Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
0e960e0553eb76470c8517a0038092a3969db65cbe23c03fd6daef1acdcc9658PHPcounter versions 1.3.2 and below suffer from a local file inclusion vulnerability in defs.php.
78e826d44b9cb24a6d7638885e3b9ba1fdeae6968596a5537fe91333d5a5bb60mailwatch versions 1.0.4 and below suffer from a local file inclusion vulnerability in docs.php.
ad5d681434723a839be9e52c01812a83f0186928a7a42553a7c9f613a55c20b5emergecolab version 1.0 suffers from a local file inclusion vulnerability in index.php.
b7e0ef5a268795ebce26fc08f43fd830af864b8d7a3d2af38b7d47c2da444a24Secunia Security Advisory - dun has discovered a vulnerability in Basebuilder, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
d1a4fd08f2caaeaecccb77ef84f795be232344e595cd9024b98c6441fe84a651adnforum versions 1.0b and below suffer from a remote SQL injection vulnerability.
0fb1f64bc37df2d7a5a1b2d2d304f09b211ea1a1ba711e21fe9d7533f5f7e71eCisco Security Advisory - Cisco 10000, uBR10012 and uBR7200 series devices use a User Datagram Protocol (UDP) based Inter-Process Communication (IPC) channel that is externally reachable. An attacker could exploit this vulnerability to cause a denial of service (DoS) condition on affected devices. No other platforms are affected. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
ea463164a5d2c0b0aaae0fd30a1013803446e2acd3ae1356a22e758958ba84a0Cisco Security Advisory - A vulnerability exists in the Cisco IOS software implementation of Layer 2 Tunneling Protocol (L2TP), which affects limited Cisco IOS software releases. Several features enable the L2TP mgmt daemon process within Cisco IOS software, including but not limited to Layer 2 virtual private networks (L2VPN), Layer 2 Tunnel Protocol Version 3 (L2TPv3), Stack Group Bidding Protocol (SGBP) and Cisco Virtual Private Dial-Up Networks (VPDN). Once this process is enabled the device is vulnerable. This vulnerability will result in a reload of the device when processing a specially crafted L2TP packet. Cisco has released free software updates that address this vulnerability.
6ef0982b69c67aba8321a10f5b9dd4a8c31c33b2b61978e363e0d17d5b918ac7Cisco Security Advisory - Cisco uBR10012 series devices automatically enable Simple Network Management Protocol (SNMP) read/write access to the device if configured for linecard redundancy. This can be exploited by an attacker to gain complete control of the device. Only Cisco uBR10012 series devices that are configured for linecard redundancy are affected. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
05470ccd7689b1aa9f3c5d727f87013adb251f0825e2b00406a8624a62854db4Cisco Security Advisory - A series of segmented Skinny Call Control Protocol (SCCP) messages may cause a Cisco IOS device that is configured with the Network Address Translation (NAT) SCCP Fragmentation Support feature to reload. Cisco has released free software updates that address this vulnerability. A workaround that mitigates this vulnerability is available.
2460cf8f6bc89158c3f1a106eaf69f49bc4ff8848979dc3988a5b5f1ef1d8a9eCisco Security Advisory - Cisco IOS Software Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) is vulnerable to a Denial of Service (DoS) attack from specially crafted packets. Only the MFI is affected by this vulnerability. Older Label Forwarding Information Base (LFIB) implementation, which is replaced by MFI, is not affected. Cisco has released free software updates that address this vulnerability.
69429868f12e823d09221113c53d9b59c1b96272bd7944368fdc2c6cccc2a77eCisco Security Advisory - The Cisco IOS Intrusion Prevention System (IPS) feature contains a vulnerability in the processing of certain IPS signatures that use the SERVICE.DNS engine. This vulnerability may cause a router to crash or hang, resulting in a denial of service condition. Cisco has released free software updates that address this vulnerability. There is a workaround for this vulnerability.
0ece8a6c60b19d21467b4d536f6557d319e855b2595780a950dd77ef3c97e75fCisco Security Advisory - Cisco IOS software configured for IOS firewall Application Inspection Control (AIC) with a HTTP configured application-specific policy are vulnerable to a Denial of Service when processing a specific malformed HTTP transit packet. Successful exploitation of the vulnerability may result in a reload of the affected device. Cisco has released free software updates that address this vulnerability.
e823e6d3a3561cdcc3f709070fc483dfce714b29396e7cb43d64e2e89c0f1a88Cisco Security Advisory - A Cisco IOS device may crash while processing an SSL packet. This can happen during the termination of an SSL-based session. The offending packet is not malformed and is normally received as part of the packet exchange. Cisco has released free software updates that address this vulnerability. Aside from disabling affected services, there are no available workarounds to mitigate an exploit of this vulnerability.
fdac98c94f658d37e4b6287425c73b229e5b4c38ca0406f9af1909742dd6b9e0Cisco Security Advisory - Cisco Unified Communications Manager, formerly Cisco Unified CallManager, contains two denial of service (DoS) vulnerabilities in the Session Initiation Protocol (SIP) service. An exploit of these vulnerabilities may cause an interruption in voice services. Cisco will release free software updates that address these vulnerabilities and this advisory will be updated as fixed software becomes available. There are no workarounds for these vulnerabilities.
4f1d373f55abecb7f4a2774f823e3fa0eec21b9ce8d277d39c3622da7715f891adnforum versions 1.0b and below suffer from an insecure cookie handling vulnerability.
be56a8be0f5dc3ddc43730017a67ce2a8dabd9de4bc0d226744cfdc00f3c53d8Google Chrome versions 0.2.149.30 and 0.2.149.29 carriage return NULL object memory exhaustion denial of service proof of concept exploit.
3e5ce87ae7c477aa26912e725ad588fc796a66929314dba366fc69aa2e9bdc68Secunia Security Advisory - Sarid Harper has reported a vulnerability in Checkpoint Connectra NGX, which can be exploited by malicious people to conduct cross-site scripting attacks.
d34fed73d949f5bd10dd330a972dff764aed6bd80c0a98bf232147038601261bSecunia Security Advisory - Two vulnerabilities have been reported in 6rbScript, which can be exploited by malicious people to disclose sensitive information or to conduct SQL injection attacks.
8306f9c94cd7586221a26d1ed8e4d1a558bebf6b439c3855061d75661afe11f5Secunia Security Advisory - A vulnerability has been reported in the freeCap CAPTCHA (sr_freecap) extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting attacks.
de315871eda19ad0aec1629aef7540b27cbd406003f954dbdaa14b73e54ac57eJadu CMS for Government suffers from a remote SQL injection vulnerability in recruit_details.php.
048e5a0049c2dc97468850e1c0e345cdaff34e4e425673ed86dad045528bbf94Ubuntu Security Notice 645-2 - USN-645-1 fixed vulnerabilities in Firefox and xulrunner for Ubuntu 7.04, 7.10 and 8.04 LTS. This provides the corresponding update for Ubuntu 6.06 LTS. A very large amount of vulnerabilities have been addressed in the latest Firefox release from Ubuntu.
0d7de40a35ce5a90bf42974185bd6659e4298154faaeba8588069d28de22ce0dUbuntu Security Notice 645-1 - A very large amount of vulnerabilities have been addressed in the latest Firefox release from Ubuntu.
0144b39da9021456e5249e9390082743bab9f1475ea0c8b50d24b76e87610a2dwebcp version 0.5.7 suffers from a remote file disclosure vulnerability in sendfile.php.
bcd5df18d408f47d7f80631be5f4e7c66949b3800b695108da0cf68ffa544f34AJ Auction Pro Platinum Skin #2 suffers from a remote SQL injection vulnerability in detail.php.
e4c68de6381d789cd0bc27452d3693c482e9999adec277e12eb8e2d567fabf06
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed