Nmap Development mailing list archives
New VA Modules: MSF: 1, Nessus: 99, OpenVAS: 12
From: New VA Module Alert Service <postmaster () insecure org>
Date: Thu, 16 Oct 2014 10:00:55 +0000 (UTC)
This report describes any new scripts/modules/exploits added to Nmap, Metasploit, Nessus, and OpenVAS since yesterday. == Metasploit modules (1) == 534a5d96 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/local/bthpan.rb BthPan.sys Privilege Escalation == Nessus plugins (99) == 78482 oracle_java_cpu_oct_2014_unix.nasl http://nessus.org/plugins/index.php?view=single&id=78482 Oracle Java SE Multiple Vulnerabilities (October 2014 CPU) (Unix) 78481 oracle_java_cpu_oct_2014.nasl http://nessus.org/plugins/index.php?view=single&id=78481 Oracle Java SE Multiple Vulnerabilities (October 2014 CPU) 78480 coldfusion_win_apsb14-23.nasl http://nessus.org/plugins/index.php?view=single&id=78480 Adobe ColdFusion Multiple Vulnerabilities (APSB14-23) (credentialed check) 78479 ssl_poodle.nasl http://nessus.org/plugins/index.php?view=single&id=78479 SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE) 78478 oracle_jrockit_cpu_oct_2014.nasl http://nessus.org/plugins/index.php?view=single&id=78478 Oracle JRockit R27.8.3 / R28.3.3 Multiple Vulnerabilities (October 2014 CPU) 78477 mysql_5_6_21.nasl http://nessus.org/plugins/index.php?view=single&id=78477 MySQL 5.5.x < 5.5.40 / 5.6.x < 5.6.21 Multiple Vulnerabilities (October 2014 CPU) 78476 macosx_google_chrome_38_0_2125_104.nasl http://nessus.org/plugins/index.php?view=single&id=78476 Google Chrome < 38.0.2125.104 Multiple Vulnerabilities (Mac OS X) 78475 google_chrome_38_0_2125_104.nasl http://nessus.org/plugins/index.php?view=single&id=78475 Google Chrome < 38.0.2125.104 Multiple Vulnerabilities 78474 mozilla_thunderbird_31_2.nasl http://nessus.org/plugins/index.php?view=single&id=78474 Mozilla Thunderbird < 31.2 Multiple Vulnerabilities 78473 mozilla_firefox_33.nasl http://nessus.org/plugins/index.php?view=single&id=78473 Firefox < 33.0 Multiple Vulnerabilities 78472 mozilla_firefox_31_2_esr.nasl http://nessus.org/plugins/index.php?view=single&id=78472 Firefox ESR 31.x < 31.2 Multiple Vulnerabilities 78471 macosx_thunderbird_31_2.nasl http://nessus.org/plugins/index.php?view=single&id=78471 Mozilla Thunderbird < 31.2 Multiple Vulnerabilities (Mac OS X) 78470 macosx_firefox_33.nasl http://nessus.org/plugins/index.php?view=single&id=78470 Firefox < 33.0 Multiple Vulnerabilities (Mac OS X) 78469 macosx_firefox_31_2_esr.nasl http://nessus.org/plugins/index.php?view=single&id=78469 Firefox ESR 31.x < 31.2 Multiple Vulnerabilities (Mac OS X) 78468 ubuntu_USN-2383-1.nasl http://nessus.org/plugins/index.php?view=single&id=78468 Ubuntu 10.04 LTS / 12.04 LTS / 14.04 : wpa, wpasupplicant vulnerability (USN-2383-1) 78467 ubuntu_USN-2382-1.nasl http://nessus.org/plugins/index.php?view=single&id=78467 Ubuntu 14.04 : requests vulnerabilities (USN-2382-1) 78466 ubuntu_USN-2372-1.nasl http://nessus.org/plugins/index.php?view=single&id=78466 Ubuntu 12.04 LTS / 14.04 : firefox vulnerabilities (USN-2372-1) 78465 ubuntu_USN-2345-1.nasl http://nessus.org/plugins/index.php?view=single&id=78465 Ubuntu 14.04 : oxide-qt vulnerabilities (USN-2345-1) 78464 suse_11_rsyslog-141006.nasl http://nessus.org/plugins/index.php?view=single&id=78464 SuSE 11.3 Security Update : rsyslog (SAT Patch Number 9840) 78463 solaris_oct2014_SRU11_1_20_5_0.nasl http://nessus.org/plugins/index.php?view=single&id=78463 Oracle Solaris Critical Patch Update : oct2014_SRU11_1_20_5_0 78462 solaris_oct2014_11_2SRU0.nasl http://nessus.org/plugins/index.php?view=single&id=78462 Oracle Solaris Critical Patch Update : oct2014_11_2SRU0 78461 solaris_jan2013_SRU11_1_2_5_0.nasl http://nessus.org/plugins/index.php?view=single&id=78461 Oracle Solaris Critical Patch Update : jan2013_SRU11_1_2_5_0 78460 sl_20141013_rsyslog_on_SL7_x.nasl http://nessus.org/plugins/index.php?view=single&id=78460 Scientific Linux Security Update : rsyslog on SL7.x x86_64 78459 redhat-RHSA-2014-1636.nasl http://nessus.org/plugins/index.php?view=single&id=78459 RHEL 6 : java-1.8.0-openjdk (RHSA-2014:1636) 78458 redhat-RHSA-2014-1635.nasl http://nessus.org/plugins/index.php?view=single&id=78458 RHEL 5 / 6 / 7 : firefox (RHSA-2014:1635) 78457 redhat-RHSA-2014-1634.nasl http://nessus.org/plugins/index.php?view=single&id=78457 RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2014:1634) 78456 redhat-RHSA-2014-1633.nasl http://nessus.org/plugins/index.php?view=single&id=78456 RHEL 5 : java-1.7.0-openjdk (RHSA-2014:1633) 78455 redhat-RHSA-2014-1620.nasl http://nessus.org/plugins/index.php?view=single&id=78455 RHEL 6 / 7 : java-1.7.0-openjdk (RHSA-2014:1620) 78454 oraclelinux_ELSA-2014-1634.nasl http://nessus.org/plugins/index.php?view=single&id=78454 Oracle Linux 7 : java-1.6.0-openjdk (ELSA-2014-1634) 78453 openSUSE-2014-588.nasl http://nessus.org/plugins/index.php?view=single&id=78453 openSUSE Security Update : python (openSUSE-SU-2014:1292-1) 78452 openSUSE-2014-587.nasl http://nessus.org/plugins/index.php?view=single&id=78452 openSUSE Security Update : claws-mail (openSUSE-SU-2014:1291-1) 78451 openSUSE-2014-586.nasl http://nessus.org/plugins/index.php?view=single&id=78451 openSUSE Security Update : libvirt (openSUSE-SU-2014:1290-1) 78450 openSUSE-2014-585.nasl http://nessus.org/plugins/index.php?view=single&id=78450 openSUSE Security Update : libvirt (openSUSE-SU-2014:1293-1) 78449 debian_DSA-3049.nasl http://nessus.org/plugins/index.php?view=single&id=78449 Debian DSA-3049-1 : wireshark - security update 78448 ala_ALAS-2014-425.nasl http://nessus.org/plugins/index.php?view=single&id=78448 Amazon Linux AMI : python-oauth2 (ALAS-2014-425) 78447 smb_kb3009008.nasl http://nessus.org/plugins/index.php?view=single&id=78447 MS Security Advisory 3009008: Vulnerability in SSL 3.0 Could Allow Information Disclosure 78446 smb_kb2977292.nasl http://nessus.org/plugins/index.php?view=single&id=78446 Update for Microsoft EAP Implementation that Enables the Use of TLS 78445 smb_kb2949927.nasl http://nessus.org/plugins/index.php?view=single&id=78445 MS KB2949927: Availability of SHA-2 Hashing Algorithm for Windows 7 and Windows Server 2008 R2 78444 smb_kb3001237.nasl http://nessus.org/plugins/index.php?view=single&id=78444 MS KB3001237: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 78443 macosx_flash_player_15_0_0_189.nasl http://nessus.org/plugins/index.php?view=single&id=78443 Flash Player for Mac <= 15.0.0.167 Multiple Vulnerabilities (APSB14-22) 78442 macosx_adobe_air_15_0_0_293.nasl http://nessus.org/plugins/index.php?view=single&id=78442 Adobe AIR for Mac <= 15.0.0.249 Multiple Vulnerabilities (APSB14-21) 78441 flash_player_apsb14-22.nasl http://nessus.org/plugins/index.php?view=single&id=78441 Flash Player <= 15.0.0.167 Multiple Vulnerabilities (APSB14-22) 78440 adobe_air_apsb14-22.nasl http://nessus.org/plugins/index.php?view=single&id=78440 Adobe AIR <= AIR 15.0.0.249 Multiple Vulnerabilities (APSB14-22) 78439 smb_nt_ms14-063.nasl http://nessus.org/plugins/index.php?view=single&id=78439 MS14-063: Vulnerability in FAT32 Disk Partition Driver Could Allow Elevation of Privilege (2998579) 78438 smb_nt_ms14-062.nasl http://nessus.org/plugins/index.php?view=single&id=78438 MS14-062: Vulnerability in Message Queuing Service Could Allow Elevation of Privilege (2993254) 78437 smb_nt_ms14-061.nasl http://nessus.org/plugins/index.php?view=single&id=78437 MS14-061: Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3000434) 78436 macosx_ms14-061.nasl http://nessus.org/plugins/index.php?view=single&id=78436 MS14-061: Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3000434) 78435 smb_nt_ms14-060.nasl http://nessus.org/plugins/index.php?view=single&id=78435 MS14-060: Vulnerability in Windows OLE Could Allow Remote Code Execution (3000869) 78434 smb_nt_ms14-059.nasl http://nessus.org/plugins/index.php?view=single&id=78434 MS14-059: Vulnerability in ASP.NET MVC Could Allow Security Feature Bypass (2990942) 78433 smb_nt_ms14-058.nasl http://nessus.org/plugins/index.php?view=single&id=78433 MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution (3000061) 78432 smb_nt_ms14-057.nasl http://nessus.org/plugins/index.php?view=single&id=78432 MS14-057: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (3000414) 78431 smb_nt_ms14-056.nasl http://nessus.org/plugins/index.php?view=single&id=78431 MS14-056: Cumulative Security Update for Internet Explorer (2987107) 78430 zxshell_detect.nasl http://nessus.org/plugins/index.php?view=single&id=78430 ZXShell Malware Services Detection 78429 hikit_detect.nasl http://nessus.org/plugins/index.php?view=single&id=78429 Hikit Backdoor Detection 78428 rsync_writeable.nasl http://nessus.org/plugins/index.php?view=single&id=78428 rsync Writeable Module Detection 78427 f5_rsync_rce.nasl http://nessus.org/plugins/index.php?view=single&id=78427 F5 Networks rsync Remote Code Execution 78426 juniper_jsa10655.nasl http://nessus.org/plugins/index.php?view=single&id=78426 Juniper Junos em Interface Fragmentation Remote DoS (JSA10655) 78425 juniper_jsa10654.nasl http://nessus.org/plugins/index.php?view=single&id=78425 Juniper Junos RADIUS Security Bypass (JSA10654) 78424 juniper_jsa10653.nasl http://nessus.org/plugins/index.php?view=single&id=78424 Juniper Junos BGP UPDATE 'rpd' Remote DoS (JSA10653) 78423 juniper_jsa10652.nasl http://nessus.org/plugins/index.php?view=single&id=78423 Juniper Junos RSVP 'rpd' Remote DoS (JSA10652) 78422 juniper_jsa10651.nasl http://nessus.org/plugins/index.php?view=single&id=78422 Juniper JunosE Malformed ICMP Remote DoS (JSA10651) 78421 juniper_jsa10650.nasl http://nessus.org/plugins/index.php?view=single&id=78421 Juniper Junos SRX Series ALG 'flowd' Remote DoS (JSA10650) 78420 juniper_jsa10649.nasl http://nessus.org/plugins/index.php?view=single&id=78420 Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10649) 78419 sl_20140930_php53_and_php_on_SL5_x.nasl http://nessus.org/plugins/index.php?view=single&id=78419 Scientific Linux Security Update : php53 and php on SL5.x, SL6.x i386/x86_64 78418 sl_20140916_krb5_on_SL5_x.nasl http://nessus.org/plugins/index.php?view=single&id=78418 Scientific Linux Security Update : krb5 on SL5.x i386/x86_64 78417 sl_20140916_conga_on_SL5_x.nasl http://nessus.org/plugins/index.php?view=single&id=78417 Scientific Linux Security Update : conga on SL5.x i386/x86_64 78416 sl_20140916_bind97_on_SL5_x.nasl http://nessus.org/plugins/index.php?view=single&id=78416 Scientific Linux Security Update : bind97 on SL5.x i386/x86_64 78415 redhat-RHSA-2014-1626.nasl http://nessus.org/plugins/index.php?view=single&id=78415 RHEL 6 : chromium-browser (RHSA-2014:1626) 78414 redhat-RHSA-2014-1606.nasl http://nessus.org/plugins/index.php?view=single&id=78414 RHEL 6 : file (RHSA-2014:1606) 78413 redhat-RHSA-2014-1552.nasl http://nessus.org/plugins/index.php?view=single&id=78413 RHEL 6 : openssh (RHSA-2014:1552) 78412 redhat-RHSA-2014-1507.nasl http://nessus.org/plugins/index.php?view=single&id=78412 RHEL 6 : trousers (RHSA-2014:1507) 78411 redhat-RHSA-2014-1436.nasl http://nessus.org/plugins/index.php?view=single&id=78411 RHEL 6 : X11 client libraries (RHSA-2014:1436) 78410 redhat-RHSA-2014-1397.nasl http://nessus.org/plugins/index.php?view=single&id=78410 RHEL 7 : rsyslog (RHSA-2014:1397) 78409 redhat-RHSA-2014-1392.nasl http://nessus.org/plugins/index.php?view=single&id=78409 RHEL 6 : kernel (RHSA-2014:1392) 78408 redhat-RHSA-2014-1391.nasl http://nessus.org/plugins/index.php?view=single&id=78408 RHEL 6 : glibc (RHSA-2014:1391) 78407 redhat-RHSA-2014-1390.nasl http://nessus.org/plugins/index.php?view=single&id=78407 RHEL 6 : luci (RHSA-2014:1390) 78406 redhat-RHSA-2014-1389.nasl http://nessus.org/plugins/index.php?view=single&id=78406 RHEL 6 : krb5 (RHSA-2014:1389) 78405 redhat-RHSA-2014-1388.nasl http://nessus.org/plugins/index.php?view=single&id=78405 RHEL 6 : cups (RHSA-2014:1388) 78404 oraclelinux_ELSA-2014-1397.nasl http://nessus.org/plugins/index.php?view=single&id=78404 Oracle Linux 7 : rsyslog (ELSA-2014-1397) 78403 fedora_2014-12507.nasl http://nessus.org/plugins/index.php?view=single&id=78403 Fedora 20 : openjpeg-1.5.1-13.fc20 (2014-12507) 78402 fedora_2014-12263.nasl http://nessus.org/plugins/index.php?view=single&id=78402 Fedora 20 : mediawiki-1.23.5-1.fc20 (2014-12263) 78401 fedora_2014-12262.nasl http://nessus.org/plugins/index.php?view=single&id=78401 Fedora 19 : mediawiki-1.23.5-1.fc19 (2014-12262) 78400 fedora_2014-10794.nasl http://nessus.org/plugins/index.php?view=single&id=78400 Fedora 19 : squid-3.3.13-2.fc19 (2014-10794) 78399 fedora_2014-10790.nasl http://nessus.org/plugins/index.php?view=single&id=78399 Fedora 20 : squid-3.3.13-2.fc20 (2014-10790) 78398 fedora_2014-10767.nasl http://nessus.org/plugins/index.php?view=single&id=78398 Fedora 21 : squid-3.4.7-2.fc21 (2014-10767) 78397 centos_RHSA-2014-1397.nasl http://nessus.org/plugins/index.php?view=single&id=78397 CentOS 7 : rsyslog (CESA-2014:1397) 78396 centos_RHSA-2014-1255.nasl http://nessus.org/plugins/index.php?view=single&id=78396 CentOS 5 : krb5 (CESA-2014:1255) 78395 solaris11_bash_2014_10_07.nasl http://nessus.org/plugins/index.php?view=single&id=78395 Oracle third party patch update : bash_2014_10_07 78394 tibco_spotfire_server_unsupported.nasl http://nessus.org/plugins/index.php?view=single&id=78394 TIBCO Spotfire Server Unsupported Version Detection 78393 tibco_spotfire_server_6_5_1.nasl http://nessus.org/plugins/index.php?view=single&id=78393 TIBCO Spotfire Server Authentication Module Unspecified Privilege Escalation 78392 tibco_spotfire_server_6_0_2.nasl http://nessus.org/plugins/index.php?view=single&id=78392 TIBCO Spotfire Server Authentication Module Unspecified Remote Code Execution 78391 tibco_spotfire_analytics_server_10_1_2.nasl http://nessus.org/plugins/index.php?view=single&id=78391 TIBCO Spotfire Analytics Server Authentication Module Unspecified Information Disclosure 78390 tibco_spotfire_analytics_server_10_1_1.nasl http://nessus.org/plugins/index.php?view=single&id=78390 TIBCO Spotfire Analytics Server Web Application Multiple Vulnerabilities 78386 nginx_1_7_5.nasl http://nessus.org/plugins/index.php?view=single&id=78386 nginx < 1.6.2 / 1.7.5 SSL Session Reuse 78385 bash_cve_2014_7169.nasl http://nessus.org/plugins/index.php?view=single&id=78385 Bash Incomplete Fix Remote Code Execution Vulnerability (Shellshock) cisco_imc_detect.nbin cisco_imc_webui_detect.nbin rsync.inc tibco_spotfire_server_detect.nbin == OpenVAS plugins (12) == r747 2014/gb_ms14-059.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-059.nasl?root=openvas-nvts&view=markup ASP.NET MVC Security Feature Bypass Vulnerability (2990942) r747 2014/gb_ms_winword_ms14-061.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms_winword_ms14-061.nasl?root=openvas-nvts&view=markup Microsoft Office Word Remote Code Execution Vulnerability (3000434) r747 2014/gb_ms14-061_macosx.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-061_macosx.nasl?root=openvas-nvts&view=markup Microsoft Office Word Remote Code Execution Vulnerability-3000434 (Mac OS X) r747 2014/gb_ms_office_web_apps_ms14-061.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms_office_web_apps_ms14-061.nasl?root=openvas-nvts&view=markup Microsoft Office Web Apps Memory Corruption Vulnerability (3000434) r747 2014/gb_sharepoint_server_was_ms14-061.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_sharepoint_server_was_ms14-061.nasl?root=openvas-nvts&view=markup Microsoft SharePoint Server WAS Memory Corruption Vulnerability (3000434) r747 2014/gb_ms_office_and_compat_pack_ms14-061.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms_office_and_compat_pack_ms14-061.nasl?root=openvas-nvts&view=markup Microsoft Office and Compatibility Pack Remote Code Execution Vulnerability (3000434) r747 2014/gb_ms14-060.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-060.nasl?root=openvas-nvts&view=markup Windows OLE Object Handling Arbitrary Code Execution Vulnerability (3000869) r747 2014/gb_ms14-062.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-062.nasl?root=openvas-nvts&view=markup Microsoft Windows Message Queuing Service Privilege Escalation Vulnerability (2993254) r747 2014/gb_ms14-063.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-063.nasl?root=openvas-nvts&view=markup Microsoft Windows FAT32 Disk Partition Driver Privilege Escalation Vulnerability (2998579) r747 2014/gb_ms14-056.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-056.nasl?root=openvas-nvts&view=markup Microsoft Internet Explorer Multiple Vulnerabilities (2987107) r747 2014/gb_ms14-057.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-057.nasl?root=openvas-nvts&view=markup Microsoft .NET Framework Remote Code Execution Vulnerability (3000414) r747 2014/gb_ms14-058.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-058.nasl?root=openvas-nvts&view=markup MS Windows Kernel-Mode Driver Privilege Escalation and RCE Vulnerabilities (3000061) _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: MSF: 1, Nessus: 99, OpenVAS: 12 New VA Module Alert Service (Oct 16)