New VA Modules: OpenVAS: 13, MSF: 2, Nessus: 14

[New VA Module Alert Service <postmaster () insecure org>]

This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== OpenVAS plugins (13) ==

r11086 103176 gb_nakid_cms_48109.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_nakid_cms_48109.nasl?root=openvas&view=markup
Nakid CMS 'CKEditorFuncNum' Parameter Cross Site Scripting Vulnerability

r11086 103174 gb_simple_web-server_48116.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_simple_web-server_48116.nasl?root=openvas&view=markup
Simple web-server Directory Traversal Vulnerability

r11087 802022 gb_joomla_joomnik_comp_album_param_sql_inj_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_joomnik_comp_album_param_sql_inj_vuln.nasl?root=openvas&view=markup
Joomla! com_joomnik Component 'album' Parameter SQL Injection
Vulnerability

r11087 802023 gb_easyftp_post_auth_mkd_cmd_bof_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_easyftp_post_auth_mkd_cmd_bof_vuln.nasl?root=openvas&view=markup
Easy FTP Server POST Auth 'MKD' Command Buffer Overflow Vulnerability

r11087 801895 gb_icinga_expand_parameter_xss_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_icinga_expand_parameter_xss_vuln.nasl?root=openvas&view=markup
Icinga 'expand' Parameter Cross-Site Scripting Vulnerability

r11087 801794 gb_vanilla_forum_lfi_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_vanilla_forum_lfi_vuln.nasl?root=openvas&view=markup
Vanilla Forum Local File Inclusion Vulnerability

r11087 801945 gb_ibm_lotus_notes_mult_bof_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ibm_lotus_notes_mult_bof_vuln_win.nasl?root=openvas&view=markup
IBM Lotus Notes File Viewers Multiple BOF Vulnerabilities (Win)

r11087 801893 gb_awstats_totals_sort_parameter_cmd_exec_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_awstats_totals_sort_parameter_cmd_exec_vuln.nasl?root=openvas&view=markup
AWStats Totals 'sort' Parameter Remote Command Execution Vulnerabilities

r11087 801894 gb_nagios_expand_parameter_xss_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_nagios_expand_parameter_xss_vuln.nasl?root=openvas&view=markup
Nagios 'expand' Parameter Cross-Site Scripting Vulnerability

r11087 801796 gb_python_cgi_info_disc_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_python_cgi_info_disc_vuln_win.nasl?root=openvas&view=markup
Python CGIHTTPServer Module Information Disclosure Vulnerability

r11087 801797 gb_python_mult_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_python_mult_vuln_win.nasl?root=openvas&view=markup
Python Multiple Vulnerabilities (Windows)

r11087 801944 gb_egroupware_mult_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_egroupware_mult_vuln.nasl?root=openvas&view=markup
eGroupware Multiple Vulnerabilities

r11087 801795 gb_python_detect_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_python_detect_win.nasl?root=openvas&view=markup
Python Version Detection (Windows)

== Metasploit modules (2) ==

r12868 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/cisco_anyconnect_exec.rb
Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute

r12877 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/post/windows/gather/enum_mremote_pwds.rb
Windows Gather mRemote Saved Password Extraction

== Nessus plugins (14) ==

54985 suse_11_gimp-110531.nasl
http://nessus.org/plugins/index.php?view=single&id=54985
SuSE Security Update: gimp (2011-05-31)

54984 redhat-RHSA-2011-0850.nasl
http://nessus.org/plugins/index.php?view=single&id=54984
RHSA-2011-0850: flash-plugin

54983 freebsd_pkg_f7d838f2903911e0a051080027ef73ec.nasl
http://nessus.org/plugins/index.php?view=single&id=54983
FreeBSD : fetchmail -- STARTTLS denial of service (5441)

54982 freebsd_pkg_1e1421f08d6f11e089b4001ec9578670.nasl
http://nessus.org/plugins/index.php?view=single&id=54982
FreeBSD : BIND -- Large RRSIG RRsets and Negative Caching DoS (5440)

54981 fedora_2011-7972.nasl
http://nessus.org/plugins/index.php?view=single&id=54981
Fedora 14 2011-7972

54980 fedora_2011-7823.nasl
http://nessus.org/plugins/index.php?view=single&id=54980
Fedora 15 2011-7823

54979 fedora_2011-7822.nasl
http://nessus.org/plugins/index.php?view=single&id=54979
Fedora 15 2011-7822

54978 fedora_2011-7555.nasl
http://nessus.org/plugins/index.php?view=single&id=54978
Fedora 14 2011-7555

54977 fedora_2011-7393.nasl
http://nessus.org/plugins/index.php?view=single&id=54977
Fedora 14 2011-7393

54976 fedora_2011-7232.nasl
http://nessus.org/plugins/index.php?view=single&id=54976
Fedora 14 2011-7232

54975 fedora_2011-7194.nasl
http://nessus.org/plugins/index.php?view=single&id=54975
Fedora 14 2011-7194

54974 macosx_fusion_3_1_3.nasl
http://nessus.org/plugins/index.php?view=single&id=54974
VMware Fusion < 3.1.3 (VMSA-2011-0009)

54973 macosx_flash_player_10_3_181_22.nasl
http://nessus.org/plugins/index.php?view=single&id=54973
Flash Player for Mac < 10.3.181.22 Cross-Site Scripting (APSB11-13)

54972 flash_player_apsb11-13.nasl
http://nessus.org/plugins/index.php?view=single&id=54972
Flash Player < 10.3.181.22 Cross-Site Scripting (APSB11-13)
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/