Nmap Development mailing list archives
New VA Modules: MSF: 2, Nessus: 24, OpenVAS: 46
From: New VA Module Alert Service <postmaster () insecure org>
Date: Fri, 25 Oct 2013 10:02:56 +0000 (UTC)
This report describes any new scripts/modules/exploits added to Nmap, Metasploit, Nessus, and OpenVAS since yesterday. == Metasploit modules (2) == b2b8824e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/smb/delete_file.rb SMB File Delete Utility b2b8824e https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/smb/download_file.rb SMB File Download Utility == Nessus plugins (24) == 70590 macosx_server_3_0.nasl http://nessus.org/plugins/index.php?view=single&id=70590 Mac OS X : OS X Server < 3.0 Multiple Vulnerabilities 70589 itunes_11_1_2_banner.nasl http://nessus.org/plugins/index.php?view=single&id=70589 iTunes < 11.1.2 Multiple Vulnerabilities (uncredentialed check) 70588 itunes_11_1_2.nasl http://nessus.org/plugins/index.php?view=single&id=70588 iTunes < 11.1.2 Multiple Vulnerabilities (credentialed check) 70587 tivoli_storage_manager_client_631.nasl http://nessus.org/plugins/index.php?view=single&id=70587 IBM Tivoli Storage Manager Client Local Buffer Overrun 70586 ibm_tem_ldap.nasl http://nessus.org/plugins/index.php?view=single&id=70586 IBM Tivoli Endpoint Manager Server 9.0.777 (patch 2) LDAP and AD Authentication 70585 netgear_readynas_rce.nasl http://nessus.org/plugins/index.php?view=single&id=70585 Netgear ReadyNAS Remote Unauthenticated Command Execution 70584 ubuntu_USN-2005-1.nasl http://nessus.org/plugins/index.php?view=single&id=70584 Ubuntu 13.04 : cinder vulnerabilities (USN-2005-1) 70583 ubuntu_USN-2004-1.nasl http://nessus.org/plugins/index.php?view=single&id=70583 Ubuntu 13.04 : python-glanceclient vulnerability (USN-2004-1) 70582 ubuntu_USN-2003-1.nasl http://nessus.org/plugins/index.php?view=single&id=70582 Ubuntu 12.10 / 13.04 : glance vulnerability (USN-2003-1) 70581 ubuntu_USN-2002-1.nasl http://nessus.org/plugins/index.php?view=single&id=70581 Ubuntu 12.10 / 13.04 : keystone vulnerabilities (USN-2002-1) 70580 ubuntu_USN-2001-1.nasl http://nessus.org/plugins/index.php?view=single&id=70580 Ubuntu 12.04 LTS / 12.10 / 13.04 : swift vulnerability (USN-2001-1) 70579 ubuntu_USN-2000-1.nasl http://nessus.org/plugins/index.php?view=single&id=70579 Ubuntu 12.04 LTS / 12.10 / 13.04 : nova vulnerabilities (USN-2000-1) 70578 sl_20131022_vino_on_SL5_x.nasl http://nessus.org/plugins/index.php?view=single&id=70578 Scientific Linux Security Update : vino on SL5.x, SL6.x i386/x86_64 70577 sl_20131022_kernel_on_SL5_x.nasl http://nessus.org/plugins/index.php?view=single&id=70577 Scientific Linux Security Update : kernel on SL5.x i386/x86_64 70576 sl_20131022_java_1_7_0_openjdk_on_SL6_x.nasl http://nessus.org/plugins/index.php?view=single&id=70576 Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 70575 oraclelinux_ELSA-2013-1449.nasl http://nessus.org/plugins/index.php?view=single&id=70575 Oracle Linux 5 : kernel (ELSA-2013-1449) 70574 oraclelinux_ELSA-2013-1449-1.nasl http://nessus.org/plugins/index.php?view=single&id=70574 Oracle Linux 5 : kernel (ELSA-2013-1449-1) 70573 mandriva_MDVSA-2013-257.nasl http://nessus.org/plugins/index.php?view=single&id=70573 Mandriva Linux Security Advisory : nss (MDVSA-2013:257) 70572 centos_RHSA-2013-1452.nasl http://nessus.org/plugins/index.php?view=single&id=70572 CentOS 5 / 6 : vino (CESA-2013:1452) 70571 centos_RHSA-2013-1451.nasl http://nessus.org/plugins/index.php?view=single&id=70571 CentOS 6 : java-1.7.0-openjdk (CESA-2013:1451) 70570 centos_RHSA-2013-1449.nasl http://nessus.org/plugins/index.php?view=single&id=70570 CentOS 5 : kernel (CESA-2013:1449) 70569 ala_ALAS-2013-233.nasl http://nessus.org/plugins/index.php?view=single&id=70569 Amazon Linux AMI : kernel Multiple Vulnerabilities (ALAS-2013-233) 70568 ala_ALAS-2013-232.nasl http://nessus.org/plugins/index.php?view=single&id=70568 Amazon Linux AMI : xinetd Arbitrary Code Execution (ALAS-2013-232) 70567 ala_ALAS-2013-231.nasl http://nessus.org/plugins/index.php?view=single&id=70567 Amazon Linux AMI : rubygems Denial of Service (ALAS-2013-231) == OpenVAS plugins (46) == r18146 892600 2013/deb_2600.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2600.nasl?root=openvas&view=markup Debian Security Advisory DSA 2600-1 (cups - privilege escalation r18146 892610 2013/deb_2610.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2610.nasl?root=openvas&view=markup Debian Security Advisory DSA 2610-1 (ganglia - arbitrary script execution r18146 892601 2013/deb_2601.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2601.nasl?root=openvas&view=markup Debian Security Advisory DSA 2601-1 (gnupg, gnupg2 - missing input sanitation r18146 892611 2013/deb_2611.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2611.nasl?root=openvas&view=markup Debian Security Advisory DSA 2611-1 (movabletype-opensource - several vulnerabilities r18146 892602 2013/deb_2602.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2602.nasl?root=openvas&view=markup Debian Security Advisory DSA 2602-1 (zendframework - XML external entity inclusion r18146 892620 2013/deb_2620.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2620.nasl?root=openvas&view=markup Debian Security Advisory DSA 2620-1 (rails - several vulnerabilities r18146 892612 2013/deb_2612.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2612.nasl?root=openvas&view=markup Debian Security Advisory DSA 2612-2 (ircd-ratbox - programming error r18146 892603 2013/deb_2603.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2603.nasl?root=openvas&view=markup Debian Security Advisory DSA 2603-1 (emacs23 - programming error r18146 892621 2013/deb_2621.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2621.nasl?root=openvas&view=markup Debian Security Advisory DSA 2621-1 (openssl - several vulnerabilities r18146 892613 2013/deb_2613.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2613.nasl?root=openvas&view=markup Debian Security Advisory DSA 2613-1 (rails - insufficient input validation r18146 892604 2013/deb_2604.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2604.nasl?root=openvas&view=markup Debian Security Advisory DSA 2604-1 (rails - insufficient input validation r18146 892614 2013/deb_2614.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2614.nasl?root=openvas&view=markup Debian Security Advisory DSA 2614-1 (libupnp - several vulnerabilities r18146 892605 2013/deb_2605.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2605.nasl?root=openvas&view=markup Debian Security Advisory DSA 2605-2 (asterisk - several issues r18146 892606 2013/deb_2606.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2606.nasl?root=openvas&view=markup Debian Security Advisory DSA 2606-1 (proftpd-dfsg - symlink race r18146 892615 2013/deb_2615.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2615.nasl?root=openvas&view=markup Debian Security Advisory DSA 2615-1 (libupnp4 - several vulnerabilities r18146 892616 2013/deb_2616.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2616.nasl?root=openvas&view=markup Debian Security Advisory DSA 2616-1 (nagios3 - buffer overflow in CGI scripts r18146 892607 2013/deb_2607.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2607.nasl?root=openvas&view=markup Debian Security Advisory DSA 2607-1 (qemu-kvm - buffer overflow r18146 892617 2013/deb_2617.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2617.nasl?root=openvas&view=markup Debian Security Advisory DSA 2617-1 (samba - several issues r18146 892608 2013/deb_2608.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2608.nasl?root=openvas&view=markup Debian Security Advisory DSA 2608-1 (qemu - buffer overflow r18146 892618 2013/deb_2618.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2618.nasl?root=openvas&view=markup Debian Security Advisory DSA 2618-1 (ircd-hybrid - denial of service r18146 892609 2013/deb_2609.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2609.nasl?root=openvas&view=markup Debian Security Advisory DSA 2609-1 (rails - SQL query manipulation r18146 892619 2013/deb_2619.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2619.nasl?root=openvas&view=markup Debian Security Advisory DSA 2619-1 (xen-qemu-dm-4.0 - buffer overflow r18146 2013/gb_cisco_nx_os_CSCuf49554.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_cisco_nx_os_CSCuf49554.nasl?root=openvas&view=markup Cisco NX-OS Denial of Service Vulnerability r18146 892597 2013/deb_2597.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2597.nasl?root=openvas&view=markup Debian Security Advisory DSA 2597-1 (rails - input validation error r18146 892598 2013/deb_2598.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2598.nasl?root=openvas&view=markup Debian Security Advisory DSA 2598-1 (weechat - several vulnerabilities r18146 892599 2013/deb_2599.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/deb_2599.nasl?root=openvas&view=markup Debian Security Advisory DSA 2599-1 (nss - mis-issued intermediates r18146 2013/gb_siedle_door_controller_default_credentials.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_siedle_door_controller_default_credentials.nasl?root=openvas&view=markup Siedle Door Controller Default Password r18146 2013/gb_teles_multiple_voipbox_default_credentials.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_teles_multiple_voipbox_default_credentials.nasl?root=openvas&view=markup Teles VoIP Devices Default Password r18148 2013/gb_adobe_robohelp_code_exec_vuln_win.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_adobe_robohelp_code_exec_vuln_win.nasl?root=openvas&view=markup Adobe RoboHelp Arbitrary Code Execution Vulnerability (Windows) r18148 gb_adobe_robohelp_detect_win.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/gb_adobe_robohelp_detect_win.nasl?root=openvas&view=markup Adobe RoboHelp Version Detection (Windows) r18148 2013/gb_google_chrome_mult_vuln01_oct13_lin.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_google_chrome_mult_vuln01_oct13_lin.nasl?root=openvas&view=markup Google Chrome Multiple Vulnerabilities-01 Oct2013 (Linux) r18148 2013/gb_adobe_acrobat_remote_code_vuln_win.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_adobe_acrobat_remote_code_vuln_win.nasl?root=openvas&view=markup Adobe Acrobat Remote Code Execution Vulnerability(Win) r18148 2013/gb_wordpress_videowall_xss_vuln.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_wordpress_videowall_xss_vuln.nasl?root=openvas&view=markup WordPress Videowall Plugin Cross Site Scripting Vulnerability r18148 2013/secpod_ms_office_services_ms13-067.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/secpod_ms_office_services_ms13-067.nasl?root=openvas&view=markup Microsoft Office Services Remote Code Execution vulnerability (2834052) r18148 2013/gb_wordpress_dhtmlxspreadsheet_xss_vuln.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_wordpress_dhtmlxspreadsheet_xss_vuln.nasl?root=openvas&view=markup WordPress dhtmlxspreadsheet Plugin Cross Site Scripting Vulnerability r18148 2013/gb_google_chrome_mult_vuln01_oct13_macosx.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_google_chrome_mult_vuln01_oct13_macosx.nasl?root=openvas&view=markup Google Chrome Multiple Vulnerabilities-01 Oct2013 (Mac OS X) r18148 2013/gb_elitecms_xss_n_sql_inj_vuln.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_elitecms_xss_n_sql_inj_vuln.nasl?root=openvas&view=markup Elite Graphix ElitCMS Cross Site Scripting and SQL Injection Vulnerabilities r18148 2013/gb_vlc_media_player_mp4a_vuln_dos_macosx.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_vlc_media_player_mp4a_vuln_dos_macosx.nasl?root=openvas&view=markup VLC Media Player mp4a Denial of Service Vulnerability (MAC OS X) r18148 2013/secpod_sharepoint_foundation_ms13-067.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/secpod_sharepoint_foundation_ms13-067.nasl?root=openvas&view=markup Microsoft SharePoint Foundation Remote Code Execution vulnerability (2834052) r18148 2013/secpod_sharepoint_server_ms13-067.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/secpod_sharepoint_server_ms13-067.nasl?root=openvas&view=markup Microsoft SharePoint Server Remote Code Execution vulnerability (2834052) r18148 2013/gb_google_chrome_mult_vuln01_oct13_win.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_google_chrome_mult_vuln01_oct13_win.nasl?root=openvas&view=markup Google Chrome Multiple Vulnerabilities-01 Oct2013 (Windows) r18148 2013/gb_vlc_media_player_mp4a_vuln_dos_win.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_vlc_media_player_mp4a_vuln_dos_win.nasl?root=openvas&view=markup VLC Media Player mp4a Denial of Service Vulnerability (Windows) r18148 2013/gb_oracle_portaldemo_orgchart_sql_inj_vuln.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_oracle_portaldemo_orgchart_sql_inj_vuln.nasl?root=openvas&view=markup Oracle Portal Demo Organization Chart SQL Injection Vulnerability r18148 2013/secpod_ms_office_web_apps_ms13-067.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/secpod_ms_office_web_apps_ms13-067.nasl?root=openvas&view=markup Microsoft Office Web Apps Remote Code Execution vulnerability (2834052) r18148 2013/gb_icy_phoenix_mult_xss_vuln.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_icy_phoenix_mult_xss_vuln.nasl?root=openvas&view=markup Icy Phoenix Multiple Cross-Site Scripting Vulnerability r18148 2013/gb_adobe_reader_remote_code_vuln_win.nasl http://wald.intevation.org/scm/viewvc.php/trunk/openvas-plugins/scripts/2013/gb_adobe_reader_remote_code_vuln_win.nasl?root=openvas&view=markup Adobe Reader Remote Code Execution Vulnerability(Win) _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: MSF: 2, Nessus: 24, OpenVAS: 46 New VA Module Alert Service (Oct 25)