Nmap Development mailing list archives
New VA Modules: MSF: 6, OpenVAS: 49
From: New VA Module Alert Service <postmaster () insecure org>
Date: Sun, 12 Jan 2014 10:03:12 +0000 (UTC)
This report describes any new scripts/modules/exploits added to Nmap, Metasploit, Nessus, and OpenVAS since yesterday. == Metasploit modules (6) == 821aa47d https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/firefox/shell_bind_tcp.rb Command Shell, Bind TCP (via Firefox XPCOM script) 821aa47d https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/firefox/shell_reverse_tcp.rb Command Shell, Reverse TCP (via Firefox XPCOM script) a5ebdce2 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/firefox/exec.rb Firefox XPCOM execute command b9c46cde https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/firefox/gather/xss.rb Firefox XSS a0879b39 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/payloads/singles/linux/mipsbe/shell_bind_tcp.rb Linux Command Shell, Bind TCP Inline 130a99f5 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/post/multi/gather/check_malware.rb Multi Gather Malware Verifier == OpenVAS plugins (49) == r186 gb_typo3_detect.nasl https://wald.intevation.org/scm/viewvco.php/scripts/gb_typo3_detect.nasl?root=openvas-nvts&view=markup TYPO3 Detection r186 2014/gb_typo3_extbase_hmac_unserialization_weakness.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_extbase_hmac_unserialization_weakness.nasl?root=openvas-nvts&view=markup TYPO3 Extbase HMAC Unserialization Weakness r186 2014/gb_typo3_mult_vuln_aug_12.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_aug_12.nasl?root=openvas-nvts&view=markup TYPO3 Multiple Vulnerabilities Aug12 r186 2014/gb_typo3_flowplayer_xss_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_flowplayer_xss_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Flowplayer Cross Site Scripting Vulnerability r186 2014/gb_typo3_mult_vuln_mar_12.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_mar_12.nasl?root=openvas-nvts&view=markup TYPO3 Multiple Vulnerabilities Mar12 r186 2014/gb_typo3_debugscript_info_disclosure_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_debugscript_info_disclosure_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Debug Script Information Disclosure Vulnerability r186 2014/gb_typo3_backend_username_disclosure_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_backend_username_disclosure_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Backend Username Disclosure Vulnerability r186 2014/gb_typo3_file_backend_xss_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_file_backend_xss_vuln.nasl?root=openvas-nvts&view=markup TYPO3 File Backend Cross Site Scripting Vulnerability r186 2014/gb_typo3_backend_editor_info_disclosure.vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_backend_editor_info_disclosure.vuln.nasl?root=openvas-nvts&view=markup TYPO3 Backend Editor Information Disclosure Vulnerability r186 2014/gb_typo3_indexed_search_sql_inj_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_indexed_search_sql_inj_vuln.nasl?root=openvas-nvts&view=markup TYPO3 indexed_search SQL Injection Vulnerability r186 2014/gb_typo3_dafault_admin_cred_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_dafault_admin_cred_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Default Admin Credentials r186 2014/gb_typo3_mult_vuln_oct_10.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_oct_10.nasl?root=openvas-nvts&view=markup TYPO3 Multiple Vulnerabilities Oct10 r186 2014/gb_typo3_frontend_open_redirection_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_frontend_open_redirection_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Frontend Open Redirection Vulnerability r186 2014/gb_typo3_exception_handler_xss_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_exception_handler_xss_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Exception Handler Cross Site Scripting Vulnerability r186 2014/gb_typo3_jumpurl_file_disclosure_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_jumpurl_file_disclosure_vuln.nasl?root=openvas-nvts&view=markup TYPO3 jumpUrl File Disclosure Vulnerability r186 2014/gb_typo3_exdirect_access_cntrl_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_exdirect_access_cntrl_vuln.nasl?root=openvas-nvts&view=markup TYPO3 ExtDirect Missing Access Control Vulnerability r186 2014/gb_typo3_feuser_adminlib_auth_bypass_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_feuser_adminlib_auth_bypass_vuln.nasl?root=openvas-nvts&view=markup TYPO3 feuser_adminLib Authorization Bypass Vulnerability r186 2014/gb_typo3_mult_direct_req_path_disclosure_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_direct_req_path_disclosure_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Multiple Direct Request Path Disclosure Vulnerability r186 2014/gb_typo3_mult_vuln_jul_10.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_jul_10.nasl?root=openvas-nvts&view=markup TYPO3 Multiple Vulnerabilities Jul13 r186 2014/gb_typo3_backend_open_redirection_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_backend_open_redirection_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Backend Open Redirection Vulnerability r186 2014/gb_typo3_mult_vuln_dec_13.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_dec_13.nasl?root=openvas-nvts&view=markup TYPO3 Multiple Vulnerabilities Dec13 r186 2014/gb_typo3_fal_mult_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_fal_mult_vuln.nasl?root=openvas-nvts&view=markup TYPO3 File Abstraction Layer Multiple Vulnerabilities r186 2014/gb_typo3_mult_indexed_search_xss_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_indexed_search_xss_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Indexed Search Cross Site Scripting Vulnerability r186 2014/gb_typo3_mult_vuln_nov_12.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_nov_12.nasl?root=openvas-nvts&view=markup TYPO3 Multiple Vulnerabilities Nov12 r186 2014/gb_typo3_unspecified_sql_inj_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_unspecified_sql_inj_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Unspecified SQL Injection Vulnerability r186 2014/gb_typo3_chash_parsing_dos_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_chash_parsing_dos_vuln.nasl?root=openvas-nvts&view=markup TYPO3 CHash Parsing Denial of Service Vulnerability r186 2014/gb_typo3_felogin_xss_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_felogin_xss_vuln.nasl?root=openvas-nvts&view=markup TYPO3 felogin Cross Site Scripting Vulnerability r186 2014/gb_typo3_file_upload_xss_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_file_upload_xss_vuln.nasl?root=openvas-nvts&view=markup TYPO3 File Upload Cross Site Scripting Vulnerabilities r186 2014/gb_typo3_openid_auth_bypass_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_openid_auth_bypass_vuln.nasl?root=openvas-nvts&view=markup TYPO3 OpenID Authentication Bypass Vulnerability r186 2014/gb_typo3_mult_vuln_jan_09.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_jan_09.nasl?root=openvas-nvts&view=markup TYPO3 Multiple Vulnerabilities Jan09 r186 2014/gb_typo3_backend_unspecified_csrf_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_backend_unspecified_csrf_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Backend Unspecified CSRF Vulnerability r186 2014/gb_typo3_mult_vuln_mar_13.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_mar_13.nasl?root=openvas-nvts&view=markup TYPO3 Multiple Vulnerabilities Mar13 r186 2014/gb_typo3_autoloader_cmd_exec_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_autoloader_cmd_exec_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Autoloader Command Execution Vulnerability r186 2014/gb_typo3_ext_manager_xss_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_ext_manager_xss_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Extension Manager Cross Site Scripting Vulnerability r186 2014/gb_typo3_mail_header_inj_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mail_header_inj_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Mail Header Injection Vulnerability r186 2014/gb_typo3_mult_vuln_dec_10.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_dec_10.nasl?root=openvas-nvts&view=markup TYPO3 Multiple Vulnerabilities Dec10 r186 2014/gb_typo3_mult_vuln_feb_10.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_feb_10.nasl?root=openvas-nvts&view=markup TYPO3 Multiple Vulnerabilities Feb10 r186 2014/gb_typo3_felogin_sys_ext_xss_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_felogin_sys_ext_xss_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Felogin System Extension Cross Site Scripting Vulnerability r186 2014/gb_typo3_mult_vuln_oct_09.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mult_vuln_oct_09.nasl?root=openvas-nvts&view=markup TYPO3 Multiple Vulnerabilities Oct09 r186 2014/gb_typo3_swfupload_moviename_xss_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_swfupload_moviename_xss_vuln.nasl?root=openvas-nvts&view=markup TYPO3 SWFUpload movieName Cross Site Scripting Vulnerability r186 2014/gb_typo3_mailforms_arbitrary_mail_relay.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_mailforms_arbitrary_mail_relay.nasl?root=openvas-nvts&view=markup TYPO3 mailforms Unspecified Arbitrary Mail Relay Vulnerability r186 2014/gb_typo3_bck_user_admin_xss_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_bck_user_admin_xss_vuln.nasl?root=openvas-nvts&view=markup TYPO3 Backend User Administration Cross Site Scripting Vulnerability r186 2014/gb_typo3_useruid_cmd_exe_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_useruid_cmd_exe_vuln.nasl?root=openvas-nvts&view=markup TYPO3 userUid Command Execution Vulnerability r186 2014/gb_typo3_file_abstraction_code_exec_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_typo3_file_abstraction_code_exec_vuln.nasl?root=openvas-nvts&view=markup TYPO3 File Abstraction Code Execution Vulnerability r187 803791 2014/gb_blogengine_net_info_disc_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_blogengine_net_info_disc_vuln.nasl?root=openvas-nvts&view=markup BlogEngine.NET 'sioc.axd' Information Disclosure Vulnerability r187 2014/gb_joomla_lang_parm_xss_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_joomla_lang_parm_xss_vuln.nasl?root=openvas-nvts&view=markup Joomla! 'lang' Parameter Reflected Cross Site Scripting Vulnerability r187 2014/gb_wordpress_dewplayer_dir_trav_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_wordpress_dewplayer_dir_trav_vuln.nasl?root=openvas-nvts&view=markup WordPress Advanced Dewplayer 'dew_file' Directory Traversal Vulnerability r187 2014/gb_wordpress_wp_members_mult_xss_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_wordpress_wp_members_mult_xss_vuln.nasl?root=openvas-nvts&view=markup WordPress WP-Members Multiple Cross Site Scripting Vulnerabilities r187 2014/gb_phpmyrecipes_mult_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_phpmyrecipes_mult_vuln.nasl?root=openvas-nvts&view=markup phpMyRecipes Multiple Vulnerabilities _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: MSF: 6, OpenVAS: 49 New VA Module Alert Service (Jan 12)