Nmap Development mailing list archives
New VA Modules: NSE: 2, MSF: 4, Nessus: 38
From: New VA Module Alert Service <postmaster () insecure org>
Date: Tue, 17 Jan 2012 10:00:37 -0800 (PST)
This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == Nmap Scripting Engine scripts (2) == r27835 dns-nsid http://nmap.org/nsedoc/scripts/dns-nsid.html Ateemps to get more information from a server by requesting the server nsid[1], and asking for id.server[2] and version.bind. This script dose the same as the following two dig commands: - dig CH TXT bind.version @target - dig +nsid CH TXT id.server @target r27836 nessus-xmlrpc-brute http://nmap.org/nsedoc/scripts/nessus-xmlrpc-brute.html Performs brute force password auditing against a Nessus vulnerability scanning daemon using the XMLRPC protocol. == Metasploit modules (4) == r14552 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/fileformat/bsplayer_m3u.rb BS.Player 2.57 Buffer Overflow Exploit (Unicode SEH) r14556 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/fileformat/mcafee_showreport_exec.rb McAfee SaaS MyCioScan ShowReport Remote Command Execution r14558 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/osx/browser/mozilla_mchannel.rb Mozilla Firefox 3.6.16 mChannel use after free vulnerability r14559 http://metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/osx/x86/exec_calc.rb OSX Execute Calculator.app == Nessus plugins (38) == 57560 irfanview_432.nasl http://nessus.org/plugins/index.php?view=single&id=57560 IrfanView < 4.32 Buffer Overflow 57559 irfanview_installed.nasl http://nessus.org/plugins/index.php?view=single&id=57559 IrfanView Detection 57558 mysql_unsupported.nasl http://nessus.org/plugins/index.php?view=single&id=57558 MySQL Unsupported Version Detection 57556 ntr_2_0_4_8_activex.nasl http://nessus.org/plugins/index.php?view=single&id=57556 NTR ActiveX Control < 2.0.4.8 Multiple Vulnerabilities 57555 suse_11_system-config-printer-120104.nasl http://nessus.org/plugins/index.php?view=single&id=57555 SuSE Security Update: system-config-printer (2012-01-04) 57554 mandriva_MDVA-2012-004.nasl http://nessus.org/plugins/index.php?view=single&id=57554 MDVA-2012:004 : php 57553 freebsd_pkg_ea2ddc493e8e11e180955404a67eef98.nasl http://nessus.org/plugins/index.php?view=single&id=57553 FreeBSD : ffmpeg -- multiple vulnerabilities (ea2ddc49-3e8e-11e1-8095-5404a67eef98) 57552 freebsd_pkg_91be81e73fea11e1afc72c4138874f7d.nasl http://nessus.org/plugins/index.php?view=single&id=57552 FreeBSD : Multiple implementations denial-of-service via hash algorithm collision (91be81e7-3fea-11e1-afc7-2c4138874f7d) 57551 freebsd_pkg_78cc8a463e5611e189b4001ec9578670.nasl http://nessus.org/plugins/index.php?view=single&id=57551 FreeBSD : openssl -- multiple vulnerabilities (78cc8a46-3e56-11e1-89b4-001ec9578670) 57550 freebsd_pkg_1800886c3dde11e189b4001ec9578670.nasl http://nessus.org/plugins/index.php?view=single&id=57550 FreeBSD : isc-dhcp-server -- DoS in DHCPv6 (1800886c-3dde-11e1-89b4-001ec9578670) 57549 fedora_2012-0492.nasl http://nessus.org/plugins/index.php?view=single&id=57549 Fedora 15 2012-0492 57548 fedora_2012-0480.nasl http://nessus.org/plugins/index.php?view=single&id=57548 Fedora 16 2012-0480 57547 fedora_2012-0363.nasl http://nessus.org/plugins/index.php?view=single&id=57547 Fedora 16 2012-0363 57546 fedora_2012-0250.nasl http://nessus.org/plugins/index.php?view=single&id=57546 Fedora 15 2012-0250 57545 fedora_2012-0144.nasl http://nessus.org/plugins/index.php?view=single&id=57545 Fedora 15 2012-0144 57544 fedora_2012-0100.nasl http://nessus.org/plugins/index.php?view=single&id=57544 Fedora 16 2012-0100 57543 debian_DSA-2390.nasl http://nessus.org/plugins/index.php?view=single&id=57543 Debian DSA-2390-1 : openssl - several vulnerabilities 57542 debian_DSA-2388.nasl http://nessus.org/plugins/index.php?view=single&id=57542 Debian DSA-2388-1 : t1lib - several vulnerabilities 17814 mysql_6_0_4_yaSSL.nasl http://nessus.org/plugins/index.php?view=single&id=17814 yaSSL 1.7.5 Buffer Overflow 17813 mysql_6_0_4.nasl http://nessus.org/plugins/index.php?view=single&id=17813 MySQL < 5.0.51a / 5.1.23 / 6.0.4 Denial of Service 17812 mysql_6_0_14_priv_bypass.nasl http://nessus.org/plugins/index.php?view=single&id=17812 MySQL < 5.0.88 / 5.1.42 / 5.5.0 / 6.0.14 MyISAM CREATE TABLE Privilege Check Bypass 17811 mysql_6_0_14_XSS.nasl http://nessus.org/plugins/index.php?view=single&id=17811 MySQL < 5.0.89 / 5.1.42 / 5.4.2 / 5.5.1 / 6.0.14 Client Cross-Site Scripting 17810 mysql_5_1_6.nasl http://nessus.org/plugins/index.php?view=single&id=17810 MySQL < 4.1.18 / 5.0.19 / 5.1.6 Denial of Service 17809 mysql_5_1_14.nasl http://nessus.org/plugins/index.php?view=single&id=17809 MySQL < 5.0.32 / 5.1.14 Denial of Service 17808 mysql_5_1_12_suid.nasl http://nessus.org/plugins/index.php?view=single&id=17808 MySQL < 5.0.25 / 5.1.12 Privilege Escalation 17807 mysql_5_1_12.nasl http://nessus.org/plugins/index.php?view=single&id=17807 MySQL < 4.1.21 / 5.0.25 / 5.1.12 Access Control 17806 mysql_5_1_11.nasl http://nessus.org/plugins/index.php?view=single&id=17806 MySQL < 4.1.20 / 5.0.22 / 5.1.11 SQL Injection 17805 mysql_5_0_4.nasl http://nessus.org/plugins/index.php?view=single&id=17805 MySQL < 4.1.12 / 5.0.4 Insecure Permissions 17804 mysql_5_0_38.nasl http://nessus.org/plugins/index.php?view=single&id=17804 MySQL < 5.0.83 Denial of Service 17803 mysql_5_0_36.nasl http://nessus.org/plugins/index.php?view=single&id=17803 MySQL < 5.0.36 Denial of Service 17802 mysql_5_0_24.nasl http://nessus.org/plugins/index.php?view=single&id=17802 MySQL < 4.1.21 / 5.0.24 Privilege Persistence 17801 mysql_5_0_22.nasl http://nessus.org/plugins/index.php?view=single&id=17801 MySQL < 5.0.22 / 5.1.10 Authentication Bypass 17800 mysql_4_1_21.nasl http://nessus.org/plugins/index.php?view=single&id=17800 MySQL < 4.1.21 / 5.0 Denial of Service 17799 mysql_4_1_2.nasl http://nessus.org/plugins/index.php?view=single&id=17799 MySQL < 4.1.2 Insecure Temporary File Creation asp_net_hash_collision_dos.nbin datetime.inc mysql_version.inc php_5_hash_collision_dos.nbin _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: NSE: 2, MSF: 4, Nessus: 38 New VA Module Alert Service (Jan 17)