Nmap Development mailing list archives
New VA Modules: OpenVAS: 3, MSF: 8, Nessus: 37
From: New VA Module Alert Service <postmaster () insecure org>
Date: Thu, 10 Jan 2013 10:00:56 -0800 (PST)
This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == OpenVAS plugins (3) == r15109 2013/gb_watson_management_console_lfi.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_watson_management_console_lfi.nasl?root=openvas&view=markup Watson Management Console Directory Traversal Vulnerability r15109 gb_eXtplorer_detect.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_eXtplorer_detect.nasl?root=openvas&view=markup eXtplorer Detection r15109 2013/gb_eXtplorer_57058.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_eXtplorer_57058.nasl?root=openvas&view=markup eXtplorer 'ext_find_user()' Function Authentication Bypass Vulnerability == Metasploit modules (8) == r16289 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/extplorer_upload_exec.rb eXtplorer v2.1 Arbitrary File Upload Vulnerability r16290 http://metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/rails_xml_yaml_scanner.rb Ruby on Rails XML Processor YAML Deserialization Scanner r16291 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/honeywell_tema_exec.rb Honeywell Tema Remote Installer ActiveX Remote Code Execution r16294 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ms11_081_option.rb Microsoft Internet Explorer Option Element Use-After-Free r16296 http://metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/ruby/bind_tcp.rb Ruby Command Shell, Bind TCP r16296 http://metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/ruby/bind_tcp_ipv6.rb Ruby Command Shell, Bind TCP IPv6 r16296 http://metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/rails_xml_yaml_code_exec.rb Ruby on Rails XML Processor YAML Deserialization Code Execution r16296 http://metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/ruby/reverse_tcp.rb Ruby Command Shell, Reverse TCP == Nessus plugins (37) == 63467 ubuntu_USN-1682-1.nasl http://nessus.org/plugins/index.php?view=single&id=63467 USN-1682-1 : gnupg, gnupg2 vulnerability 63466 redhat-RHSA-2013-0150.nasl http://nessus.org/plugins/index.php?view=single&id=63466 RHSA-2013-0150: acroread 63465 redhat-RHSA-2013-0149.nasl http://nessus.org/plugins/index.php?view=single&id=63465 RHSA-2013-0149: flash-plugin 63464 mandriva_MDVSA-2013-003.nasl http://nessus.org/plugins/index.php?view=single&id=63464 Mandriva Linux Security Advisory : rootcerts (MDVSA-2013:003) 63463 freebsd_pkg_a4ed66325aa911e28fcbc8600054b392.nasl http://nessus.org/plugins/index.php?view=single&id=63463 FreeBSD : mozilla -- multiple vulnerabilities (a4ed6632-5aa9-11e2-8fcb-c8600054b392) 63462 fedora_2013-0377.nasl http://nessus.org/plugins/index.php?view=single&id=63462 Fedora 18 : gnupg-1.4.13-2.fc18 (2013-0377) 63461 fedora_2013-0148.nasl http://nessus.org/plugins/index.php?view=single&id=63461 Fedora 18 : gnupg2-2.0.19-7.fc18 (2013-0148) 63460 fedora_2012-21122.nasl http://nessus.org/plugins/index.php?view=single&id=63460 Fedora 16 : php-pear-CAS-1.3.2-1.fc16 (2012-21122) 63459 fedora_2012-21106.nasl http://nessus.org/plugins/index.php?view=single&id=63459 Fedora 17 : php-pear-CAS-1.3.2-1.fc17 (2012-21106) 63458 fedora_2012-20159.nasl http://nessus.org/plugins/index.php?view=single&id=63458 Fedora 16 : v8-3.13.7.5-1.fc16 (2012-20159) 63457 debian_DSA-2604.nasl http://nessus.org/plugins/index.php?view=single&id=63457 Debian DSA-2604-1 : rails - insufficient input validation 63456 debian_DSA-2603.nasl http://nessus.org/plugins/index.php?view=single&id=63456 Debian DSA-2603-1 : emacs23 - programming error 63455 macosx_adobe_reader_apsb13-02.nasl http://nessus.org/plugins/index.php?view=single&id=63455 Adobe Reader < 11.0.1 / 10.1.5 / 9.5.3 Multiple Vulnerabilities (APSB13-02) (Mac OS X) 63454 adobe_reader_apsb13-02.nasl http://nessus.org/plugins/index.php?view=single&id=63454 Adobe Reader < 11.0.1 / 10.1.5 / 9.5.3 Multiple Vulnerabilities (APSB13-02) 63453 adobe_acrobat_apsb13-02.nasl http://nessus.org/plugins/index.php?view=single&id=63453 Adobe Acrobat < 11.0.1 / 10.1.5 / 9.5.3 Multiple Vulnerabilities (APSB13-02) 63452 macosx_flash_player_11_5_502_146.nasl http://nessus.org/plugins/index.php?view=single&id=63452 Flash Player for Mac <= 10.3.183.48 / 11.5.502.136 Buffer Overflow (APSB13-01) 63451 macosx_adobe_air_3_5_0_1060.nasl http://nessus.org/plugins/index.php?view=single&id=63451 Adobe AIR for Mac 3.x <= 3.5.0.890 Buffer Overflow (APSB13-01) 63450 flash_player_apsb13-01.nasl http://nessus.org/plugins/index.php?view=single&id=63450 Flash Player <= 10.3.183.48 / 11.5.502.135 Buffer Overflow (APSB13-01) 63449 adobe_air_apsb13-01.nasl http://nessus.org/plugins/index.php?view=single&id=63449 Adobe AIR 3.x <= 3.5.0.880 Buffer Overflow (APSB13-01) 63448 ubuntu_USN-1681-2.nasl http://nessus.org/plugins/index.php?view=single&id=63448 USN-1681-2 : thunderbird vulnerabilities 63447 ubuntu_USN-1681-1.nasl http://nessus.org/plugins/index.php?view=single&id=63447 USN-1681-1 : firefox vulnerabilities 63446 redhat-RHSA-2013-0145.nasl http://nessus.org/plugins/index.php?view=single&id=63446 RHSA-2013-0145: thunderbird 63445 redhat-RHSA-2013-0144.nasl http://nessus.org/plugins/index.php?view=single&id=63445 RHSA-2013-0144: firefox 63444 hpux_PHSS_43355.nasl http://nessus.org/plugins/index.php?view=single&id=63444 HP-UX PHSS_43355 : s700_800 11.11 X Font Server Patch 63443 hpux_PHSS_43202.nasl http://nessus.org/plugins/index.php?view=single&id=63443 HP-UX PHSS_43202 : s700_800 11.23 X Font Server Patch 63442 hpux_PHSS_43134.nasl http://nessus.org/plugins/index.php?view=single&id=63442 HP-UX PHSS_43134 : s700_800 11.31 X Font Server Patch 63441 gentoo_GLSA-201301-07.nasl http://nessus.org/plugins/index.php?view=single&id=63441 GLSA-201301-07 : DokuWiki: Multiple vulnerabilities 63440 gentoo_GLSA-201301-06.nasl http://nessus.org/plugins/index.php?view=single&id=63440 GLSA-201301-06 : ISC DHCP: Denial of Service 63439 gentoo_GLSA-201301-05.nasl http://nessus.org/plugins/index.php?view=single&id=63439 GLSA-201301-05 : bzip2: User-assisted execution of arbitrary code 63438 gentoo_GLSA-201301-04.nasl http://nessus.org/plugins/index.php?view=single&id=63438 GLSA-201301-04 : dhcpcd: Arbitrary code execution 63437 gentoo_GLSA-201301-03.nasl http://nessus.org/plugins/index.php?view=single&id=63437 GLSA-201301-03 : Tor: Multiple vulnerabilities 63436 gentoo_GLSA-201301-02.nasl http://nessus.org/plugins/index.php?view=single&id=63436 GLSA-201301-02 : HAProxy: Arbitrary code execution 63435 freebsd_pkg_ca5d327259e311e2853b00262d5ed8ee.nasl http://nessus.org/plugins/index.php?view=single&id=63435 FreeBSD : rubygem-rails -- multiple vulnerabilities (ca5d3272-59e3-11e2-853b-00262d5ed8ee) 63434 freebsd_pkg_b4051b5258fa11e2853b00262d5ed8ee.nasl http://nessus.org/plugins/index.php?view=single&id=63434 FreeBSD : rubygem-rails -- SQL injection vulnerability (b4051b52-58fa-11e2-853b-00262d5ed8ee) 63433 debian_DSA-2602.nasl http://nessus.org/plugins/index.php?view=single&id=63433 Debian DSA-2602-1 : zendframework - XML external entity inclusion 63432 centos_RHSA-2013-0145.nasl http://nessus.org/plugins/index.php?view=single&id=63432 CentOS : RHSA-2013-0145 63431 centos_RHSA-2013-0144.nasl http://nessus.org/plugins/index.php?view=single&id=63431 CentOS : RHSA-2013-0144 _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: OpenVAS: 3, MSF: 8, Nessus: 37 New VA Module Alert Service (Jan 10)