New VA Modules: MSF: 8, Nessus: 15, OpenVAS: 1

[New VA Module Alert Service <postmaster () insecure org>]

This report describes any new scripts/modules/exploits added to Nmap,
Metasploit, Nessus, and OpenVAS since yesterday.

== Metasploit modules (8) ==

0e248c1a 
https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/osx/manage/sudo_password_bypass.rb
Mac OS 10.8-10.8.3 Sudo Password Bypass

ff6ad30b 
https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/mozilla_firefox_xmlserializer.rb
Firefox XMLSerializer Use After Free

413474f4 
https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/osx/local/sudo_password_bypass.rb
Mac OS 10.8-10.8.2 Sudo Password Bypass

140d8ae4 
https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/linksys_phish_password_change_csrf.rb

140d8ae4 
https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/multi/browser/plugin_spoof_update.rb
Browser Plugin Download Spoof

140d8ae4 
https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/cmd/unix/reverse_js_ssl.rb
Unix Command Shell, Reverse TCP SSL (via JS)

140d8ae4 
https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/osx/manage/upgrade_to_java_meterpreter.rb
OSX Upgrade to Java Meterpreter

63786f9e 
https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/linux/local/vmware_mount.rb
VMWare Setuid vmware-mount Unsafe popen

== Nessus plugins (15) ==

69482 mssql_starttls.nasl
http://nessus.org/plugins/index.php?view=single&id=69482
Microsoft SQL Server STARTTLS Support

69481 cisco-CSCtj17451-nxos.nasl
http://nessus.org/plugins/index.php?view=single&id=69481
Cisco Nexus 1000V VEM DoS (CSCtj17451)

69480 hp_laserjet_hpsbpi02575_directory_traversal.nasl
http://nessus.org/plugins/index.php?view=single&id=69480
HP LaserJet PJL Interface Directory Traversal (HPSBPI02575)

69479 oracle_webcenter_content_jul_2013_cpu.nasl
http://nessus.org/plugins/index.php?view=single&id=69479
Oracle WebCenter Content, July 2013 Critical Patch Update

69478 oracle_webcenter_content_apr_2013_cpu.nasl
http://nessus.org/plugins/index.php?view=single&id=69478
Oracle WebCenter Content, April 2013 Critical Patch Update

69477 groupwise_client_803_hp3.nasl
http://nessus.org/plugins/index.php?view=single&id=69477
Novell GroupWise Client 8.x < 8.0.3 Hot Patch 3 / 2012.x < 2012 SP2 XSS

69476 filezilla_372.nasl
http://nessus.org/plugins/index.php?view=single&id=69476
FileZilla Client < 3.7.2 SFTP Integer Overflow

69475 filezilla_client_installed.nasl
http://nessus.org/plugins/index.php?view=single&id=69475
FileZilla Client Installed

69474 suse_11_apache2-130730.nasl
http://nessus.org/plugins/index.php?view=single&id=69474
SuSE 11.2 / 11.3 Security Update : Apache2 (SAT Patch Numbers 8137 /
8138)

69473 debian_DSA-2742.nasl
http://nessus.org/plugins/index.php?view=single&id=69473
Debian DSA-2742-1 : php5 - interpretation conflict

69446 arcsight_logger_installed_linux.nasl
http://nessus.org/plugins/index.php?view=single&id=69446
ArcSight Logger Installed (Linux)

69445 arcsight_logger_http_detect.nasl
http://nessus.org/plugins/index.php?view=single&id=69445
HP ArcSight Logger HTTP Detection

69444 arcsight_logger_5_3_local.nasl
http://nessus.org/plugins/index.php?view=single&id=69444
HP ArcSight Logger < 5.3 Multiple Vulnerabilities (credentialed check)

69443 account_root_arcsight.nasl
http://nessus.org/plugins/index.php?view=single&id=69443
Default Password (arcsight) for 'root' Account

mssql_ssrp.inc

== OpenVAS plugins (1) ==

r17495 gb_sun_oracle_ilo_detect.nasl
http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_sun_oracle_ilo_detect.nasl?root=openvas&view=markup
Sun/Oracle Integrated Lights Out Manager Detection
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/