Nmap Development mailing list archives
New VA Modules: MSF: 5, Nessus: 54, OpenVAS: 1
From: New VA Module Alert Service <postmaster () insecure org>
Date: Fri, 26 Sep 2014 10:00:21 +0000 (UTC)
This report describes any new scripts/modules/exploits added to Nmap, Metasploit, Nessus, and OpenVAS since yesterday. == Metasploit modules (5) == e2ef9271 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/advantech_webaccess_dvs_getcolor.rb Advantech WebAccess dvs.ocx GetColor Buffer Overflow ca63fe93 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/bash_env.rb Bash Specially-Crafted Environment Variables Code Injection Attack (PoC) b2555408 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/admin/http/apache_mod_cgi_bash_env.rb Bash Specially-Crafted Environment Variables Code Injection Attack via Apache mod_cgi 99da9507 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/osx/local/vmware_bash_function_root.rb Mac OS X VMWare Fusion Root Privilege Escalation Exploit a600a065 https://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/auxiliary/scanner/http/apache_mod_cgi_bash_env.rb Apache mod_cgi Bash Environment Variable Code Injection == Nessus plugins (54) == 77876 fedora_2014-11503.nasl http://nessus.org/plugins/index.php?view=single&id=77876 Fedora 19 : bash-4.2.47-2.fc19 (2014-11503) 77875 fedora_2014-11441.nasl http://nessus.org/plugins/index.php?view=single&id=77875 Fedora 20 : wireshark-1.10.10-1.fc20 (2014-11441) 77874 fedora_2014-11360.nasl http://nessus.org/plugins/index.php?view=single&id=77874 Fedora 20 : bash-4.2.47-4.fc20 (2014-11360) 77873 fedora_2014-10989.nasl http://nessus.org/plugins/index.php?view=single&id=77873 Fedora 19 : phpMyAdmin-4.2.8.1-2.fc19 (2014-10989) 77872 fedora_2014-10981.nasl http://nessus.org/plugins/index.php?view=single&id=77872 Fedora 20 : phpMyAdmin-4.2.8.1-2.fc20 (2014-10981) 77871 fedora_2014-10802.nasl http://nessus.org/plugins/index.php?view=single&id=77871 Fedora 20 : moodle-2.5.8-1.fc20 (2014-10802) 77870 fedora_2014-10746.nasl http://nessus.org/plugins/index.php?view=single&id=77870 Fedora 19 : not-yet-commons-ssl-0.3.15-2.fc19 (2014-10746) 77869 fedora_2014-10729.nasl http://nessus.org/plugins/index.php?view=single&id=77869 Fedora 20 : not-yet-commons-ssl-0.3.15-2.fc20 (2014-10729) 77868 fedora_2014-10649.nasl http://nessus.org/plugins/index.php?view=single&id=77868 Fedora 19 : xerces-j2-2.11.0-15.fc19 (2014-10649) 77867 fedora_2014-10626.nasl http://nessus.org/plugins/index.php?view=single&id=77867 Fedora 20 : xerces-j2-2.11.0-17.fc20 (2014-10626) 77866 fedora_2014-10359.nasl http://nessus.org/plugins/index.php?view=single&id=77866 Fedora 19 : procmail-3.22-36.fc19 (2014-10359) 77865 sl_20140924_bash_on_SL5_x.nasl http://nessus.org/plugins/index.php?view=single&id=77865 Scientific Linux Security Update : bash on SL5.x, SL6.x i386/x86_64 77864 emc_documentum_content_server_ESA-2014-091.nasl http://nessus.org/plugins/index.php?view=single&id=77864 EMC Documentum Content Server Multiple Privilege Escalation Vulnerabilities (ESA-2014-091) 77863 macosx_xcode_6_0_1.nasl http://nessus.org/plugins/index.php?view=single&id=77863 Apple Xcode < 6.0.1 (Mac OS X) 77862 macosx_google_chrome_37_0_2062_124.nasl http://nessus.org/plugins/index.php?view=single&id=77862 Google Chrome < 37.0.2062.124 Multiple Vulnerabilities (Mac OS X) 77861 google_chrome_37_0_2062_124.nasl http://nessus.org/plugins/index.php?view=single&id=77861 Google Chrome < 37.0.2062.124 Multiple Vulnerabilities 77860 joomla_334.nasl http://nessus.org/plugins/index.php?view=single&id=77860 Joomla! 2.5.x < 2.5.25 / 3.x < 3.2.5 / 3.3.x < 3.3.4 Multiple Vulnerabilities 77859 asterisk_ast_2014_010.nasl http://nessus.org/plugins/index.php?view=single&id=77859 Asterisk ReceiveFax Dialplan Application Remote DoS (AST-2014-010) 77858 asterisk_ast_2014_009.nasl http://nessus.org/plugins/index.php?view=single&id=77858 Asterisk PJSIP Channel Driver DoS (AST-2014-009) 77857 bash_remote_code_execution_telnet.nasl http://nessus.org/plugins/index.php?view=single&id=77857 GNU Bash Local Environment Variable Handling Command Injection via Telnet (Shellshock) (CVE-2014-7169) 77856 silver_peak_vx_6_2_4.nasl http://nessus.org/plugins/index.php?view=single&id=77856 Silver Peak VX < 6.2.4 XSS 77855 silver_peak_vx_default_creds.nasl http://nessus.org/plugins/index.php?view=single&id=77855 Silver Peak VX Default Credentials 77854 ubuntu_USN-2362-1.nasl http://nessus.org/plugins/index.php?view=single&id=77854 Ubuntu 10.04 LTS / 12.04 LTS / 14.04 : bash vulnerability (USN-2362-1) 77853 ubuntu_USN-2361-1.nasl http://nessus.org/plugins/index.php?view=single&id=77853 Ubuntu 10.04 LTS / 12.04 LTS / 14.04 : nss vulnerability (USN-2361-1) 77852 ubuntu_USN-2360-2.nasl http://nessus.org/plugins/index.php?view=single&id=77852 Ubuntu 12.04 LTS / 14.04 : thunderbird vulnerabilities (USN-2360-2) 77851 ubuntu_USN-2360-1.nasl http://nessus.org/plugins/index.php?view=single&id=77851 Ubuntu 12.04 LTS / 14.04 : firefox vulnerabilities (USN-2360-1) 77850 suse_11_bash-140919.nasl http://nessus.org/plugins/index.php?view=single&id=77850 SuSE 11.3 Security Update : bash (SAT Patch Number 9740) 77849 oraclelinux_ELSA-2014-1294.nasl http://nessus.org/plugins/index.php?view=single&id=77849 Oracle Linux 4 : bash (ELSA-2014-1294) 77848 oraclelinux_ELSA-2014-1293.nasl http://nessus.org/plugins/index.php?view=single&id=77848 Oracle Linux 5 / 6 / 7 : bash (ELSA-2014-1293) 77847 oraclelinux_ELSA-2014-1292.nasl http://nessus.org/plugins/index.php?view=single&id=77847 Oracle Linux 7 : haproxy (ELSA-2014-1292) 77846 openSUSE-2014-559.nasl http://nessus.org/plugins/index.php?view=single&id=77846 openSUSE Security Update : bash (openSUSE-2014-559) 77845 openSUSE-2014-558.nasl http://nessus.org/plugins/index.php?view=single&id=77845 openSUSE Security Update : dbus-1 (openSUSE-2014-558) 77844 openSUSE-2014-552.nasl http://nessus.org/plugins/index.php?view=single&id=77844 openSUSE Security Update : geary (openSUSE-2014-552) 77843 mandriva_MDVSA-2014-186.nasl http://nessus.org/plugins/index.php?view=single&id=77843 Mandriva Linux Security Advisory : bash (MDVSA-2014:186) 77842 mandriva_MDVSA-2014-185.nasl http://nessus.org/plugins/index.php?view=single&id=77842 Mandriva Linux Security Advisory : libgadu (MDVSA-2014:185) 77841 mandriva_MDVSA-2014-184.nasl http://nessus.org/plugins/index.php?view=single&id=77841 Mandriva Linux Security Advisory : net-snmp (MDVSA-2014:184) 77840 mandriva_MDVSA-2014-183.nasl http://nessus.org/plugins/index.php?view=single&id=77840 Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2014:183) 77839 mandriva_MDVSA-2014-182.nasl http://nessus.org/plugins/index.php?view=single&id=77839 Mandriva Linux Security Advisory : zarafa (MDVSA-2014:182) 77838 mandriva_MDVSA-2014-181.nasl http://nessus.org/plugins/index.php?view=single&id=77838 Mandriva Linux Security Advisory : dump (MDVSA-2014:181) 77837 freebsd_pkg_fb25333d442f11e498f35453ed2e2b49.nasl http://nessus.org/plugins/index.php?view=single&id=77837 FreeBSD : krfb -- Multiple security issues in bundled libvncserver (fb25333d-442f-11e4-98f3-5453ed2e2b49) 77836 freebsd_pkg_71ad81da441411e4a33e3c970e169bc2.nasl http://nessus.org/plugins/index.php?view=single&id=77836 FreeBSD : bash -- remote code execution vulnerability (71ad81da-4414-11e4-a33e-3c970e169bc2) 77835 centos_RHSA-2014-1293.nasl http://nessus.org/plugins/index.php?view=single&id=77835 CentOS 5 / 6 / 7 : bash (CESA-2014:1293) 77834 centos_RHSA-2014-1292.nasl http://nessus.org/plugins/index.php?view=single&id=77834 CentOS 7 : haproxy (CESA-2014:1292) 77833 Slackware_SSA_2014-267-02.nasl http://nessus.org/plugins/index.php?view=single&id=77833 Slackware 14.0 / 14.1 / current : mozilla-nss (SSA:2014-267-02) 77832 Slackware_SSA_2014-267-01.nasl http://nessus.org/plugins/index.php?view=single&id=77832 Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : bash (SSA:2014-267-01) 77829 bash_cve_2014_6271_rce.nasl http://nessus.org/plugins/index.php?view=single&id=77829 GNU Bash Environment Variable Handling Code Injection (Shellshock) 77828 redhat-RHSA-2014-1293.nasl http://nessus.org/plugins/index.php?view=single&id=77828 RHEL 5 / 6 / 7 : bash (RHSA-2014:1293) 77827 redhat-RHSA-2014-1286.nasl http://nessus.org/plugins/index.php?view=single&id=77827 RHEL 5 : JBoss EAP (RHSA-2014:1286) 77826 redhat-RHSA-2014-1285.nasl http://nessus.org/plugins/index.php?view=single&id=77826 RHEL 6 : JBoss EAP (RHSA-2014:1285) 77825 debian_DSA-3032.nasl http://nessus.org/plugins/index.php?view=single&id=77825 Debian DSA-3032-1 : bash - security update 77824 debian_DSA-3031.nasl http://nessus.org/plugins/index.php?view=single&id=77824 Debian DSA-3031-1 : apt - security update 77823 bash_remote_code_execution.nasl http://nessus.org/plugins/index.php?view=single&id=77823 Bash Remote Code Execution (Shellshock) silver_peak_nx_detect.nbin silver_peak_vx_detect.nbin == OpenVAS plugins (1) == r705 gb_bash_shellshock_remote_cmd_exec_vuln.nasl https://wald.intevation.org/scm/viewvco.php/scripts/gb_bash_shellshock_remote_cmd_exec_vuln.nasl?root=openvas-nvts&view=markup GNU Bash Environment Variable Handling Shell Remote Command Execution Vulnerability _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- New VA Modules: MSF: 5, Nessus: 54, OpenVAS: 1 New VA Module Alert Service (Sep 26)