diff --git a/CHANGELOG b/CHANGELOG index 29b3f8c09..98cdca2de 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -47,7 +47,7 @@ o Integrated all of your service/version detection fingerprints submitted from telnet, and ftp to jute, bgp, and slurm. Highlights: http://seclists.org/nmap-dev/2015/q2/171 [Daniel Miller] -o [NSE] Added 23 NSE scripts from 16 authors, bringing the total up to 493. +o [NSE] Added 24 NSE scripts from 17 authors, bringing the total up to 494. They are all listed at http://nmap.org/nsedoc/, and the summaries are below (authors are listed in brackets): @@ -87,6 +87,10 @@ o [NSE] Added 23 NSE scripts from 16 authors, bringing the total up to 493. + http-vuln-cve2015-1635 detects Microsoft Windows systems vulnerable to MS15-034. [Paulino Calderon] + + http-vuln-misfortune-cookie detects the "Misfortune Cookie" vulnerability + in Allegro RomPager 4.07, commonly used in SOHO routers for TR-069 access. + [Andrew Orr] + + http-wordpress-plugins was renamed http-wordpress-enum and extended to enumerate both plugins and themes of Wordpress installations and their versions. http-wordpress-enum is now http-wordpress-users. [Paulino Calderon] diff --git a/scripts/script.db b/scripts/script.db index 7eef11a22..82626df23 100644 --- a/scripts/script.db +++ b/scripts/script.db @@ -238,6 +238,7 @@ Entry { filename = "http-vuln-cve2014-2128.nse", categories = { "safe", "vuln", Entry { filename = "http-vuln-cve2014-2129.nse", categories = { "safe", "vuln", } } Entry { filename = "http-vuln-cve2015-1427.nse", categories = { "intrusive", "vuln", } } Entry { filename = "http-vuln-cve2015-1635.nse", categories = { "safe", "vuln", } } +Entry { filename = "http-vuln-misfortune-cookie.nse", categories = { "intrusive", "vuln", } } Entry { filename = "http-vuln-wnr1000-creds.nse", categories = { "exploit", "intrusive", "vuln", } } Entry { filename = "http-waf-detect.nse", categories = { "discovery", "intrusive", } } Entry { filename = "http-waf-fingerprint.nse", categories = { "discovery", "intrusive", } }