Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
fb3236321dffd5dff763c8bf52ae11219c01dc147de62df8ed76693d4af872c5Secunia Security Advisory - A vulnerability has been reported in Simple Machines Forum, which can be exploited by malicious people to bypass certain security restrictions.
868ae0e3ff13ba7af2704e99f5b6c7d024512c5d6cde150e2d4200cfc239f306Gentoo Linux Security Advisory GLSA 200809-08 - Amarok uses temporary files in an insecure manner, allowing for a symlink attack. Dwayne Litzenberger reported that the MagnatuneBrowser::listDownloadComplete() function in magnatunebrowser/magnatunebrowser.cpp uses the album_info.xml temporary file in an insecure manner. Versions less than 1.4.10 are affected.
a8677abbc4fd25501e2f4c6ef773ea98bc5581d088341c3ff7771de90a64c963Gentoo Linux Security Advisory GLSA 200809-07 - Multiple buffer underflow vulnerabilities in libTIFF may allow for the remote execution of arbitrary code. Drew Yao (Apple Product Security) and Clay Wood reported multiple buffer underflows in the LZWDecode() and LZWDecodeCompat() functions in tif_lzw.c when processing TIFF files. Versions less than 3.8.2-r4 are affected.
ffd0b71441ad8fd296af027506216a799d040c877ec2b91fdd02c3146f4fa694The Web Application Security Consortium (WASC) is pleased to announce the WASC Web Application Security Statistics Project 2007. This initiative is a collaborative industry wide effort to pool together sanitized website vulnerability data and to gain a better understanding about the web application vulnerability landscape. The overall statistics includes analysis results of 32,717 sites and 69,476 vulnerabilities of different degrees of severity.
a372c268440ecd927644d79af2dfa9a7fa4bc692839cf9d01c41ae9ef56051a8Sagem Router F@ST 2404 remote denial of service exploit.
4967e22335a1eed25e67c49e248ef98bcff91d3dc13bb95e0d698f71ce9d0239Secunia Security Advisory - Ams has reported a vulnerability in MemHT Portal, which can be exploited by malicious people to conduct SQL injection attacks.
b139be2a3c50a35551ff25324fb3f63233915a445466a009bcad859443e35361Secunia Security Advisory - James Bercegay has reported two vulnerabilities in Zen Cart, which can be exploited by malicious people to conduct SQL injection attacks.
62c2564746d9ace2297b60cfdeed09d30d810852f01edfae3f1832a5a00501cdSecunia Security Advisory - Edi Strosar has reported a security issue in X-Spam for SMTP Servers, which can be exploited by malicious, local users to gain escalated privileges.
fc439ca3c2465faeacbeea3245378279774b77c0e2a9e2db1f4f05cc3231b6bbSecunia Security Advisory - A vulnerability has been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service).
2ef117429f480b59ac0b459f2a327756b17ad0e734ec0fc004874e4af4ffbcbcSecunia Security Advisory - Some vulnerabilities have been reported in DB2, where some have an unknown impact and others can be exploited by malicious people to cause a DoS.
da504885a0c6b85188eb2784f090c94199fe75f6ea9f0abdd295cc0a2d02ff7aSecunia Security Advisory - A vulnerability has been reported in NetBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).
cc892fc680fb2412dc444a2bb2bc49a61f0f02d7b4ae9694392612cf6266e905Secunia Security Advisory - David Sopas has reported a vulnerability in phpAdultSite CMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
33e71aeded36cf00da1b58c31653dc52b4a558b33ec33ad9889f5fc06067f7b5Secunia Security Advisory - Multiple vulnerabilities have been discovered in Silentum LoginSys, which can be exploited by malicious people to conduct cross-site scripting attacks.
7f65b30f6720ef183f5ceb07abf437f72355e6d6d0b60295310a8a3ca7dccbacSecunia Security Advisory - Beenu Arora has discovered a vulnerability in phpAuction, which can be exploited by malicious people to disclose sensitive information.
7d8fda252e77c8833840b1abed0866e09a951e3453f81e972ffeef114b88875ettyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
14e04e2d7007ebd9ace27b8a7e35f9b2c3d15ca8de852bd08ffdc9e101044e6dSecunia Security Advisory - Gentoo has issued an update for VLC. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
a9260e00d8de73791c2e2c54c5e57ae3af47e125b8f2dbf8a028e25218ef90e5E-PHP B2B Trading Marketplace Scripts suffers from a remote SQL injection vulnerability in listings.php.
3a0c8e5e9a6e7216844b6e33706b78feede0d27707ba06d305c615715e91a0edThe D-Link DIR-100 suffers from a long url filter evasion vulnerability.
32012424d05f55871c7620c41ba3f2686d855405288fec574d38d174b7c7eebdE-Shop Shopping Cart Script suffers from a remote SQL injection vulnerability in search_results.php.
c70858a8885f67eae30024cf969d17415b60ab4af21b96608c808e99b0152342SeaMonkey version 1.1.11 remote denial of service proof of concept exploit that makes use of excessive marquee tags being used.
71b2ef271e437fe80e0a030ba87c6bc832affd099285ef77c5f2939dda40f097WordPress version 2.6.1 suffers from a SQL column truncation vulnerability.
df11792fdba749a2a217a482e70289d0c16c7252ec7329961f5ee21c8826cabd1nf0rm3r is a quick perl script that extracts database information from a website once leveraging a SQL injection vulnerability.
23db654aefd969cf38abbe0eb1ec9bb10aff74bceaba77a604a4dfa58320ab4bAlstrasoft Forum suffers from a remote SQL injection vulnerability.
a8216cfb540c40575702ab5e9a662f29c079c44a823c08afa0ae6367b82760a9Arpreply is a custom piece of code used to control remote arp caches and can be used for man in the middle attacks.
1cd37a847c50a3a66c4b073d1401ff313cc6aed6c6b90d1f3c12a91167516ec2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed