Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

New VA Modules: OpenVAS: 9, MSF: 8, Nessus: 21

From: New VA Module Alert Service <postmaster () insecure org>
Date: Fri, 6 Apr 2012 10:01:09 -0700 (PDT)
This report describes any new scripts/modules/exploits added to Nmap,
OpenVAS, Metasploit, and Nessus since yesterday.

== OpenVAS plugins (9) ==

r13206 802621 gb_jamwiki_num_param_xss_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_jamwiki_num_param_xss_vuln.nasl?root=openvas&view=markup
JamWiki 'num' Parameter Cross Site Scripting Vulnerability

r13206 802734 gb_google_chrome_mult_vuln_apr12_macosx.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_apr12_macosx.nasl?root=openvas&view=markup
Google Chrome Multiple Vulnerabilities - April 12 (MAC OS X)

r13206 802732 gb_google_chrome_mult_vuln_apr12_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_apr12_win.nasl?root=openvas&view=markup
Google Chrome Multiple Vulnerabilities - April 12 (Windows)

r13206 802622 gb_backuppc_index_mult_xss_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_backuppc_index_mult_xss_vuln.nasl?root=openvas&view=markup
BackupPC 'index.cgi' Multiple Cross Site Scripting Vulnerabilities

r13206 802827 gb_emc_dpa_dos_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_emc_dpa_dos_vuln.nasl?root=openvas&view=markup
EMC Data Protection Advisor NULL Pointer Dereference Denial of Service
Vulnerability

r13206 802427 gb_articlesetup_mult_xss_n_sql_inj_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_articlesetup_mult_xss_n_sql_inj_vuln.nasl?root=openvas&view=markup
ArticleSetup Multiple Cross-Site Scripting and SQL Injection
Vulnerabilities

r13206 802825 gb_jabberd_sasl_negotiation_dos_vuln.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_jabberd_sasl_negotiation_dos_vuln.nasl?root=openvas&view=markup
Jabber Studio Jabberd Server SASL Negotiation Denial of Service
Vulnerability

r13206 802733 gb_google_chrome_mult_vuln_apr12_lin.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_google_chrome_mult_vuln_apr12_lin.nasl?root=openvas&view=markup
Google Chrome Multiple Vulnerabilities - April 12 (Linux)

r13206 802826 gb_realplayer_mp4_file_dos_vuln_win.nasl
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/gb_realplayer_mp4_file_dos_vuln_win.nasl?root=openvas&view=markup
RealNetworks RealPlayer MP4 File Handling Denial of Service
Vulnerability (Win)

== Metasploit modules (8) ==

r15066 http://metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/scada/koyo_login.rb
Koyo DirectLogic PLC Password Brute Force Utility

r15066 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/scada/modicon_stux_transfer.rb
Schneider Modicon Ladder Logic Upload/Download

r15066 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/dos/scada/d20_tftp_overflow.rb
General Electric D20ME TFTP Server Buffer Overflow DoS

r15066 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/scada/multi_cip_command.rb
Allen-Bradley/Rockwell Automation EtherNet/IP CIP Commands

r15066 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/scada/modicon_command.rb
Schneider Modicon remote START/STOP command

r15066 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/scada/modicon_password_recovery.rb
Schneider Modicon Quantum Password Recovery

r15072 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ultramjcam_openfiledig_bof.rb
TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer
Overflow

r15073 
http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/fileformat/csound_getnum_bof.rb
Csound hetro File Handling Stack Buffer Overflow

== Nessus plugins (21) ==

58618 ubuntu_USN-1418-1.nasl
http://nessus.org/plugins/index.php?view=single&id=58618
USN-1418-1 : gnutls13, gnutls26 vulnerabilities

58617 ubuntu_USN-1417-1.nasl
http://nessus.org/plugins/index.php?view=single&id=58617
USN-1417-1 : libpng vulnerability

58616 suse_libxslt-8019.nasl
http://nessus.org/plugins/index.php?view=single&id=58616
SuSE Security Update: Security update for libxslt (libxslt-8019)

58615 suse_11_apache2-mod_php53-120309.nasl
http://nessus.org/plugins/index.php?view=single&id=58615
SuSE Security Update: apache2-mod_php53 (2012-03-09)

58614 mandriva_MDVA-2012-034.nasl
http://nessus.org/plugins/index.php?view=single&id=58614
MDVA-2012:034 : bind

58613 hpux_PHSS_42866.nasl
http://nessus.org/plugins/index.php?view=single&id=58613
HP-UX PHSS_42866 : HP-UX running DCE, Remote Denial of Service (DoS)
(HPSBUX02758 SSRT100774 rev.1)

58612 hpux_PHSS_42865.nasl
http://nessus.org/plugins/index.php?view=single&id=58612
HP-UX PHSS_42865 : HP-UX running DCE, Remote Denial of Service (DoS)
(HPSBUX02758 SSRT100774 rev.1)

58611 hpux_PHSS_42853.nasl
http://nessus.org/plugins/index.php?view=single&id=58611
HP-UX PHSS_42853 : HP-UX running DCE, Remote Denial of Service (DoS)
(HPSBUX02758 SSRT100774 rev.1)

58610 hpux_PHSS_42852.nasl
http://nessus.org/plugins/index.php?view=single&id=58610
HP-UX PHSS_42852 : HP-UX running DCE, Remote Denial of Service (DoS)
(HPSBUX02758 SSRT100774 rev.1)

58609 freebsd_pkg_057130e67f6111e18a4300262d5ed8ee.nasl
http://nessus.org/plugins/index.php?view=single&id=58609
FreeBSD : chromium -- multiple vulnerabilities
(057130e6-7f61-11e1-8a43-00262d5ed8ee)

58608 debian_DSA-2447.nasl
http://nessus.org/plugins/index.php?view=single&id=58608
Debian DSA-2447-1 : tiff - integer overflow

58607 arcserve_backup_dos.nasl
http://nessus.org/plugins/index.php?view=single&id=58607
CA ARCserve Backup Network Service Network Request Parsing Remote DoS

58606 macosx_java_10_7_2012-001.nasl
http://nessus.org/plugins/index.php?view=single&id=58606
Mac OS X : Java for OS X Lion 2012-001

58605 macosx_java_10_6_update7.nasl
http://nessus.org/plugins/index.php?view=single&id=58605
Mac OS X : Java for Mac OS X 10.6 Update 7

58604 os_fingerprint_nativelanmanager.nasl
http://nessus.org/plugins/index.php?view=single&id=58604
OS Identification : NativeLanManager

58603 at32_reverse_proxy_no_password.nasl
http://nessus.org/plugins/index.php?view=single&id=58603
at32 Reverse Proxy Admin Portal No Password

58602 at32_reverse_proxy_detect.nasl
http://nessus.org/plugins/index.php?view=single&id=58602
at32 Reverse Proxy Detection

58601 asp_net_validaterequest_bypass.nasl
http://nessus.org/plugins/index.php?view=single&id=58601
Microsoft ASP.NET ValidateRequest Filters Bypass

58600 ubuntu_USN-1416-1.nasl
http://nessus.org/plugins/index.php?view=single&id=58600
USN-1416-1 : tiff vulnerabilities

58599 mandriva_MDVSA-2012-054.nasl
http://nessus.org/plugins/index.php?view=single&id=58599
MDVSA-2012:054 : libtiff

58598 debian_DSA-2446.nasl
http://nessus.org/plugins/index.php?view=single&id=58598
Debian DSA-2446-1 : libpng - incorrect memory handling
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: