Re: website for applications and versions?

[Jack Suess <jack () UMBC EDU>]

Peter,

This is very interesting idea but I don't know of any such mechanism.
The closest thing I have seen is the Mitre Common Vulnerabilities and
Exposures database, http://www.cve.mitre.org/

They provide a mechanism where you can download the entries in their
database so if you did write something to do this using CVE as a basis
would be a good choice. In addition to providing a centralized CVE
database they have links to many companies building CVE compliant
products. One of those products may do what you are looking for.

jack suess
CIO, UMBC


On Feb 9, 2005, at 9:03 AM, Peter Charbonneau wrote:

> Do any of you know if a website that lists various applications, the
> various versions, and whether or not that particular version is
> exploitable?
>
> I would like to be able to run AMAP against a machine - see which
> applications are bound to a port - and check this "uber" site to see if
> the machine is MOST LIKELY not exploitable (if there even IS such a
> thing in our business).
>
>
> PeteC
>
> Peter Charbonneau
> Sr. Network and Systems Administrator
> Williams College
> (413) 597-3408 (desk)
> (413) 822-2922 (cell)
>
> **********
> Participation and subscription information for this EDUCAUSE
> Discussion Group discussion list can be found at
> http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.