New VA Modules: OpenVAS: 18, MSF: 3, Nessus: 19

[New VA Module Alert Service <postmaster () insecure org>]

This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== OpenVAS plugins (18) ==

r12509 103397 gb_tecomat_51602.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_tecomat_51602.nasl?root=openvas&view=markup
Tecomat Foxtrot Default Password Security Bypass Vulnerability

r12509 103399 gb_minicms_51612.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_minicms_51612.nasl?root=openvas&view=markup
miniCMS Multiple Remote PHP Code Injection Vulnerabilities

r12509 103398 gb_joomla_51623.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_51623.nasl?root=openvas&view=markup
Joomla! 'com_kp' Component 'controller' Parameter Local File Include
Vulnerability

r12510 902786 secpod_oracle_virtualbox_mult_unspecified_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_oracle_virtualbox_mult_unspecified_vuln_win.nasl?root=openvas&view=markup
Oracle VM VirtualBox Multiple Unspecified Vulnerabilities (Windows)

r12510 802568 gb_joomla_com_sanpham_mult_sql_inj_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_com_sanpham_mult_sql_inj_vuln.nasl?root=openvas&view=markup
Joomla Sanpham Component Multiple SQL Injection Vulnerabilities

r12510 802419 gb_yahoo_msg_cyimage_bof_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_yahoo_msg_cyimage_bof_vuln.nasl?root=openvas&view=markup
Yahoo Messenger JPG Photo Sharing Integer Overflow Vulnerability

r12510 802566 gb_php_mult_dos_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_php_mult_dos_vuln_win.nasl?root=openvas&view=markup
PHP Multiple Denial of Service Vulnerabilities (Windows)

r12510 802417 gb_oracle_glassfish_server_mult_unspecified_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_oracle_glassfish_server_mult_unspecified_vuln.nasl?root=openvas&view=markup
Oracle GlassFish Server Multiple Unspecified Vulnerabilities

r12510 802569 gb_joomla_com_xball_sql_inj_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_com_xball_sql_inj_vuln.nasl?root=openvas&view=markup
Joomla XBall Component SQL Injection Vulnerability

r12510 802420 gb_vlc_media_player_amr_dos_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_vlc_media_player_amr_dos_vuln_win.nasl?root=openvas&view=markup
VLC Media Player '.amr' File Denial of Service Vulnerability (Windows)

r12510 802567 gb_joomla_com_car_mult_sql_inj_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_com_car_mult_sql_inj_vuln.nasl?root=openvas&view=markup
Joomla Car Component Multiple SQL Injection Vulnerabilities

r12510 802421 gb_adobe_reader_int_overflow_vuln_lin_jan12.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_adobe_reader_int_overflow_vuln_lin_jan12.nasl?root=openvas&view=markup
Adobe Reader Integer Overflow Vulnerability - Jan 12 (Linux)

r12510 802418 gb_ibm_was_hash_collisions_dos_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_ibm_was_hash_collisions_dos_vuln.nasl?root=openvas&view=markup
IBM WebSphere Application Server Hash Collisions DOS Vulnerability

r12510 802572 gb_joomla_com_br_lfi_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_com_br_lfi_vuln.nasl?root=openvas&view=markup
Joomla BR Component Local File Inclusion Vulnerability

r12510 802570 gb_joomla_com_some_lfi_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_com_some_lfi_vuln.nasl?root=openvas&view=markup
Joomla Some Component Local File Inclusion Vulnerability

r12510 802574 gb_joomla_com_boss_lfi_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_com_boss_lfi_vuln.nasl?root=openvas&view=markup
Joomla Boss Component Local File Inclusion Vulnerability

r12510 802573 gb_joomla_com_bulkenquery_lfi_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_joomla_com_bulkenquery_lfi_vuln.nasl?root=openvas&view=markup
Joomla Bulkenquery Component Local File Inclusion Vulnerability

r12510 902902 secpod_solarwinds_orion_storage_manager_mult_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/secpod_solarwinds_orion_storage_manager_mult_vuln.nasl?root=openvas&view=markup
SolarWinds Orion Data Storage Manager SQL Injection and XSS
Vulnerabilities

== Metasploit modules (3) ==

r14608 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/gather/natpmp_external_address.rb
NAT-PMP External address scanner

r14608 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/natpmp/natpmp_portscan.rb
NAT-PMP External port scanner

r14608 http://metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/natpmp/natpmp_map.rb
NAT-PMP port mapper

== Nessus plugins (19) ==

57639 juniper_psn-2012-01-475.nasl
http://nessus.org/plugins/index.php?view=single&id=57639
Juniper Junos BGP Multiple DoS (PSN-2012-01-475)

57638 juniper_psn-2012-01-474.nasl
http://nessus.org/plugins/index.php?view=single&id=57638
Juniper Junos J-Web CSRF (PSN-2012-01-474)

57637 juniper_psn-2012-01-472.nasl
http://nessus.org/plugins/index.php?view=single&id=57637
Juniper Junos BGP UPDATE Malformed ATTR_SET Attribute DoS
(PSN-2012-01-472)

57636 juniper_psn-2011-11-418.nasl
http://nessus.org/plugins/index.php?view=single&id=57636
Juniper Junos MGD-CLI Arbitrary Command Execution (PSN-2011-11-418)

57635 simplesamlphp_logout_xss.nasl
http://nessus.org/plugins/index.php?view=single&id=57635
SimpleSAMLphp logout.php link_href Parameter XSS

57634 simplesamlphp_detect.nasl
http://nessus.org/plugins/index.php?view=single&id=57634
SimpleSAMLphp Detection

57633 solaris10_x86_146033.nasl
http://nessus.org/plugins/index.php?view=single&id=57633
Solaris 10 (x86) : 146033-03

57632 solaris10_146032.nasl
http://nessus.org/plugins/index.php?view=single&id=57632
Solaris 10 (sparc) : 146032-03

57631 gentoo_GLSA-201201-05.nasl
http://nessus.org/plugins/index.php?view=single&id=57631
GLSA-201201-05 : mDNSResponder: Multiple vulnerabilities

57630 gentoo_GLSA-201201-04.nasl
http://nessus.org/plugins/index.php?view=single&id=57630
GLSA-201201-04 : Logsurfer: Arbitrary code execution

57629 freebsd_pkg_7f5ccb1d439b11e1bc160023ae8e59f0.nasl
http://nessus.org/plugins/index.php?view=single&id=57629
FreeBSD : tomcat -- Denial of Service
(7f5ccb1d-439b-11e1-bc16-0023ae8e59f0)

57628 freebsd_pkg_5c5f19ce43af11e189b4001ec9578670.nasl
http://nessus.org/plugins/index.php?view=single&id=57628
FreeBSD : OpenSSL -- DTLS Denial of Service
(5c5f19ce-43af-11e1-89b4-001ec9578670)

57627 fedora_2012-0708.nasl
http://nessus.org/plugins/index.php?view=single&id=57627
Fedora 16 2012-0708

57626 fedora_2012-0523.nasl
http://nessus.org/plugins/index.php?view=single&id=57626
Fedora 16 2012-0523

57625 fedora_2012-0490.nasl
http://nessus.org/plugins/index.php?view=single&id=57625
Fedora 16 2012-0490

57624 fedora_2012-0435.nasl
http://nessus.org/plugins/index.php?view=single&id=57624
Fedora 16 2012-0435

57623 fedora_2012-0372.nasl
http://nessus.org/plugins/index.php?view=single&id=57623
Fedora 15 2012-0372

57622 fedora_2011-17399.nasl
http://nessus.org/plugins/index.php?view=single&id=57622
Fedora 15 2011-17399

57621 debian_DSA-2391.nasl
http://nessus.org/plugins/index.php?view=single&id=57621
Debian DSA-2391-1 : phpmyadmin - several vulnerabilities
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/