Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
7d415eb8e6cbd0f6fbc2301ea65c6a6d3580b81085faf0fe42d008638bac12fbSecunia Security Advisory - A security issue has been reported in Cisco IP Phone 7921, which potentially can be exploited by malicious people to disclose sensitive information.
2d79bba0d521313dc47fbfce8d15f711fff23d3661fee051a3d051cfb7c9d354Secunia Security Advisory - rgod has discovered a vulnerability in 4XEM VatDecoder, which can be exploited by malicious people to compromise a user's system.
1bf6d4df8d048be9490f8e579b040ba72a7f15ea7083ed2ac85c1b2a31196e8aCore Security Technologies Advisory - The VideoLAN (VLC) media player package is vulnerable to an arbitrary memory corruption vulnerability, which can be exploited by malicious remote attackers to compromise a user's system. VLC versions 0.8.6d and below and Miro Player versions 1.1 and below are vulnerable. Proof of concept code included.
4256730c62805a313b1a0048df1338eafe6f939bf47a7756297bc4fe01f54383Proof of concept exploits for Trend Micro OfficeScan Corporate Edition versions 8.0 Patch 2 and below and versions 7.3 Patch 3 and below which suffer from buffer overflow and dead process vulnerabilities. To use the exploits, nc SERVER 8080 -v -v here.
25ccd183031e24acbcceb49d266b298d239e4f3ecbbcdff85ad7b062b2624195Trend Micro OfficeScan Corporate Edition versions 8.0 Patch 2 and below and versions 7.3 Patch 3 and below suffer from buffer overflow and dead process vulnerabilities.
a73f7af20713a0e93b9a993fcc5769fb6ff9bc23abdec8c588dec07c29f0febeSecunia Security Advisory - Parvez Anwar has discovered some vulnerabilities in InterVideo WinDVD Media Center, which can be exploited by malicious people to cause a DoS (Denial of Service).
b17ddb22efd62da14cdc68bad7d081e300d094f9caa3ba338c7d18a81e5653dfSecunia Security Advisory - Hanno Boeck has discovered two vulnerabilities in Serendipity, which can be exploited by malicious users to conduct cross-site scripting and script insertion attacks.
d9c3d2329fd1ef4216301f3b415d4bba2b56599b8c9d14d99634cd3238334cdbDebian Security Advisory 1510-1 - Chris Evans discovered a buffer overflow in the color space handling code of the Ghostscript PostScript/PDF interpreter, which might result in the execution of arbitrary code if a user is tricked into processing a malformed file.
49a8bee76cf9b801f16a45b718dd39b7e0d7bda143afaa53ff8acd1b1e1c5035The Ekoparty 4th edition Information and Insecurity Conference Call For Papers has been announced. It will take place in Buenos Aires, Argentina from October 2nd through October 3rd, 2008.
0cc210f53523ec40c907db76a84d8a144c94571d599a531496ed20d8fc41712bThe AuthentiX administration page suffers from cross site scripting vulnerabilities.
7d8fa37d7cb076695440c797bd02094678a934bb0f76a79ec0d585fc7c81e343Symark PowerBroker Security Advisory - A vulnerability has been identified in Symark's PowerBroker suite that allows an attacker with local access to gain root access. Versions up to and including 5.0.1 are vulnerable.
7e0dfcf5434f53f7e134968251b4c19caab838f2992a8c96788c2a68bb04dc83EazyPortal versions 1.0 and below cookie-related remote SQL injection exploit.
6c1046f678e67358e818a20cf2f23d9ebebf4cf0185a4648c9571f3c08e52507Mambo Simpleboard Forum component version 1.0.3 Stable suffers from a remote SQL injection vulnerability.
cf0729f4486cf2ae79736a48ccaabe1315523c07a7dcb356e27b317b0fadeab4Pixy is an open source vulnerability scanner that audits PHP applications for SQL injection and cross site scripting vulnerabilities. It is written in Java and also performs automatic resolution of file inclusions.
1efbf5349ce56b1930fd159abf9a3d580eadd4627972551442bb1397a4c8ef46SandMan is a framework providing a C library and a python portage to make readable and writable the Windows hibernation file.
27bb058fc6ce055eeda72be42b81eaf5940c929399142572a4444c77d81195f3Secunia Security Advisory - Debian has issued an update for diatheke. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
84ac35ed3e2f4c8519de35087f6204ec554f55a6864199d5fe1d83258fe5dd0eSecunia Security Advisory - xcorpitx has reported a vulnerability in Porar Webboard, which can be exploited by malicious people to conduct SQL injection attacks.
af7a74ec35144d54fb6342f4b4388b0d6276db336c1f685f1625442366634dfdSecunia Security Advisory - Omar Singer has discovered a vulnerability in Plume CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
34fbcad7677a3c637827a2cd6d11af453755a2e14ad47b193e5c6827959bba03Secunia Security Advisory - Fedora has issued an update for kvm. This fixes a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions.
c10bfa0bccbc4153ab28952340378f704e2dd40da1150ec6c17335a25dd2519dSecunia Security Advisory - Fedora has issued an update for wyrd. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
f309ee7bbe7cc17f34fecd90ec5bee7f6b0b8abe010031db1490d094f44c0c3aiDefense Security Advisory 02.26.08 - Remote exploitation of a heap based buffer overflow vulnerability in Mozilla Organization's Thunderbird could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability exists when parsing the external-body MIME type in an electronic mail. When calculating the number of bytes to allocate for a heap buffer, sufficient space is not reserved for all of the data being copied into the buffer. This results in up to 3 bytes of the buffer being overflowed, potentially allowing for the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in Thunderbird version 2.0.0.9 on Linux and Windows. Previous versions may also be affected.
6bcbbedf8e21d3aec4e7200bc10753035e4d6a719690b0eb2fb4f2d04030ead2iDefense Security Advisory 02.26.08 - Remote exploitation of a stack based buffer overflow vulnerability in Symantec Scan Engine version 5.1.2 could allow an unauthenticated attacker to execute arbitrary code with the privileges of the scan engine process. Symantec Scan Engine listens on TCP port 1344 to accept files for scanning using the Internet Content Adaptation Protocol (ICAP). If the service is sent a specially malformed RAR file, a stack-based buffer overflow will occur. iDefense has confirmed this vulnerability in the Linux build of the Symantec Scan Engine version 5.1.2. This issue does not affect the Windows build of the product. Previous versions are suspected to be vulnerable.
6ac782bba3d896cd76c3ac9a217fb02fe152735e066ce969750e3900b11bdb99iDefense Security Advisory 02.26.08 - Remote exploitation of a Denial of Service vulnerability in Symantec Scan Engine version 5.1.2 could allow an unauthenticated attacker to create a denial of service (DoS) condition. Symantec Scan Engine listens on TCP port 1344 to accept files for scanning using the Internet Content Adaptation Protocol (ICAP). If the service is sent a malformed RAR file, the service will consume massive amounts of memory. This can result in a denial of service condition for the application and operating system. iDefense confirmed the existence of this vulnerability in Symantec Scan Engine 5.1.2. This issue affects both the Windows and Linux builds of the product. Previous versions are suspected to be vulnerable.
a8d0c9bb8554be518607891bdcf3d22cf2d57140317ed7203d41bd4eb3437307Gentoo Linux Security Advisory GLSA 200802-11 - Multiple vulnerabilities have been found in Asterisk. Versions less than 1.2.21.1-r1 are affected.
c22751b6c44f0be0e1381fc575a51b4406baa3deccf8b780a0d0fc7a7200b488
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed