Educause Security Discussion mailing list archives
Re: website for applications and versions?
From: Jack Suess <jack () UMBC EDU>
Date: Fri, 11 Feb 2005 04:58:02 -0500
Peter, This is very interesting idea but I don't know of any such mechanism. The closest thing I have seen is the Mitre Common Vulnerabilities and Exposures database, http://www.cve.mitre.org/ They provide a mechanism where you can download the entries in their database so if you did write something to do this using CVE as a basis would be a good choice. In addition to providing a centralized CVE database they have links to many companies building CVE compliant products. One of those products may do what you are looking for. jack suess CIO, UMBC On Feb 9, 2005, at 9:03 AM, Peter Charbonneau wrote:
Do any of you know if a website that lists various applications, the various versions, and whether or not that particular version is exploitable? I would like to be able to run AMAP against a machine - see which applications are bound to a port - and check this "uber" site to see if the machine is MOST LIKELY not exploitable (if there even IS such a thing in our business). PeteC Peter Charbonneau Sr. Network and Systems Administrator Williams College (413) 597-3408 (desk) (413) 822-2922 (cell) ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- website for applications and versions? Peter Charbonneau (Feb 09)
- <Possible follow-ups>
- Re: website for applications and versions? Jack Suess (Feb 11)
- Re: website for applications and versions? Gary Dobbins (Feb 11)
- Re: website for applications and versions? L Buchanan (Feb 13)
- Re: website for applications and versions? Wade Baker (Feb 13)