Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.
dffa36ef20f7434a230e466f79f58755fb2ea3a9c673b2bd21810a595f14d06aCisco Security Advisory 20040124 - The default installation of Cisco voice products on the IBM platform will install the Director Agent in an unsecure state, leaving the Director services vulnerable to remote administration control and/or Denial of Service attacks. The vulnerabilities can be mitigated by configuration changes and Cisco is providing a repair script that will close the vulnerable ports and put the Director agent in secure state without requiring an upgrade.
b014c3dae8a8c72af048e37ac74be6fdee1da91c923dba8d3a96583cfee56393Honeyd is vulnerable to remote detection via a simple probe packet. All versions up to 0.8 are susceptible.
cde958c21a34416d46b6613084575197d925bacde71a75b0abc1b5d2e44574f6WebcamXP versions 1.06.945 is susceptible to a cross site scripting attack.
6f7ddb9ae2a81dc995c905640c0b63ca8f6977f311391f05756247ab0490786cSecure Network Operations Advisory SRT2004-01-17-0425 - Ultr@VNC, the client/server software that allows you to remotely control a computer over any TCP/IP connection, has a faulty ShellExecute() statement that allows a local attacker to gain SYSTEM access.
f28f3ed6c815915416535420f36bf7ce30645cb63ebc9a1df339d53450bf5b4bSecurity Corporation Security Advisory [SCSA-026]: A vulnerability has been discovered in DUWARE Products, which allows malicious users to become administrators. It affects approximately 15 different products in all.
0c960411e961d7e65a618c303917edb4acbe482261e21a68ece0032a7e326fb9WebTrends Reporting Center is administrated via a web interface that has a flaw which would allow a remote attacker to disclose the physical path to the application.
ceeeb73740ef5d6595ffe3b3bcfebbaa1bd0e01644d2b67237781bafd0e4eec42Wire-Gateway is a router that has a webserver for maintenance. The CGI interface lacks input validation when returning an error with its return variable allowing for a directory traversal attack.
7d327c33155ca85a9c8ffbe857abf59b58c2dd8d41a1f071dd99da63cc51605aOwnServer, a web server used for watching security cameras remotely, is susceptible to a directory traversal bug that allows a remote attacker to gain access to files outside of the webroot.
b32b6045df134cd7484a3ae7c2e8bfa669777d8d1b0a5b081d9961a173b87d02When using the SNEWS protocol, Internet Explorer lacks its filtering engine and can trigger Outlook Express to be hit by a buffer overrun resulting in possible code execution.
b1c8758f7ae810befb59be9d3679bb31b88d48ffc8d5d5c14e2ef342f8769de7vBulletin Bulletin Board derivatives contain a security bug that may lead to disclosure of private information via cross site scripting attacks. This vulnerability may also enable an attacker to transmit sensitive information such as encrypted passwords, user identification numbers, or forum passwords to another server.
648da248485971d719402b2948f41a186eff85e43a7ac497adcf75b8977cbf58NETCam webserver running NETCam Viewers 1.0.0.28 and below have a directory traversal bug that allows remote attackers to gain access to files outside of the webroot.
3033ef31ebe260b918d9f1e9177da16b936b0caa1f3b1065986e5ccaa17a5f85
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed