New VA Modules: NSE: 4, MSF: 2

[New VA Module Alert Service <postmaster () insecure org>]

This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== Nmap Scripting Engine scripts (4) ==

r28632 mysql-dump-hashes http://nmap.org/nsedoc/scripts/mysql-dump-hashes.html
https://svn.nmap.org/nmap/scripts/mysql-dump-hashes.nse
Dumps the password hashes from an MySQL server in a format suitable for
cracking by tools such as John-the-ripper. In order to do so the user
needs to have the appropriate DB privileges (root).

r28632 mysql-query http://nmap.org/nsedoc/scripts/mysql-query.html
https://svn.nmap.org/nmap/scripts/mysql-query.nse
Runs a query against a MySQL database and returns the results as a
table.

r28633 distcc-CVE-2004-2687 http://nmap.org/nsedoc/scripts/distcc-CVE-2004-2687.html
https://svn.nmap.org/nmap/scripts/distcc-CVE-2004-2687.nse
Detects and exploits a remote code execution vulnerability in the
distributed compiler daemon distcc. The vulnerability was disclosed in
2002, but is still present in modern implementation due to poor
configuration of the service.

r28642 http-traceroute http://nmap.org/nsedoc/scripts/http-traceroute.html
https://svn.nmap.org/nmap/scripts/http-traceroute.nse
Exploits the Max-Forwards HTTP header to detect the presence of reverse
proxies.

== Metasploit modules (2) ==

r15303 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/misc/hp_vsa_exec.rb
HP StorageWorks P4000 Virtual SAN Appliance Command Execution

r15304 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/fileformat/foxit_reader_launch.rb
Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/