Nmap Development mailing list archives
New VA Modules: NSE: 3, MSF: 2, Nessus: 10, OpenVAS: 9
From: New VA Module Alert Service <postmaster () insecure org>
Date: Thu, 14 Aug 2014 10:00:45 +0000 (UTC)
This report describes any new scripts/modules/exploits added to Nmap, Metasploit, Nessus, and OpenVAS since yesterday. == Nmap Scripting Engine scripts (3) == r33514 ssh-brute http://nmap.org/nsedoc/scripts/ssh-brute.html https://svn.nmap.org/nmap/scripts/ssh-brute.nse Author: Devin Bjelland Performs brute-force password guessing against ssh servers. r33514 ssh-auth-methods http://nmap.org/nsedoc/scripts/ssh-auth-methods.html https://svn.nmap.org/nmap/scripts/ssh-auth-methods.nse Author: Devin Bjelland Returns authenication methods a ssh server supports. r33514 ssh-vuln-hostkey http://nmap.org/nsedoc/scripts/ssh-vuln-hostkey.html https://svn.nmap.org/nmap/scripts/ssh-vuln-hostkey.nse Author: Devin Bjelland Checks if ssh server has a predictable hostkey by checking it against a list of fingerprints generated by HD Moore. You have to download these hostkeys separately and specify their directory as the fingerprintdir variable. The keys are available at http://itsecurity.net/debian_ssh_scan_v4.tar.bz2. Additionally, you can specify a file ssh hostkey fingerprints, one per line, and the scripts will report if the hostkey matches one of the provided fingerprints. == Metasploit modules (2) == cef2c257 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/local/vbox_guest.rb VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation da4b572a https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/local/virtual_box_guest_additions.rb VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation == Nessus plugins (10) == 77186 drupal_7_31.nasl http://nessus.org/plugins/index.php?view=single&id=77186 Drupal 6.x < 6.33 / 7.x < 7.31 XML-RPC DoS 77185 macosx_google_chrome_36_0_1985_143.nasl http://nessus.org/plugins/index.php?view=single&id=77185 Google Chrome < 36.0.1985.143 Multiple Vulnerabilities (Mac OS X) 77184 google_chrome_36_0_1985_143.nasl http://nessus.org/plugins/index.php?view=single&id=77184 Google Chrome < 36.0.1985.143 Multiple Vulnerabilities 77183 mediawiki_1_23_2.nasl http://nessus.org/plugins/index.php?view=single&id=77183 MediaWiki < 1.19.18 / 1.22.9 / 1.23.2 Multiple Vulnerabilities 77182 stunnel_5_03.nasl http://nessus.org/plugins/index.php?view=single&id=77182 stunnel < 5.03 OpenSSL Multiple Vulnerabilities 77181 ubuntu_USN-2312-1.nasl http://nessus.org/plugins/index.php?view=single&id=77181 Ubuntu 10.04 LTS / 12.04 LTS : openjdk-6 vulnerabilities (USN-2312-1) 77180 suse_11_python-201408-140728.nasl http://nessus.org/plugins/index.php?view=single&id=77180 SuSE 11.3 Security Update : Python (SAT Patch Number 9581) 77179 suse_11_libpulse-browse0-140729.nasl http://nessus.org/plugins/index.php?view=single&id=77179 SuSE 11.3 Security Update : pulseaudio (SAT Patch Number 9568) 77178 redhat-RHSA-2014-1040.nasl http://nessus.org/plugins/index.php?view=single&id=77178 RHEL 5 / 6 : JBoss EAP (RHSA-2014:1040) 77177 openSUSE-2014-493.nasl http://nessus.org/plugins/index.php?view=single&id=77177 openSUSE Security Update : kernel (openSUSE-SU-2014:0985-1) == OpenVAS plugins (9) == r610 2014/gb_ms14-050.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-050.nasl?root=openvas-nvts&view=markup Microsoft SharePoint Server and Foundation Privilege Escalation Vulnerability r610 2014/gb_ms14-051.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-051.nasl?root=openvas-nvts&view=markup Microsoft Internet Explorer Multiple Vulnerabilities (2976627) r610 2014/gb_ms14-043.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-043.nasl?root=openvas-nvts&view=markup Microsoft Windows Media Center Remote Code Execution Vulnerability (2978742) r610 2014/gb_ms14-044.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-044.nasl?root=openvas-nvts&view=markup Microsoft SQL Server Elevation of Privilege Vulnerability (2984340) r610 2014/gb_ms14-045.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-045.nasl?root=openvas-nvts&view=markup MS Windows Kernel-Mode Drivers Privilege Escalation Vulnerabilities (2984615) r610 2014/gb_ms14-046.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-046.nasl?root=openvas-nvts&view=markup Microsoft .NET Framework Security Bypass Vulnerability (2984625) r610 2014/gb_ms14-047.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-047.nasl?root=openvas-nvts&view=markup Microsoft Windows RPC Security Feature Bypass Vulnerability (2978668) r610 2014/gb_ms14-048.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-048.nasl?root=openvas-nvts&view=markup Microsoft OneNote Remote Code Execution Vulnerability (2977201) r610 2014/gb_ms14-049.nasl https://wald.intevation.org/scm/viewvco.php/scripts/2014/gb_ms14-049.nasl?root=openvas-nvts&view=markup Microsoft Windows Installer Service Privilege Escalation Vulnerarbility (2962490) _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: NSE: 3, MSF: 2, Nessus: 10, OpenVAS: 9 New VA Module Alert Service (Aug 14)