Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
fb3236321dffd5dff763c8bf52ae11219c01dc147de62df8ed76693d4af872c5
Secunia Security Advisory - A vulnerability has been reported in Simple Machines Forum, which can be exploited by malicious people to bypass certain security restrictions.
868ae0e3ff13ba7af2704e99f5b6c7d024512c5d6cde150e2d4200cfc239f306
Gentoo Linux Security Advisory GLSA 200809-08 - Amarok uses temporary files in an insecure manner, allowing for a symlink attack. Dwayne Litzenberger reported that the MagnatuneBrowser::listDownloadComplete() function in magnatunebrowser/magnatunebrowser.cpp uses the album_info.xml temporary file in an insecure manner. Versions less than 1.4.10 are affected.
a8677abbc4fd25501e2f4c6ef773ea98bc5581d088341c3ff7771de90a64c963
Gentoo Linux Security Advisory GLSA 200809-07 - Multiple buffer underflow vulnerabilities in libTIFF may allow for the remote execution of arbitrary code. Drew Yao (Apple Product Security) and Clay Wood reported multiple buffer underflows in the LZWDecode() and LZWDecodeCompat() functions in tif_lzw.c when processing TIFF files. Versions less than 3.8.2-r4 are affected.
ffd0b71441ad8fd296af027506216a799d040c877ec2b91fdd02c3146f4fa694
The Web Application Security Consortium (WASC) is pleased to announce the WASC Web Application Security Statistics Project 2007. This initiative is a collaborative industry wide effort to pool together sanitized website vulnerability data and to gain a better understanding about the web application vulnerability landscape. The overall statistics includes analysis results of 32,717 sites and 69,476 vulnerabilities of different degrees of severity.
a372c268440ecd927644d79af2dfa9a7fa4bc692839cf9d01c41ae9ef56051a8
Sagem Router F@ST 2404 remote denial of service exploit.
4967e22335a1eed25e67c49e248ef98bcff91d3dc13bb95e0d698f71ce9d0239
Secunia Security Advisory - Ams has reported a vulnerability in MemHT Portal, which can be exploited by malicious people to conduct SQL injection attacks.
b139be2a3c50a35551ff25324fb3f63233915a445466a009bcad859443e35361
Secunia Security Advisory - James Bercegay has reported two vulnerabilities in Zen Cart, which can be exploited by malicious people to conduct SQL injection attacks.
62c2564746d9ace2297b60cfdeed09d30d810852f01edfae3f1832a5a00501cd
Secunia Security Advisory - Edi Strosar has reported a security issue in X-Spam for SMTP Servers, which can be exploited by malicious, local users to gain escalated privileges.
fc439ca3c2465faeacbeea3245378279774b77c0e2a9e2db1f4f05cc3231b6bb
Secunia Security Advisory - A vulnerability has been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service).
2ef117429f480b59ac0b459f2a327756b17ad0e734ec0fc004874e4af4ffbcbc
Secunia Security Advisory - Some vulnerabilities have been reported in DB2, where some have an unknown impact and others can be exploited by malicious people to cause a DoS.
da504885a0c6b85188eb2784f090c94199fe75f6ea9f0abdd295cc0a2d02ff7a
Secunia Security Advisory - A vulnerability has been reported in NetBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).
cc892fc680fb2412dc444a2bb2bc49a61f0f02d7b4ae9694392612cf6266e905
Secunia Security Advisory - David Sopas has reported a vulnerability in phpAdultSite CMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
33e71aeded36cf00da1b58c31653dc52b4a558b33ec33ad9889f5fc06067f7b5
Secunia Security Advisory - Multiple vulnerabilities have been discovered in Silentum LoginSys, which can be exploited by malicious people to conduct cross-site scripting attacks.
7f65b30f6720ef183f5ceb07abf437f72355e6d6d0b60295310a8a3ca7dccbac
Secunia Security Advisory - Beenu Arora has discovered a vulnerability in phpAuction, which can be exploited by malicious people to disclose sensitive information.
7d8fda252e77c8833840b1abed0866e09a951e3453f81e972ffeef114b88875e
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
14e04e2d7007ebd9ace27b8a7e35f9b2c3d15ca8de852bd08ffdc9e101044e6d
Secunia Security Advisory - Gentoo has issued an update for VLC. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
a9260e00d8de73791c2e2c54c5e57ae3af47e125b8f2dbf8a028e25218ef90e5
E-PHP B2B Trading Marketplace Scripts suffers from a remote SQL injection vulnerability in listings.php.
3a0c8e5e9a6e7216844b6e33706b78feede0d27707ba06d305c615715e91a0ed
The D-Link DIR-100 suffers from a long url filter evasion vulnerability.
32012424d05f55871c7620c41ba3f2686d855405288fec574d38d174b7c7eebd
E-Shop Shopping Cart Script suffers from a remote SQL injection vulnerability in search_results.php.
c70858a8885f67eae30024cf969d17415b60ab4af21b96608c808e99b0152342
SeaMonkey version 1.1.11 remote denial of service proof of concept exploit that makes use of excessive marquee tags being used.
71b2ef271e437fe80e0a030ba87c6bc832affd099285ef77c5f2939dda40f097
WordPress version 2.6.1 suffers from a SQL column truncation vulnerability.
df11792fdba749a2a217a482e70289d0c16c7252ec7329961f5ee21c8826cabd
1nf0rm3r is a quick perl script that extracts database information from a website once leveraging a SQL injection vulnerability.
23db654aefd969cf38abbe0eb1ec9bb10aff74bceaba77a604a4dfa58320ab4b
Alstrasoft Forum suffers from a remote SQL injection vulnerability.
a8216cfb540c40575702ab5e9a662f29c079c44a823c08afa0ae6367b82760a9
Arpreply is a custom piece of code used to control remote arp caches and can be used for man in the middle attacks.
1cd37a847c50a3a66c4b073d1401ff313cc6aed6c6b90d1f3c12a91167516ec2