Nmap Development mailing list archives
New VA Modules: MSF: 4, Nessus: 17, OpenVAS: 3
From: New VA Module Alert Service <postmaster () insecure org>
Date: Wed, 1 Oct 2014 10:00:25 +0000 (UTC)
This report describes any new scripts/modules/exploits added to Nmap, Metasploit, Nessus, and OpenVAS since yesterday. == Metasploit modules (4) == 1d07b2bb https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/local/ask.rb Windows Escalate UAC Execute RunAs f2cfbebb https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/misc/hp_nnmi_pmd_bof.rb HP Network Node Manager I PMD Buffer Overflow 1c30c357 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/wp_custom_contact_forms.rb WordPress custom-contact-forms Plugin SQL Upload 030aaa47 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/opmanager_socialit_file_upload.rb ManageEngine OpManager / Social IT Arbitrary File Upload == Nessus plugins (17) == 77988 fortios_FG-IR-14-006.nasl http://nessus.org/plugins/index.php?view=single&id=77988 FortiOS < 4.3.16 / 5.x < 5.0.8 Multiple Vulnerabilities (FG-IR-14-006) 77987 cisco_cucm_CSCum95491.nasl http://nessus.org/plugins/index.php?view=single&id=77987 Cisco Unified Communications Manager 'CTIManager' Vulnerability 77986 proftpd_bash_injection.nasl http://nessus.org/plugins/index.php?view=single&id=77986 GNU Bash Environment Variable Handling Code Injection via ProFTPD (Shellshock) 77985 squid_3_4_7.nasl http://nessus.org/plugins/index.php?view=single&id=77985 Squid 3.x < 3.3.13 / 3.4.7 Request Processing DoS 77984 cisco-sa-20140924-nat.nasl http://nessus.org/plugins/index.php?view=single&id=77984 Cisco IOS Software Network Address Translation (NAT) ALG Module DoS (cisco-sa-20140924-nat) 77983 moodle_2_4_11_mult_xss.nasl http://nessus.org/plugins/index.php?view=single&id=77983 Moodle Multiple XSS 77982 ubuntu_USN-2365-1.nasl http://nessus.org/plugins/index.php?view=single&id=77982 Ubuntu 12.04 LTS / 14.04 : libvncserver vulnerabilities (USN-2365-1) 77981 sl_20140929_xerces_j2_on_SL6_x.nasl http://nessus.org/plugins/index.php?view=single&id=77981 Scientific Linux Security Update : xerces-j2 on SL6.x i386/x86_64 77980 redhat-RHSA-2014-1326.nasl http://nessus.org/plugins/index.php?view=single&id=77980 RHEL 5 / 6 : php53 and php (RHSA-2014:1326) 77979 redhat-RHSA-2014-1319.nasl http://nessus.org/plugins/index.php?view=single&id=77979 RHEL 6 / 7 : xerces-j2 (RHSA-2014:1319) 77978 oraclelinux_ELSA-2014-1319.nasl http://nessus.org/plugins/index.php?view=single&id=77978 Oracle Linux 6 / 7 : xerces-j2 (ELSA-2014-1319) 77977 mandriva_MDVSA-2014-191.nasl http://nessus.org/plugins/index.php?view=single&id=77977 Mandriva Linux Security Advisory : perl-XML-DT (MDVSA-2014:191) 77976 freebsd_pkg_6c083cf8483011e4ae2cc80aa9043978.nasl http://nessus.org/plugins/index.php?view=single&id=77976 FreeBSD : fish -- local privilege escalation and remote code execution (6c083cf8-4830-11e4-ae2c-c80aa9043978) 77975 fedora_2014-11251.nasl http://nessus.org/plugins/index.php?view=single&id=77975 Fedora 21 : nginx-1.6.2-2.fc21 (2014-11251) 77974 fedora_2014-11008.nasl http://nessus.org/plugins/index.php?view=single&id=77974 Fedora 19 : kernel-3.14.19-100.fc19 (2014-11008) 77973 debian_DSA-3039.nasl http://nessus.org/plugins/index.php?view=single&id=77973 Debian DSA-3039-1 : chromium-browser - security update 77972 Slackware_SSA_2014-272-01.nasl http://nessus.org/plugins/index.php?view=single&id=77972 Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : bash (SSA:2014-272-01) == OpenVAS plugins (3) == r725 2014/gb_wp_contact_form_7integrations_mult_xss_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_wp_contact_form_7integrations_mult_xss_vuln.nasl?root=openvas-nvts&view=markup Wordpress Contact Form 7 Integrations Multiple Cross Site Scripting Vulnerabilities r725 2014/gb_wp_infusionsoft_gravity_forms_file_upload_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_wp_infusionsoft_gravity_forms_file_upload_vuln.nasl?root=openvas-nvts&view=markup Wordpress Infusionsoft Gravity Forms Add-on Arbitrary File Upload Vulnerability r726 2014/gb_bash_shellshock_pure-ftpd_remote_cmd_exec_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_bash_shellshock_pure-ftpd_remote_cmd_exec_vuln.nasl?root=openvas-nvts&view=markup GNU Bash Environment Variable Handling Shell Remote Command Execution Vulnerability (Pure-FTPd) _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: MSF: 4, Nessus: 17, OpenVAS: 3 New VA Module Alert Service (Oct 01)