Re: website for applications and versions?

[L Buchanan <laurin () COMPLIANCE-PARTNERS NET>]

Greetings,

No one seems yet to have mentioned one of my favorite tools: the
Vulnerability Database at SecurityFocus.com
(http://www.securityfocus.com/bid).  You can search by
vendor/title/version, title or keyword, in addition to searching by the
bugtraq or CVE ID number.   It also clearly indicates under which OS the
software vulnerability exits.  If you need additional details about a
specific vulnerability, there are "discussion", "exploit" and "solution"
tabs that provide much more information.

Regards,

Laurin Buchanan, CISSP
Compliance Partners, LLC
132 East 45th Street - Suite 6H
New York, NY 10017
Office 631.447.2001


Peter Charbonneau wrote:
> Do any of you know if a website that lists various applications, the
> various versions, and whether or not that particular version is
> exploitable?
>
> I would like to be able to run AMAP against a machine - see which
> applications are bound to a port - and check this "uber" site to see if
> the machine is MOST LIKELY not exploitable (if there even IS such a
> thing in our business).
>
>
> PeteC
>
> Peter Charbonneau
> Sr. Network and Systems Administrator
> Williams College
> (413) 597-3408 (desk)
> (413) 822-2922 (cell)
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion
> Group discussion list can be found at http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.