RE: New VA Modules: MSF: 1, Nessus: 22, OpenVAS: 44

["HD Moore" <x () hdm io>]

The dev.metasploit.com URL format (Redmine) is going away soon as well. We are
retiring Redmine in favor of Github issues. The best source to track Metasploit
development is the Github repository.

-HD

> -----Original Message-----
> From: dev [mailto:dev-bounces () nmap org] On Behalf Of Seth Art
> Sent: Wednesday, December 10, 2014 2:45 PM
> To: dev () nmap org
> Subject: Re: New VA Modules: MSF: 1, Nessus: 22, OpenVAS: 44
>
> I think the script that generates this report is getting stuck on the
> sandworm MS014-060 metasploit module for some reason.   If you look
> back at these emails for the past month, this modules shows as updated
> almost every time.   Just a heads up.
>
> -Seth
>
> On Wed, Dec 10, 2014 at 5:02 AM, New VA Module Alert Service
> <postmaster () insecure org> wrote:
> > This report describes any new scripts/modules/exploits added to Nmap,
> > Metasploit, Nessus, and OpenVAS since yesterday.
> >
> > == Metasploit modules (1) ==
> >
> > e4064279
> https://dev.metasploit.com/redmine/projects/framework/repository/entry/mo
> dules/exploits/windows/fileformat/ms14_060_sandworm.rb
> > MS14-060 Microsoft Windows OLE Package Manager Code Execution
> >
> > == Nessus plugins (22) ==
> >
> > 79826 mariadb_5_5_37.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79826
> > MariaDB 5.5 < 5.5.37 Multiple Vulnerabilities
> >
> > 79825 ubuntu_USN-2435-1.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79825
> > Ubuntu 10.04 LTS / 12.04 LTS / 14.04 / 14.10 : graphviz vulnerability
> > (USN-2435-1)
> >
> > 79824 ubuntu_USN-2434-2.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79824
> > Ubuntu 10.04 LTS : ghostscript vulnerability (USN-2434-2)
> >
> > 79823 ubuntu_USN-2434-1.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79823
> > Ubuntu 12.04 LTS / 14.04 / 14.10 : jasper vulnerability (USN-2434-1)
> >
> > 79822 suse_11_openvpn-141203.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79822
> > SuSE 11.3 Security Update : OpenVPN (SAT Patch Number 10061)
> >
> > 79821 openSUSE-2014-759.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79821
> > openSUSE Security Update : openvpn (openSUSE-SU-2014:1594-1)
> >
> > 79820 openSUSE-2014-758.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79820
> > openSUSE Security Update : ruby19 (openSUSE-SU-2014:1589-1)
> >
> > 79819 openSUSE-2014-757.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79819
> > openSUSE Security Update : docker (openSUSE-SU-2014:1596-1)
> >
> > 79818 openSUSE-2014-756.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79818
> > openSUSE Security Update : flac (openSUSE-SU-2014:1588-1)
> >
> > 79817 openSUSE-2014-755.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79817
> > openSUSE Security Update : icecast (openSUSE-SU-2014:1593-1)
> >
> > 79816 openSUSE-2014-754.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79816
> > openSUSE Security Update : icecast (openSUSE-SU-2014:1591-1)
> >
> > 79815 openSUSE-2014-753.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79815
> > openSUSE Security Update : apache2-mod_wsgi (openSUSE-SU-2014:1590-1)
> >
> > 79814 gentoo_GLSA-201412-04.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79814
> > GLSA-201412-04 : libvirt: Multiple vulnerabilities
> >
> > 79813 gentoo_GLSA-201412-03.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79813
> > GLSA-201412-03 : Dovecot: Denial of Service
> >
> > 79812 gentoo_GLSA-201412-02.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79812
> > GLSA-201412-02 : nfs-utils: Information disclosure
> >
> > 79811 gentoo_GLSA-201412-01.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79811
> > GLSA-201412-01 : QEMU: Multiple Vulnerabilities
> >
> > 79810 freebsd_pkg_10d735297f4b11e4af6600215af774f0.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79810
> > FreeBSD : unbound -- can be tricked into following an endless series of
> > delegations, this consumes a lot of resources
> > (10d73529-7f4b-11e4-af66-00215af774f0)
> >
> > 79809 f5_bigip_SOL15882.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79809
> > F5 Networks BIG-IP : TLS1.x padding vulnerability (SOL15882)
> >
> > 79808 debian_DSA-3094.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79808
> > Debian DSA-3094-1 : bind9 - security update
> >
> > 79807 debian_DSA-3093.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79807
> > Debian DSA-3093-1 : linux - security update
> >
> > 79806 debian_DSA-3092.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79806
> > Debian DSA-3092-1 : icedove - security update
> >
> > 79805 debian_DSA-3091.nasl
> > http://nessus.org/plugins/index.php?view=single&id=79805
> > Debian DSA-3091-1 : getmail4 - security update
> >
> > == OpenVAS plugins (44) ==
> >
> > r860 2014/gb_drupal_session_hijacking_vuln.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_drupal_session_
> hijacking_vuln.nasl?root=openvas-nvts&view=markup
> > Drupal Session Hijacking Vulnerability
> >
> > r860 2014/gb_drupal_pw_hashing_dos_vuln.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_drupal_pw_hashi
> ng_dos_vuln.nasl?root=openvas-nvts&view=markup
> > Drupal Password Hashing Denial of Service Vulnerability
> >
> > r862 2014/gb_fedora_2014_15130_kwebkitpart_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_151
> 30_kwebkitpart_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for kwebkitpart FEDORA-2014-15130
> >
> > r862 2014/gb_fedora_2014_16242_thunderbird_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_162
> 42_thunderbird_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for thunderbird FEDORA-2014-16242
> >
> > r862 2014/gb_fedora_2014_16259_thunderbird_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_162
> 59_thunderbird_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for thunderbird FEDORA-2014-16259
> >
> > r862 2014/gb_fedora_2014_15528_drupal7_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_155
> 28_drupal7_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for drupal7 FEDORA-2014-15528
> >
> > r862 2014/gb_fedora_2014_15515_drupal6_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_155
> 15_drupal6_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for drupal6 FEDORA-2014-15515
> >
> > r862 2014/gb_fedora_2014_15124_kwebkitpart_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_151
> 24_kwebkitpart_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for kwebkitpart FEDORA-2014-15124
> >
> > r862 2014/gb_fedora_2014_14838_avr-binutils_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_148
> 38_avr-binutils_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for avr-binutils FEDORA-2014-14838
> >
> > r862 703091 2014/deb_3091.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/deb_3091.nasl?root=
> openvas-nvts&view=markup
> > Debian Security Advisory DSA 3091-1 (getmail4 - security update)
> >
> > r862 2014/gb_fedora_2014_15244_wireshark_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_152
> 44_wireshark_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for wireshark FEDORA-2014-15244
> >
> > r862 703093 2014/deb_3093.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/deb_3093.nasl?root=
> openvas-nvts&view=markup
> > Debian Security Advisory DSA 3093-1 (linux - security update)
> >
> > r862 2014/gb_fedora_2014_15526_wordpress_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_155
> 26_wordpress_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for wordpress FEDORA-2014-15526
> >
> > r862 703087 2014/deb_3087.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/deb_3087.nasl?root=
> openvas-nvts&view=markup
> > Debian Security Advisory DSA 3087-1 (qemu - security update)
> >
> > r862 703089 2014/deb_3089.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/deb_3089.nasl?root=
> openvas-nvts&view=markup
> > Debian Security Advisory DSA 3089-1 (jasper - security update)
> >
> > r862 2014/gb_fedora_2014_15701_teeworlds_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_157
> 01_teeworlds_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for teeworlds FEDORA-2014-15701
> >
> > r862 2014/gb_fedora_2014_15373_lsyncd_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_153
> 73_lsyncd_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for lsyncd FEDORA-2014-15373
> >
> > r862 2014/gb_fedora_2014_16016_util-linux_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_160
> 16_util-linux_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for util-linux FEDORA-2014-16016
> >
> > r862 2014/gb_fedora_2014_16259_firefox_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_162
> 59_firefox_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for firefox FEDORA-2014-16259
> >
> > r862 2014/gb_fedora_2014_16242_firefox_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_162
> 42_firefox_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for firefox FEDORA-2014-16242
> >
> > r862 2014/gb_fedora_2014_16258_flac_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_162
> 58_flac_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for flac FEDORA-2014-16258
> >
> > r862 2014/gb_fedora_2014_15847_libksba_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_158
> 47_libksba_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for libksba FEDORA-2014-15847
> >
> > r862 2014/gb_suse_2014_1560_1.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_suse_2014_1560
> _1.nasl?root=openvas-nvts&view=markup
> > SuSE Update for clamav openSUSE-SU-2014:1560-1 (clamav)
> >
> > r862 2014/gb_fedora_2014_15519_drupal6_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_155
> 19_drupal6_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for drupal6 FEDORA-2014-15519
> >
> > r862 2014/gb_fedora_2014_15733_teeworlds_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_157
> 33_teeworlds_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for teeworlds FEDORA-2014-15733
> >
> > r862 2014/gb_fedora_2014_14874_arm-none-eabi-binutils-cs_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_148
> 74_arm-none-eabi-binutils-cs_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for arm-none-eabi-binutils-cs FEDORA-2014-14874
> >
> > r862 2014/gb_fedora_2014_7496_readline_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_749
> 6_readline_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for readline FEDORA-2014-7496
> >
> > r862 2014/gb_fedora_2014_15522_drupal7_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_155
> 22_drupal7_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for drupal7 FEDORA-2014-15522
> >
> > r862 2014/gb_fedora_2014_15841_hivex_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_158
> 41_hivex_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for hivex FEDORA-2014-15841
> >
> > r862 2014/gb_fedora_2014_14963_avr-binutils_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_149
> 63_avr-binutils_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for avr-binutils FEDORA-2014-14963
> >
> > r862 2014/gb_fedora_2014_15838_libksba_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_158
> 38_libksba_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for libksba FEDORA-2014-15838
> >
> > r862 2014/gb_suse_2014_1594_1.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_suse_2014_1594
> _1.nasl?root=openvas-nvts&view=markup
> > SuSE Update for openvpn openSUSE-SU-2014:1594-1 (openvpn)
> >
> > r862 2014/gb_fedora_2014_15507_wordpress_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_155
> 07_wordpress_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for wordpress FEDORA-2014-15507
> >
> > r862 2014/gb_fedora_2014_15812_graphviz_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_158
> 12_graphviz_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for graphviz FEDORA-2014-15812
> >
> > r862 2014/gb_fedora_2014_15549_tcpdump_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_155
> 49_tcpdump_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for tcpdump FEDORA-2014-15549
> >
> > r862 2014/gb_fedora_2014_14791_mariadb-galera_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_147
> 91_mariadb-galera_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for mariadb-galera FEDORA-2014-14791
> >
> > r862 703090 2014/deb_3090.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/deb_3090.nasl?root=
> openvas-nvts&view=markup
> > Debian Security Advisory DSA 3090-1 (iceweasel - security update)
> >
> > r862 2014/gb_fedora_2014_15833_hivex_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_158
> 33_hivex_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for hivex FEDORA-2014-15833
> >
> > r862 703092 2014/deb_3092.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/deb_3092.nasl?root=
> openvas-nvts&view=markup
> > Debian Security Advisory DSA 3092-1 (icedove - security update)
> >
> > r862 2014/gb_fedora_2014_15393_lsyncd_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_153
> 93_lsyncd_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for lsyncd FEDORA-2014-15393
> >
> > r862 2014/gb_fedora_2014_15811_graphviz_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_158
> 11_graphviz_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for graphviz FEDORA-2014-15811
> >
> > r862 703088 2014/deb_3088.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/deb_3088.nasl?root=
> openvas-nvts&view=markup
> > Debian Security Advisory DSA 3088-1 (qemu-kvm - security update)
> >
> > r862 2014/gb_fedora_2014_14833_arm-none-eabi-binutils-cs_fc20.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_148
> 33_arm-none-eabi-binutils-cs_fc20.nasl?root=openvas-nvts&view=markup
> > Fedora Update for arm-none-eabi-binutils-cs FEDORA-2014-14833
> >
> > r862 2014/gb_fedora_2014_5896_nrpe_fc19.nasl
> https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_fedora_2014_589
> 6_nrpe_fc19.nasl?root=openvas-nvts&view=markup
> > Fedora Update for nrpe FEDORA-2014-5896
> > _______________________________________________
> > Sent through the dev mailing list
> > http://nmap.org/mailman/listinfo/dev
> > Archived at http://seclists.org/nmap-dev/
> _______________________________________________
> Sent through the dev mailing list
> http://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/