Nmap Development mailing list archives
New VA Modules: OpenVAS: 17, MSF: 124, Nessus: 35
From: New VA Module Alert Service <postmaster () insecure org>
Date: Thu, 30 May 2013 10:01:16 +0000 (UTC)
This report describes any new scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus since yesterday. == OpenVAS plugins (17) == r16502 803606 2013/gb_mozilla_firefox_mult_vuln01_may13_macosx.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_mozilla_firefox_mult_vuln01_may13_macosx.nasl?root=openvas&view=markup Mozilla Firefox Multiple Vulnerabilities -01 May13 (Mac OS X) r16502 803498 2013/gb_adobe_flash_player_mult_vuln01_may13_lin.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_adobe_flash_player_mult_vuln01_may13_lin.nasl?root=openvas&view=markup Adobe Flash Player Multiple Vulnerabilities -01 May 13 (Linux) r16502 803605 2013/gb_mozilla_firefox_mult_vuln01_may13_win.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_mozilla_firefox_mult_vuln01_may13_win.nasl?root=openvas&view=markup Mozilla Firefox Multiple Vulnerabilities -01 May13 (Windows) r16502 903211 2013/secpod_mysqldumper_sql_inj_vuln.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/secpod_mysqldumper_sql_inj_vuln.nasl?root=openvas&view=markup MySQLDumper SQL Injection Vulnerability r16502 803610 2013/gb_mozilla_thunderbird_mult_vuln01_may13_macosx.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_mozilla_thunderbird_mult_vuln01_may13_macosx.nasl?root=openvas&view=markup Mozilla Thunderbird Multiple Vulnerabilities -01 May13 (Mac OS X) r16502 803608 2013/gb_mozilla_firefox_esr_mult_vuln01_may13_macosx.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_mozilla_firefox_esr_mult_vuln01_may13_macosx.nasl?root=openvas&view=markup Mozilla Firefox ESR Multiple Vulnerabilities -01 May13 (Mac OS X) r16502 803495 2013/gb_adobe_flash_player_mult_vuln01_may13_macosx.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_adobe_flash_player_mult_vuln01_may13_macosx.nasl?root=openvas&view=markup Adobe Flash Player Multiple Vulnerabilities -01 May 13 (Mac OS X) r16502 803609 2013/gb_mozilla_thunderbird_mult_vuln01_may13_win.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_mozilla_thunderbird_mult_vuln01_may13_win.nasl?root=openvas&view=markup Mozilla Thunderbird Multiple Vulnerabilities -01 May13 (Windows) r16502 803497 2013/gb_adobe_air_mult_vuln01_may13_macosx.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_adobe_air_mult_vuln01_may13_macosx.nasl?root=openvas&view=markup Adobe Air Multiple Vulnerabilities -01 May 13 (Mac OS X) r16502 803607 2013/gb_mozilla_firefox_esr_mult_vuln01_may13_win.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_mozilla_firefox_esr_mult_vuln01_may13_win.nasl?root=openvas&view=markup Mozilla Firefox ESR Multiple Vulnerabilities -01 May13 (Windows) r16502 803602 2013/gb_realplayer_heap_based_bof_vuln_macosx.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_realplayer_heap_based_bof_vuln_macosx.nasl?root=openvas&view=markup RealNetworks RealPlayer Heap Based BoF Vulnerability (Mac OS X) r16502 803494 2013/gb_adobe_flash_player_mult_vuln01_may13_win.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_adobe_flash_player_mult_vuln01_may13_win.nasl?root=openvas&view=markup Adobe Flash Player Multiple Vulnerabilities -01 May 13 (Windows) r16502 803601 2013/gb_realplayer_heap_based_bof_vuln_win.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_realplayer_heap_based_bof_vuln_win.nasl?root=openvas&view=markup RealNetworks RealPlayer Heap Based BoF Vulnerability (Win) r16502 803496 2013/gb_adobe_air_mult_vuln01_may13_win.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_adobe_air_mult_vuln01_may13_win.nasl?root=openvas&view=markup Adobe Air Multiple Vulnerabilities -01 May 13 (Windows) r16502 803612 2013/gb_mozilla_thunderbird_esr_mult_vuln01_may13_macosx.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_mozilla_thunderbird_esr_mult_vuln01_may13_macosx.nasl?root=openvas&view=markup Mozilla Thunderbird ESR Multiple Vulnerabilities -01 May13 (Mac OS X) r16502 803611 2013/gb_mozilla_thunderbird_esr_mult_vuln01_may13_win.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_mozilla_thunderbird_esr_mult_vuln01_may13_win.nasl?root=openvas&view=markup Mozilla Thunderbird ESR Multiple Vulnerabilities -01 May13 (Windows) r16504 103692 ssl_cert_details.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/ssl_cert_details.nasl?root=openvas&view=markup SSL Certificate Details == Metasploit modules (124) == bd11b4fe https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/ftp/freefloatftp_user.rb Free Float FTP Server USER Command Buffer Overflow 27ca43c9 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/smb/ntdsgrab.rb Windows Domain Controller - Download NTDS.dit and SYSTEM Hive 269e507f https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/stagers/windows/bind_tcp_rc4.rb Bind TCP Stager (RC4 stage encryption) 269e507f https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/stagers/windows/reverse_tcp_rc4.rb Reverse TCP Stager (RC4 stage encryption) d79a3c8e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/ssh/sshexec.rb SSH User Code Execution 3883b0d0 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/multi/injector/word_unc_injector.rb Microsoft Word UNC Path Injector 91f89f8c https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/windows/injector/word_unc_injector.rb Microsoft Word UNC Path Injector 121a736e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/dreambox_openpli_shell.rb OpenPLI Webif v6.0.4 - Arbitrary Command Execution 3778ae09 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/stagers/windows/reverse_tcp_rc4_dns.rb Reverse TCP Stager (RC4 stage encryption DNS) 225b15f7 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/discovery/external_ip.rb External IP fee07678 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/scada/codesys_gateway_server_traversal.rb SCADA 3S CoDeSys Gateway Server Directory Traversal dfe3a4f3 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/gather/external_ip.rb External IP 03f3b06c https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/unix/webapp/mutiny_subnetmask_exec.rb Mutiny Remote Command Execution 398d13e0 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/misc/fb_cnct_group.rb Firebird Relational Database CNCT Group Number Buffer Overflow fdd7c375 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/mutiny_subnetmask_exec.rb Mutiny Remote Command Execution c9268c3d https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/cmd/unix/bind_netcat_gaping.rb Unix Command Shell, Bind TCP (via netcat -e) c9268c3d https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/cmd/unix/bind_netcat_gaping_ipv6.rb Unix Command Shell, Bind TCP (via netcat -e) IPv6 c9268c3d https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/cmd/unix/reverse_netcat_gaping.rb Unix Command Shell, Reverse TCP (via netcat -e) f0cee291 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/cmd/unix/bind_netcat.rb Unix Command Shell, Bind TCP (via netcat) f0cee291 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/cmd/unix/reverse_netcat.rb Unix Command Shell, Reverse TCP (via netcat) d81d9261 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/honeywell_hscremotedeploy_exec.rb Honeywell HSC Remote Deployer ActiveX Remote Code Execution 0e607f82 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/dos/dopewars/dopewars.rb Dopewars Denial of Service e5f7c08d https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/axigen_file_access.rb Axigen Arbitrary File Read and Delete a2755820 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/fileformat/kingview_kingmess_kvl.rb KingView Log File Parsing Buffer Overflow fa5c9881 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/ftp/sami_ftpd_list.rb KarjaSoft Sami FTP Server LIST Overflow 7403239d https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/smb/psexec_ntdsgrab.rb PsExec NTDS.dit And SYSTEM Hive Download Utility 02f90b5b https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/dos/misc/dopewars.rb Dopewars Denial of Service 07d78af4 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/linux/manage/download_exec.rb Linux Download Exec dffec1cd https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/fileformat/coolpdf_image_stream_bof.rb Cool PDF Image Stream Buffer Overflow 66dcbca5 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/dos/windows/ssh/sysax_sshd_kexchange.rb Sysax Multi-Server 6.10 SSHD Key Exchange DoS 21e9f7db https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/misc/nagios_nrpe_arguments.rb Nagios Remote Plugin Executor Arbitrary Command Execution 9fc0f9a9 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/linksys_e1500_e2500_exec.rb Linksys E1500/E2500 Remote OS Command Execution 5c9bec15 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/struts_code_exec_parameters.rb Apache Struts ParametersInterceptor Remote Code Execution b5c65ad5 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/joomla_comjce_imgmanager.rb Joomla Component JCE File Upload Code Execution fd632835 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/misc/actfax_raw_server_bof.rb ActFax 5.01 RAW Server Buffer Overflow 36d1746c https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/linksys_traversal.rb Linksys Directory Traversal Vulnerability b01959ea https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/tplink_traversal_noauth.rb TP-Link Wireless Lite N Access Point - Directory Traversal Vulnerability 8f59999f https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/tplink_traversal_noauth.rb TP-Link Wireless Lite N Access Point - Directory Traversal Vulnerability bd522a03 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/linksys_traversal.rb Linksys Directory Traversal Vulnerability 47d458a2 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/netgear_sph200d_traversal.rb Netgear SPH200D Directory Traversal Vulnerability 71708c4b https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/dlink_dir_645_password_extractor.rb DLink DIR 645 Password Extractor ca6ab7c8 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/misc/Ra1NX_pubcall_exec.rb "Ra1NX" PHP Bot pubcall Authentication Bypass Remote Code Execution bbcf21ee https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/misc/v0pCr3w_exec.rb "v0pCr3w" Web Shell Remote Code Execution b23d2594 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/misc/stunshell_eval.rb "STUNSHELL" Web Shell Remote Code Execution(PHP eval) 7e0b0ac0 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/misc/stunshell_exec.rb "STUNSHELL" Web Shell Remote Code Execution 26b43d9e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/http/hp_imc_mibfileupload.rb HP Intelligent Management Center Arbitrary File Upload e5749819 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/dlink_dir_300_615_http_login.rb DLink DIR 300 / 320 / 615 revA HTTP Login Utility ea804d43 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/linksys_e1500_traversal.rb Linksys Directory Traversal Vulnerability e840578e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/sap/sap_soap_xmla_bw_smb_relay.rb SAP /sap/bw/xml/soap/xmla XMLA service (XML DOCTYPE) SMB relay 5be98593 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/sap/sap_soap_rfc_rzl_read_dir_local_dir_listing_and_smb_relay.rb RZL_READ_DIR_LOCAL (directory listing and SMB relay) 01ee30e3 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/sap/sap_soap_rfc_pfl_check_os_file_existence_smb_relay.rb PFL_CHECK_OS_FILE_EXISTENCE (file existence and SMB relay) f92f59bf https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/sap/sap_soap_rfc_eps_delete_file_smb_relay.rb EPS_DELETE_FILE (File deletion + SMB Relay) f7ccfa63 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/sap/sap_ctc_verb_tampering_add_user_and_add_role.rb SAP CTC Service Verb Tampering (add user and add role) bcc26427 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/sap/sap_soap_rfc_eps_get_directory_listing_smb_relay.rb EPS_GET_DIRECTORY_LISTING (list directory + SMB Relay) 9b3bbd57 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/unix/webapp/joomla_comjce_imgmanager.rb Joomla Component JCE File Upload Code Execution ff709678 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/sap/sap_soap_rfc_dbmcli_sxpg_command_exec.rb SAP /sap/bc/soap/rfc SOAP Service SXPG_COMMAND_EXEC Function Command Injection e1a719a6 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/dlink_dir_300b_600b_815_http_login.rb DLink DIR 300B / DIR 600B / DIR 815 HTTP Login Utility c225d824 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/java_cmm.rb Java CMM Remote Code Execution 615aa573 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/dlink_dir_615h_http_login.rb DLink DIR-615H HTTP Login Utility 8fc67b5c https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/sap/sap_soap_rfc_sxpg_call_system_exec.rb SAP /sap/bc/soap/rfc SOAP Service SXPG_CALL_SYSTEM Function Command Execution 353f02cd https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/windows/gather/word_unc_injector.rb Microsoft Word UNC Path Injector e042fd36 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/linksys_e1500_up_exec.rb Linksys E1500 Command Execution - Upload and Execute dfd451f8 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/linksys_e1500_up_exec.rb Linksys E1500 Command Execution - Upload and Execute f29cfbf3 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/v0pcr3w_exec.rb v0pCr3w Web Shell Remote Code Execution cc92b54e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/stunshell_exec.rb STUNSHELL Web Shell Remote Code Execution 2a60ef2d https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/stunshell_eval.rb STUNSHELL Web Shell Remote Code Execution(PHP eval) dee5835e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/misc/mongod_native_helper.rb MongoDB nativeHelper.apply Instruction Pointer Control 4bcadaab https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/hp_system_management.rb HP System Management anonymous access Code execution 10d9e86b https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/misc/ra1nx_pubcall_exec.rb "Ra1NX" PHP Bot PubCall Authentication Bypass Remote Code Execution d0864072 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/windows/gather/forensics/recovery_files.rb Windows Gather Recovery Files c880a63e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/zenworks_control_center_upload.rb Novell ZENworks Configuration Management Remote Execution 30111e3d https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/local/hp_smhstart.rb HP System Management Homepage Local Privilege Escalation 6a6fa5b3 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/linksys_e1500_apply_exec.rb Linksys E1500/E2500 apply.cgi Remote Command Injection 1b27d395 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/netgear_dgn1000b_up_exec.rb Netgear DGN1000B Command Execution - Upload and Execute 642d8b84 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/netgear_dgn1000b_setup_exec.rb Netgear DGN1000B setup.cgi Remote Command Execution dc17b493 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/hp_imc_faultdownloadservlet_traversal.rb HP Intelligent Management FaultDownloadServlet Directory Traversal 018e1470 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/hp_imc_reportimgservlt_traversal.rb HP Intelligent Management ReportImgServlt Directory Traversal 0b4eab24 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/hp_imc_ictdownloadservlet_traversal.rb HP Intelligent Management IctDownloadServlet Directory Traversal 91b0e5f8 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/netgear_dgn2200b_pppoe_exec.rb Netgear DGN2200B Command Execution - Upload and Execute c8a6dfbd https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/postgres/postgres_dbname_flag_injection.rb PostgreSQL Database Name Command Line Flag Injection f07117fe https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/linksys_wrt54gl_apply_exec.rb Linksys WRT54GL apply.cgi Command Execution 0b9fe539 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/dlink_dir_session_cgi_http_login.rb DLink DIR-300B / DIR-600B / DIR-815 / DIR-645 HTTP Login Utility ecaaaa34 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/dlink_diagnostic_exec_noauth.rb DLink DIR-645 / DIR-815 diagnostic.php Command Execution f4824967 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/adobe_coldfusion_apsb13_03.rb Adobe ColdFusion APSB13-03 32bd812b https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/stagers/android/reverse_tcp.rb Dalvik Reverse TCP Stager 32bd812b https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/stages/android/meterpreter.rb Android Meterpreter 32bd812b https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/stages/android/shell.rb Command Shell 8f76c436 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/sap/sap_configservlet_exec_noauth.rb SAP ConfigServlet OS Command Execution 31586770 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/mediawiki_svg_fileaccess.rb MediaWiki SVG XML Entity Expansion Remote File Access 19f2e72d https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/browser/java_jre17_reflection_types.rb Java Applet Reflection Type Confusion Remote Code Execution cff47771 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/http/sap_configservlet_exec_noauth.rb SAP ConfigServlet OS Command Execution 15b06c43 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/sap/sap_configservlet_exec_noauth.rb SAP ConfigServlet OS Command Execution 2b4144f2 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/groundwork_monarch_cmd_exec.rb GroundWork monarch_scan.cgi OS Command Injection d2e29b84 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/unix/webapp/php_wordpress_total_cache.rb Wordpress W3 Total Cache PHP Code Execution 993356c7 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/gather/apple_safari_webarchive_uxss.rb Apple Safari .webarchive File Format UXSS c7ac647e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/php/phpmyadmin_preg_replace.rb PhpMyAdmin Authenticated Remote Code Execution via preg_replace() 025315e4 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/http/phpmyadmin_preg_replace.rb PhpMyAdmin Authenticated Remote Code Execution via preg_replace() 98dd96c5 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/sap/sap_soap_rfc_rzl_read_dir.rb RZL_READ_DIR_LOCAL (directory listing and SMB relay) 244bf71d https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/sap/sap_soap_rfc_pfl_check_os_file_existence.rb PFL_CHECK_OS_FILE_EXISTENCE (file existence and SMB relay) 902cd7ec https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/sap/sap_soap_rfc_rzl_read_dir.rb SAP SOAP RFC RZL_READ_DIR_LOCAL Directory Contents Listing 6210b429 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/fileformat/audio_coder_m3u.rb AudioCoder .M3U Buffer Overflow c3e9503c https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/tplink_traversal_noauth.rb TP-Link Wireless Lite N Access Point - Directory Traversal Vulnerability a33510e8 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ie_cgenericelement_uaf.rb Microsoft Internet Explorer CGenericElement Object Use-After-Free Vulnerability 66a5eb74 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/dos/sap/sap_soap_rfc_eps_delete_file_smb_relay.rb EPS_DELETE_FILE (File deletion + SMB Relay) 5adc2879 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/dos/sap/sap_soap_rfc_eps_delete_file.rb EPS_DELETE_FILE (File deletion + SMB Relay) 0f2a3fc2 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/dlink_dsl320b_password_extractor.rb DLink DSL 320B Password Extractor 22d85053 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/dlink_dir615_up_exec.rb Dlink DIR615 Command Execution - Upload and Execute 09bf23f4 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rb Linksys WRT160nv2 apply.cgi Remote Command Injection 1fc0bfa1 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/sap/sap_soap_rfc_eps_get_directory_listing.rb EPS_GET_DIRECTORY_LISTING (list directory + SMB Relay) 76f6d9f1 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/sap/sap_soap_rfc_sxpg_call_system_exec.rb SAP /sap/bc/soap/rfc SOAP Service SXPG_CALL_SYSTEM Function Command Execution 5f59d9f7 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/sap/sap_soap_rfc_sxpg_command_exec.rb SAP /sap/bc/soap/rfc SOAP Service SXPG_COMMAND_EXEC Function Command Injection 1aa80cd3 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/fileformat/erdas_er_viewer_bof.rb ERS Viewer 2011 ERS File Handling Buffer Overflow 18ee9af5 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/couchdb/couchdb_enum.rb CouchDB Enum Utility 495f1e50 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/sap/sap_mgmt_con_osexec_payload.rb SAP Management Console OSExecute Payload Execution 60299c2a https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/gather/coldfusion_pwd_props.rb ColdFusion 10 'password.properties' Hash Extraction 58f23731 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/local/kloxo_lxsuexec.rb Kloxo Local Privilege Escalation 357ef001 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/sap/sap_smb_relay.rb SAP /sap/bw/xml/soap/xmla XMLA service (XML DOCTYPE) SMB relay 649a8829 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/mutiny_frontend_read_delete.rb Mutiny 5 Arbitrary File Read and Delete 649a8829 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/mutiny_frontend_upload.rb Mutiny 5 Arbitrary File Upload 4d5c4f68 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/browser/firefox_svg_plugin.rb Firefox Plug-in Privileged Javascript Code Execution 7823df04 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/sap/sap_ctc_verb_tampering_user_mgmt.rb SAP CTC Service Verb Tampering (add user and add role) 85ceaa1a https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/local/adobe_sandbox_adobecollabsync.rb AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass 81b690ae https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/http/nginx_chunked_size.rb Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow e678b2c5 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/ibm_spss_c1sizer.rb IBM SPSS SamplePower C1Tab ActiveX Heap Overflow == Nessus plugins (35) == 66672 nginx_1_5_0.nasl http://nessus.org/plugins/index.php?view=single&id=66672 nginx ngx_http_proxy_module.c Multiple Vulnerabilities 66671 nginx_1_2_9.nasl http://nessus.org/plugins/index.php?view=single&id=66671 nginx ngx_http_proxy_module.c Memory Disclosure 66670 ubuntu_USN-1841-1.nasl http://nessus.org/plugins/index.php?view=single&id=66670 Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : tomcat6, tomcat7 vulnerabilities (USN-1841-1) 66669 ubuntu_USN-1831-2.nasl http://nessus.org/plugins/index.php?view=single&id=66669 Ubuntu 12.10 : nova regression (USN-1831-2) 66668 suse_firefox-20130516-8578.nasl http://nessus.org/plugins/index.php?view=single&id=66668 SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 8578) 66667 suse_11_firefox-20130516-130517.nasl http://nessus.org/plugins/index.php?view=single&id=66667 SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7741) 66666 suse_11_firefox-20130516-130516.nasl http://nessus.org/plugins/index.php?view=single&id=66666 SuSE 11.2 Security Update : Mozilla Firefox (SAT Patch Number 7741) 66665 sl_20130528_tomcat6_on_SL6_x.nasl http://nessus.org/plugins/index.php?view=single&id=66665 Scientific Linux Security Update : tomcat6 on SL6.x (noarch) 66664 sl_20130528_tomcat5_on_SL5_x.nasl http://nessus.org/plugins/index.php?view=single&id=66664 Scientific Linux Security Update : tomcat5 on SL5.x i386/x86_64 66663 sl_20130528_haproxy_on_SL6_x.nasl http://nessus.org/plugins/index.php?view=single&id=66663 Scientific Linux Security Update : haproxy on SL6.x i386/x86_64 66662 redhat-RHSA-2013-0873.nasl http://nessus.org/plugins/index.php?view=single&id=66662 RHEL 4 / 5 / 6 : JBoss EAP (RHSA-2013-0873) 66661 redhat-RHSA-2013-0870.nasl http://nessus.org/plugins/index.php?view=single&id=66661 RHEL 5 : tomcat5 (RHSA-2013-0870) 66660 redhat-RHSA-2013-0869.nasl http://nessus.org/plugins/index.php?view=single&id=66660 RHEL 6 : tomcat6 (RHSA-2013-0869) 66659 redhat-RHSA-2013-0868.nasl http://nessus.org/plugins/index.php?view=single&id=66659 RHEL 6 : haproxy (RHSA-2013-0868) 66658 fedora_2013-9078.nasl http://nessus.org/plugins/index.php?view=single&id=66658 Fedora 19 : libdmx-1.1.2-4.20130524git5074d9d64.fc19 (2013-9078) 66657 fedora_2013-8746.nasl http://nessus.org/plugins/index.php?view=single&id=66657 Fedora 19 : python-backports-ssl_match_hostname-3.2-0.3.a3.fc19 (2013-8746) 66656 fedora_2013-8721.nasl http://nessus.org/plugins/index.php?view=single&id=66656 Fedora 17 : FlightGear-2.6.0-3.fc17 (2013-8721) 66655 fedora_2013-8717.nasl http://nessus.org/plugins/index.php?view=single&id=66655 Fedora 18 : kdelibs3-3.5.10-53.fc18 (2013-8717) 66654 fedora_2013-8705.nasl http://nessus.org/plugins/index.php?view=single&id=66654 Fedora 17 : gypsy-0.9-1.fc17 (2013-8705) 66653 fedora_2013-8703.nasl http://nessus.org/plugins/index.php?view=single&id=66653 Fedora 18 : FlightGear-2.8.0-2.fc18 (2013-8703) 66652 fedora_2013-8702.nasl http://nessus.org/plugins/index.php?view=single&id=66652 Fedora 18 : moodle-2.3.7-1.fc18 (2013-8702) 66651 fedora_2013-8692.nasl http://nessus.org/plugins/index.php?view=single&id=66651 Fedora 17 : moodle-2.2.10-1.fc17 (2013-8692) 66650 fedora_2013-8689.nasl http://nessus.org/plugins/index.php?view=single&id=66650 Fedora 17 : kdelibs3-3.5.10-53.fc17 (2013-8689) 66649 fedora_2013-8687.nasl http://nessus.org/plugins/index.php?view=single&id=66649 Fedora 18 : gypsy-0.9-1.fc18 (2013-8687) 66648 fedora_2013-8681.nasl http://nessus.org/plugins/index.php?view=single&id=66648 Fedora 18 : libvirt-0.10.2.5-1.fc18 (2013-8681) 66647 fedora_2013-8673.nasl http://nessus.org/plugins/index.php?view=single&id=66647 Fedora 19 : python3-3.3.2-2.fc19 (2013-8673) 66646 fedora_2013-8668.nasl http://nessus.org/plugins/index.php?view=single&id=66646 Fedora 19 : moodle-2.4.4-1.fc19 (2013-8668) 66645 fedora_2013-8659.nasl http://nessus.org/plugins/index.php?view=single&id=66645 Fedora 19 : gypsy-0.9-1.fc19 (2013-8659) 66644 fedora_2013-8622.nasl http://nessus.org/plugins/index.php?view=single&id=66644 Fedora 19 : FlightGear-2.10.0-5.fc19 (2013-8622) 66643 fedora_2013-8377.nasl http://nessus.org/plugins/index.php?view=single&id=66643 Fedora 17 : varnish-3.0.3-5.fc17 (2013-8377) 66642 fedora_2013-8370.nasl http://nessus.org/plugins/index.php?view=single&id=66642 Fedora 19 : thunderbird-17.0.6-1.fc19 (2013-8370) 66641 fedora_2013-8338.nasl http://nessus.org/plugins/index.php?view=single&id=66641 Fedora 19 : varnish-3.0.3-5.fc19 (2013-8338) 66640 fedora_2013-7309.nasl http://nessus.org/plugins/index.php?view=single&id=66640 Fedora 18 : gpsd-3.9-1.fc18 (2013-7309) 66639 fedora_2013-7305.nasl http://nessus.org/plugins/index.php?view=single&id=66639 Fedora 17 : gpsd-3.9-1.fc17 (2013-7305) 66638 Slackware_SSA_2013-140-01.nasl http://nessus.org/plugins/index.php?view=single&id=66638 Slackware 13.37 / 14.0 : kernel (SSA:2013-140-01) _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: OpenVAS: 17, MSF: 124, Nessus: 35 New VA Module Alert Service (May 30)