLSA-201201-14.nasl http://nessus.org/plugins/index.php?view=single&id=57656 GLSA-201201-14 : MIT Kerberos 5 Applications: Multiple vulnerabilities 57655 gentoo_GLSA-201201-13.nasl http://nessus.org/plugins/index.php?view=single&id=57655 GLSA-201201-13 : MIT Kerberos 5: Multiple vulnerabilities 57654 gentoo_GLSA-201201-12.nasl http://nessus.org/plugins/index.php?view=single&id=57654 GLSA-201201-12 : Tor: Multiple vulnerabilities 57653 gentoo_GLSA-201201-11.nasl http://nessus.org/plugins/index.php?view=single&id=57653 GLSA-201201-11 : Firewall Builder: Privilege escalation 57652 gentoo_GLSA-201201-10.nasl http://nessus.org/plugins/index.php?view=single&id=57652 GLSA-201201-10 : JasPer: User-assisted execution of arbitrary code 57651 gentoo_GLSA-201201-09.nasl http://nessus.org/plugins/index.php?view=single&id=57651 GLSA-201201-09 : FreeType: Multiple vulnerabilities 57650 gentoo_GLSA-201201-08.nasl http://nessus.org/plugins/index.php?view=single&id=57650 GLSA-201201-08 : FontForge: User-assisted execution of arbitrary code 57649 gentoo_GLSA-201201-07.nasl http://nessus.org/plugins/index.php?view=single&id=57649 GLSA-201201-07 : NX Server Free Edition, NX Node: Privilege escalation 57648 gentoo_GLSA-201201-06.nasl http://nessus.org/plugins/index.php?view=single&id=57648 GLSA-201201-06 : iSCSI Enterprise Target: Arbitrary code execution 57647 freebsd_pkg_7d2336c2460711e19f4700e0815b8da8.nasl http://nessus.org/plugins/index.php?view=single&id=57647 FreeBSD : spamdyke -- Buffer Overflow Vulnerabilities (7d2336c2-4607-11e1-9f47-00e0815b8da8) 57646 freebsd_pkg_3ebb2dc8460911e19f4700e0815b8da8.nasl http://nessus.org/plugins/index.php?view=single&id=57646 FreeBSD : Wireshark -- Multiple vulnerabilities (3ebb2dc8-4609-11e1-9f47-00e0815b8da8) 57645 fedora_2012-0494.nasl http://nessus.org/plugins/index.php?view=single&id=57645 Fedora 16 2012-0494 57644 fedora_2012-0462.nasl http://nessus.org/plugins/index.php?view=single&id=57644 Fedora 15 2012-0462 57643 debian_DSA-2392.nasl http://nessus.org/plugins/index.php?view=single&id=57643 Debian DSA-2392-1 : openssl - out-of-bounds read 57642 centos_RHSA-2012-0033.nasl http://nessus.org/plugins/index.php?view=single&id=57642 CentOS : RHSA-2012-0033 57619 oracle_application_server_pci.nasl http://nessus.org/plugins/index.php?view=single&id=57619 Oracle Application Server Multiple Vulnerabilities _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: NSE: 2, OpenVAS: 25, Nessus: 26 New VA Module Alert Service (Jan 25)