New VA Modules: OpenVAS: 14, MSF: 1, Nessus: 12

[New VA Module Alert Service <postmaster () insecure org>]

This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== OpenVAS plugins (14) ==

r10611 801909 gb_kodak_insite_multiple_xss.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_kodak_insite_multiple_xss.nasl?root=openvas&view=markup
Kodak InSite Multiple Cross Site Scripting Vulnerabilities

r10611 902352 secpod_otrs_xss_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_otrs_xss_vuln.nasl?root=openvas&view=markup
Open Ticket Request System (OTRS) 'AgentTicketZoom' Cross-site scripting
Vulnerability

r10611 902356 secpod_php_use_after_free_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_php_use_after_free_vuln.nasl?root=openvas&view=markup
PHP 'substr_replace()' Use After Free Vulnerability

r10611 801765 gb_ruby_rails_logfile_inj_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ruby_rails_logfile_inj_vuln.nasl?root=openvas&view=markup
Ruby on Rails Logfile Injection Vulnerability

r10611 802010 gb_nostromo_nhttpd_web_server_dir_trav_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_nostromo_nhttpd_web_server_dir_trav_vuln.nasl?root=openvas&view=markup
Nostromo nhttpd Webserver Directory Traversal Vulnerability

r10611 801766 gb_otrs_cmd_exec_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_otrs_cmd_exec_vuln.nasl?root=openvas&view=markup
Open Ticket Request System (OTRS) Command Execution Vulnerability

r10611 801861 gb_ibm_was_mult_vuln_mar11.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ibm_was_mult_vuln_mar11.nasl?root=openvas&view=markup
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities - March
2011

r10611 801862 gb_ibm_was_mult_vuln_mar11_01.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ibm_was_mult_vuln_mar11_01.nasl?root=openvas&view=markup
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 01 -
March 2011

r10611 801863 gb_ibm_was_mult_vuln_mar11_02.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ibm_was_mult_vuln_mar11_02.nasl?root=openvas&view=markup
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 02 -
March 2011

r10611 802008 gb_wordpress_php_speedy_plugin_code_exec_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_wordpress_php_speedy_plugin_code_exec_vuln.nasl?root=openvas&view=markup
WordPress PHP Speedy Plugin 'page' Parameter Remote PHP Code Execution
Vulnerability

r10611 801908 gb_wordpress_processing_embed_plugin_xss.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_wordpress_processing_embed_plugin_xss.nasl?root=openvas&view=markup
WordPress Processing Embed Plugin 'pluginurl' Parameter Cross Site
Scripting Vulnerability

r10611 801764 gb_pidgin_ymsg_dos_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_pidgin_ymsg_dos_vuln_win.nasl?root=openvas&view=markup
Pidgin Yahoo Protocol 'YMSG' NULL Pointer Dereference Denial of Service
Vulnerability (Win)

r10611 801867 gb_apple_safari_webkit_mult_vuln_mar11.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_apple_safari_webkit_mult_vuln_mar11.nasl?root=openvas&view=markup
Apple Safari Webkit Multiple Vulnerabilities - March 2011

r10611 801864 gb_ibm_was_sec_bypass_vuln_mar11.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ibm_was_sec_bypass_vuln_mar11.nasl?root=openvas&view=markup
IBM WebSphere Application Server (WAS) Security Bypass Vulnerability -
March 2011

== Metasploit modules (1) ==

r12067 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/drb_syscall_linux_32.rb
Distributed Ruby send syscall vulnerability.

== Nessus plugins (12) ==

52752 suse_java-1_6_0-ibm-7369.nasl
http://nessus.org/plugins/index.php?view=single&id=52752
SuSE Security Update: Security update for java-1_6_0-ibm,
java-1_6_0-ibm-32bit, java-1_6_0-ibm-64bit, java-1_6_0-ibm-alsa,
java-1_6_0-ibm-alsa-32bit, java-1_6_0-ibm-demo, java-1_6_0-ibm-devel,
java-1_6_0-ibm-devel-32bit, java-1_6_0-ibm-fonts, java-1_6_0-ibm-jdbc,
java-1_6_0-ibm-jdbc-32bit, java-1_6_0-ibm-jdbc-64bit,
java-1_6_0-ibm-plugin, java-1_6_0-ibm-plugin-32bit, java-1_6_0-ibm-src
(java-1_6_0-ibm-7369)

52751 suse_11_java-1_6_0-ibm-110307.nasl
http://nessus.org/plugins/index.php?view=single&id=52751
SuSE Security Update: java-1_6_0-ibm (2011-03-07)

52750 redhat-RHSA-2011-0370.nasl
http://nessus.org/plugins/index.php?view=single&id=52750
RHSA-2011-0370: wireshark

52749 redhat-RHSA-2011-0369.nasl
http://nessus.org/plugins/index.php?view=single&id=52749
RHSA-2011-0369: wireshark

52748 mandriva_MDVSA-2011-050.nasl
http://nessus.org/plugins/index.php?view=single&id=52748
MDVSA-2011:050: pidgin

52747 mandriva_MDVSA-2011-049.nasl
http://nessus.org/plugins/index.php?view=single&id=52747
MDVSA-2011:049: vsftpd

52746 fedora_2011-3547.nasl
http://nessus.org/plugins/index.php?view=single&id=52746
Fedora 15 2011-3547

52745 fedora_2011-3408.nasl
http://nessus.org/plugins/index.php?view=single&id=52745
Fedora 15 2011-3408

52744 fedora_2011-2125.nasl
http://nessus.org/plugins/index.php?view=single&id=52744
Fedora 13 2011-2125

52743 fedora_2011-2102.nasl
http://nessus.org/plugins/index.php?view=single&id=52743
Fedora 14 2011-2102

52742 fedora_2011-2030.nasl
http://nessus.org/plugins/index.php?view=single&id=52742
Fedora 15 2011-2030

52741 debian_DSA-2197.nasl
http://nessus.org/plugins/index.php?view=single&id=52741
[DSA2197] DSA-2197-1 quagga
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/