Network Vulnerability Assessment Report
Sorted by host names

Session name: x-micro XWL-11bRRGStart Time:09.10.2003 19:09:46
Finish Time:09.10.2003 19:14:14
Elapsed:0 day(s) 00:04:27
Total records generated:32
high severity:1
low severity:29

Scan configuration

Plugins used in this scan

10951cachefsd overflow
11484apcupsd overflows
11315webchat code injection
10318wu-ftpd buffer overflow
10949BEA WebLogic Scripts Server scripts Source Disclosure (2)
10542UltraSeek 3.1.x Remote DoS
10723LDAP allows anonymous binds
10746Compaq WBEM Server Detection
10411klogind overflow
10600ICECast Format String
11536Super Guestbook config disclosure
10230sched service
11748Various dangerous cgi scripts
10713CodeRed version X detection
10009AIX FTPd buffer overflow
10335tcp connect() scan
11596SLMail WebMail overflows
10699IIS FrontPage DoS II
10568bftpd format string vulnerability
11717Lotus Domino SMTP bounce DoS
11721CgiMail.exe vulnerability
11446DCP-Portal Cross Site Scripting Bugs
10507Sun's Java Web Server remote command execution
10748Mediahouse Statistics Web Server Detect
11191WM_TIMER Message Handler Privilege Elevation (Q328310)
10320Too long URL
11719admin.cgi overflow
10465CVSWeb 1.80 gives a shell to cvs committers
11601MailMaxWeb Path Disclosure
10719MySQL Server version
10144Microsoft SQL TCP/IP listener is running
10877GroupWise Web Interface 'HELP' hole
11346Sendmail 8.7.*/8.8.* local overflow
10129INN version check
11370fpcount.exe overflow
10740SiteScope Web Managegment Server Detect
10357RDS / MDAC Vulnerability (msadcs.dll) located
11707Bugbear.B web backdoor
11033Misc information on News server
10422MDBMS overflow
11359UploadLite cgi
11301Unchecked buffer in MDAC Function
10528Nortel Networks passwordless router (manager level)
11662iiprotect sql injection
11373SunFTP Buffer Overflow
11751Dune Web Server Overflow
10605BIND vulnerable to overflows
11365Auction Deluxe XSS
11049Worldspan gateway DOS
10196qpopper buffer overflow
11266Unpassworded jill account
11728ddicgi.exe vulnerability
11052BenHur Firewall active FTP firewall leak
11343OpenSSH Client Unauthorized Remote Forwarding
11498Alexandria-dev upload spoofing
11586FileMakerPro Detection
11766pmachine cross site scripting
10848Oracle 9iAS Dynamic Monitoring Services
10380rsh on finger output
11631Drag And Zip Overflow
10690GoodTech ftpd DoS
11344Domino traversal
10689Netscape Enterprise '../' buffer overflow
10021Identd enabled
11331wu-ftpd PASV format string
10431SMB Registry : missing winreg
10416Sambar /sysadmin directory 2
10029BIND vulnerable
11224Oracle 9iAS SOAP configuration file retrieval
11566.rhosts in FTP root
10020+ + + ATH0 modem hangup
10959ServletExec 4.1 ISAPI File Reading
10764Shopping Cart Arbitrary Command Execution (Hassan)
10954OpenSSH AFS/Kerberos ticket/token passing
11130BrowseGate HTTP headers overflows
11624SHOUTcast Server logfiles XSS
10617Checkpoint SecureRemote detection
11623miniPortail Cookie Admin Access
11305Proxy accepts gopher:// requests
11037WEB-INF folder accessible
10956Codebrws.asp Source Disclosure Vulnerability
11167Webserver4everyone too long URL
10189proftpd mkdir buffer overflow
11736gnocatan multiple buffer overflows
10152NetBus 2.x
11014Cisco Aironet Telnet DoS
10350Shaft Detect
10691Netscape Enterprise INDEX request problem
11778Web Server hosting copyrighted material
10260HELO overflow
10393spin_client.cgi buffer overrun
1159212Planet Chat Server Path Disclosure
11564Coppermine Gallery SQL injection
10996JRun Sample Files
10796scan for LaBrea tarpitted hosts
11685mod_gzip running
10207Roxen counter module
10671IIS Remote Command Execution
10281Detect Server type and version via Telnet
11506Quicktime player buffer overflow
10124Imail's imonitor buffer overflow
10069Finger zero at host feature
11724WebLogic source code disclosure
10851Oracle 9iAS Java Process Manager
11173Savant cgitest.exe buffer overflow
10461Check for RealServer DoS
10652cfingerd format string attack
10089FTP ServU CWD overflow
11654ShareMailPro Username Identification
10153Netscape Server ?PageServices bug
10727Buffer overflow in Solaris in.lpd
10434NT ResetBrowser frame & HostAnnouncement flood patc detection
11388l2tpd < 0.68 overflow
11453Kebi Academy Directory Traversal
11247Unpassworded sync account
10412SMB Registry : Autologon
11249Unpassworded jack account
11438Apache Tomcat Directory Listing and File disclosure
11330MS SQL7.0 Service Pack may leave passwords on system
11417MyAbraCadaWeb Cross Site Scripting
11016xtux server detection
10415Sambar sendmail /session/sendmail
11314Buffer overflow in Microsoft Telnet
10623Savant original form CGI access
10516multihtml cgi
11630php-proxima file reading
11700ImageFolio Default Password
10687Too long POST command
10758Check for VNC HTTP
11284typo3 arbitrary file reading
11447Nuked-klan Cross Site Scripting Bugs
11497E-Theni code injection
11387L2TP detection
10490hpux ftpd PASS vulnerability
10231selection service
11254Unpassworded friday account
11532Instaboard SQL injection
10123Imail's imap buffer overflow
11476DCP-Portal Code Injection
10567SMB Registry : permissions of the RAS key
10228rusersd service
10113icmp netmask request
11093EFTP installation directory disclosure
11767SQL injection in phpBB
11340SSH Secure-RPC Weak Encrypted Authentication
11781iXmail arbitrary file upload
11223Oracle 9iAS access to SOAP documentation
11067Microsoft's SQL Hello Overflow
10254SLMail denial of service
10221nsed service
10462Amanda client version
10743Tripwire for Webpages Detection
10323XTramail control denial
11009Lotus Domino Banner Information Disclosure Vulnerability
11526Vignette StoryServer Information Disclosure
10798Unprotected PC Anywhere Service
11308MS SMTP Authorization bypass
11150Tomcat servlet engine MD/DOS device names denial of service
10268SSH Insertion Attack
10995Sun JavaServer Default Admin Password
11604BEA WebLogic Scripts Server scripts Source Disclosure (3)
10901Users in the 'Account Operator' group
11378MySQL mysqld Privilege Escalation Vulnerability
10937IIS FrontPage ISAPI Denial of Service
10880AdMentor Login Flaw
11007ActiveState Perl directory traversal
10679directory pro web traversal
11081Oracle9iAS too long URL
11398Samba Fragment Reassembly Overflow
10773MacOS X Finder reveals contents of Apache Web files
10929FTP Windows 98 MS/DOS device names DOS
10932IIS .HTR ISAPI filter applied
10162Notes MTA denial
11164SOCKS4 username overflow
10609empower cgi path
11178Unchecked Buffer in PPTP Implementation Could Enable DOS Attacks (Q329834)
11147Unchecked Buffer in Windows Help(Q323255)
10363ASP source using %2e trick
11135Bugbear worm
10243ypupdated service
10471Guild FTPd tells if a given file exists
11201Nortel/Bay Networks/Xylogics Annex default password
11642Helix RealServer Buffer Overrun
10065EZShopper 3.0
10909Brute force login (Hydra)
11309Winreg registry key writeable by non-admins
10543Lotus Domino SMTP overflow
10046Cisco DoS
10876Delta UPS Daemon Detection
10070Finger backdoor
11190overflow.cgi detection
11174HTTP negative Content-Length DoS
10344Detect the presence of Napster
10731HealthD detection
11175Too long line
10659snmpXdmid overflow
10706McAfee myCIO Directory Traversal
11328Kietu code injection
11364Sendmail Forward File Privilege Escalation Vulnerability
11034SMTP antivirus filter
11774Windows Media Player Library Access
11035AnalogX SimpleServer:WWW DoS
10492IIS IDA/IDQ Path Disclosure
11182DB4Web directory traversal
11568StockMan Shopping Cart Path disclosure
10063Eserv traversal
10419Lotus MAIL FROM overflow
11242Unpassworded demos account
10218llockmgr service
10312WindowsNT DNS flood denial
11485Flaw in RPC Endpoint Mapper (MS03-010)
11513Solaris lpd remote command execution
10647ntpd overflow
11614Novell FTP DoS
10303WebSite pro reveals the physical file path of web directories
11723PDGSoft Shopping cart vulnerability
10209X25 service
11047Jigsaw webserver MS/DOS device DoS
11429Windows Messenger is installed
10931Quake3 Arena 1.29 f/g DOS
11652Mantis Detection
11622mod_ssl wildcard DNS cross site scripting vulnerability
10769Checks for
10261Sendmail mailing to programs
11562The ScriptLogic service is running
11391BSD ftpd setproctitle() format string
11640CesarFTP stores passwords in cleartext
10042Chameleon SMTPd overflow
10574PHPix directory traversal vulnerability
11563Oracle LINK overflow
11771WebAdmin detection
10843ASP.NET path disclosure
11559Network Chemistry Wireless Sensor Detection
10403DBMan CGI server information leakage
10270Stacheldraht Detect
10109SCO i2odialogd buffer overrun
11211GameSpy detection Command Execution
10893Obtains the lists of users aliases
10234sprayd service
10808DoSable Oracle WebCache server
11181WebSphere Host header overflow
11333webwho plus
10304WebSpeed remote configuration
10942Check for a Citrix server
10637Sedum DoS
10458The messenger service is running
10558Exchange Malformed MIME header
11713Desktop Orbiter Remote Reboot
10454sawmill password
10694GuildFTPd Directory Traversal
11657Synchrologic User account information disclosure
11603MacOS X Directory Service DoS
10343MySQLs accepts any password
10613Oracle XSQL Sample Application Vulnerability
11087Sendmail queue manipulation & destruction
10402CVSWeb detection
10286thttpd flaw
11711FTP Voyager Overflow
10508PFTP login check
11578Opera remote heap corruption vulnerability
11152BIND vulnerable to cached RR overflow
10894Obtains the lists of users groups
10753AOLserver Default Password
11149HTTP login page
11036SMTP antivirus scanner DoS
11710FlashFXP Overflow
10738Oracle Web Administration Server Detection
11745Hosting Controller vulnerable ASP pages
11257Default password (manager) for system
11355Buffer overflow in AIX lpd
10102HotSync Manager Denial of Service attack
10715BEA WebLogic Scripts Server scripts Source Disclosure
11739pmachine code injection
10423qpopper euidl problem
10184Various pop3 overflows
11137Apache < 1.3.27
11507Apache < 2.0.45
11337mountd overflow
11611counter.php file overwrite
11747TrendMicro Emanager software check
10776Power Up Information Disclosure
11250Unpassworded backdoor account
11619Eserv Memory Leaks
10132Kuang2 the Virus
10832Kcms Profile Server
10206Rover pop3 overflow
11560WebServer 4D GET Buffer Overflow
10815Web Server Cross Site Scripting
10425NAI Management Agent overflow
11299MySQL double free()
11217Microsoft's SQL Version Query
11441Mambo Site Server 4.0.10 XSS
11060OpenSSL overflow (generic test)
10482NetBIOS Name Server Protocol Spoofing patch
11045Passwordless Zaurus FTP server
11218Tomcat /status information disclosure
10515Too long authorization
11694P-Synch multiple issues
10293vftpd buffer overflow
11491Sambar default CGI info disclosure
10381Piranha's RH6.2 default password
11206War FTP Daemon Directory Traversal
10801IMP Session Hijacking Bug
10854Oracle 9iAS mod_plsql directory traversal
10836Agora CGI Cross Site Scripting
11517Leafnode Resource Exhaustion
10519Telnet Client NTLM Authentication Vulnerability
11402iPlanet Application Server Detection
11304Unchecked buffer in SQLXML
10505Directory listing through WebDAV
10840Oracle 9iAS mod_plsql Buffer Overflow
11192multiple MySQL flaws
11558Macromedia ColdFusion MX Path Disclosure Vulnerability
10957JServ Cross Site Scripting
11577MDaemon IMAP CREATE overflow
11746AspUpload vulnerability
11672Bandmin XSS
10965SSH 3 AllowedAuthentication
10135LinuxConf grants network access
11599Ocean12 Database Download
11663iiprotect bypass
10685IIS ISAPI Overflow
11667b2 cafelog code injection
10944MUP overlong request kernel overflow Patch (Q311967)
10366AnalogX denial of service
11714Non-Existant Page Physical Path Disclosure Vulnerability
10905Users in the 'Print Operator' group
10636Orange DoS
10134Linux 2.1.89 - 2.2.3 : 0 length fragment bug
10211amd service
11606WebLogic Server hostname disclosure
10194Proxy accepts POST requests
11487Advanced Poll info.php
10594Oracle XSQL Stylesheet Vulnerability
11742Magic WinMail Format string
10361SalesLogix Eviewer WebApp crash
10362ASP source using ::$DATA trick
11023lpd, dvips and remote command execution
11122Libwhisker options
11496RealPlayer PNG deflate heap corruption
10925Oracle Jserv Executes outside of doc_root
11265Default password (satori) for rewt
11091Windows Network Manager Privilege Elevation (Q326886)
10116IIS buffer overflow
11425ICQ is installed
10579bftpd chown overflow
10368Dansie Shopping Cart backdoor
10923Squid overflows
11486WebLogic management servlet
10097GroupWise buffer overflow
11347Sendmail Local Starvation and Overflow
10589iPlanet Directory Server traversal
10500Shiva Integrator Default Password
11696IRCXPro Clear Text Passwords
11071ASP source using %20 trick
10236statmon service
10510EFTP carriage return DoS shows the listing of any dir
11508Xoops XSS
11428Trillian is installed
10339TFTP get file
10340rpm_query CGI
10258Sendmail's from piped program
11489myguestbk admin access
10418Standard & Poors detection
11058rusersd output
11552mod_ntlm overflow / format string bug
10225rje mapper service
11521Abyss httpd crash
10830zml.cgi Directory Traversal
11111rpcinfo -p
10457The alerter service is running
10347ICQ Denial of Service attack
11264Default password (wh00t!) for root
11692WebStores 2000 browse_item_details.asp SQL injection
10839PHP.EXE / Apache Win32 Arbitrary File Reading Vulnerability
10444JRun's viewsource.jsp
10969Obtain Cisco type via SNMP
10428SMB fully accessible registry
10708SSH 3.0.0
10288Trin00 Detect
10698WebLogic Server /%00/ bug
10849Oracle 9iAS DAD Admin interface
10481Unpassworded MySQL
10452wu-ftpd SITE EXEC vulnerability
10672Unknown CGIs arguments torture
10593phorum's common.cgi
11240Unpassworded guest account
11286Flaw in WinXP Help center could enable file deletion
10033CA Unicenter's Transport Service is running
11159MS RPC Services null pointer reference DoS
10305WFTP login check
10948qpopper options buffer overflow
10240walld service
10563Incomplete TCP/IP packet vulnerability
11020NetCommerce SQL injection
10757Check for Webmin
11542Web Wiz Forums database disclosure
11383CSCdz60229, CSCdy87221, CSCdu75477
11319GTcatalog code injection
11730ndcgi.exe vulnerability
11569StockMan Shopping Cart Command Execution
10693NTLMSSP Privilege Escalation
11101PHPAdsNew code injection
10653Solaris FTPd tells if a user exists
11610testcgi.exe Cross Site Scripting
11768proftpd mod_sql injection
11041Apache Tomcat /servlet Cross Site Scripting
11185vxworks ftpd buffer overflow
10586news desk
10607SSH1 CRC-32 compensation attack
10235statd service
11779FTP server hosting copyrighted material
10077Microsoft Frontpage exploits
10310Wingate denial of service
10710Checkpoint SecuRemote information leakage
11553Bugzilla XSS and insecure temporary filenames
11493Sambar Default Accounts
11626Owl Login bypass
10255SLMail:27 denial of service
11200Platinum FTP Server
11153Identifies unknown services with 'HELP'
10850Oracle 9iAS Globals.jsa access
11246Unpassworded lp account
11139wpoison (nasl version)
10356Microsoft's Index server reveals ASP source code
10187Cognos Powerplay WE Vulnerability
10442NAI PGP Cert Server DoS
10435Imate HELO overflow
11511Kerberos IV cryptographic weaknesses
10373TalentSoft Web+ version detection
11258Default password (glftpd) for glftpd
10821FTPD glob Heap Corruption
10554RealServer Memory Content Disclosure
10674Microsoft's SQL UDP Info Query
10804rwhois format string attack (2)
10883OpenSSH Channel Code Off by 1
10663DHCP server info gathering
11488IMP SQL injection
10537IIS directory traversal
10159News Server type and version
10468Netscape Administration Server admin password
11602HappyMall Command Execution
10673Microsoft's SQL Blank Password
10114icmp timestamp request
10351The ACC router shows configuration without authentication
11483apcnisd detection
11251Unpassworded tutor account
10051A CVS pserver is running
11555AN HTTPd file truncation
111874553 Parasite Mothership Detect
10217keyserv service
11664nsiislog.dll DoS
10722LDAP allows null bases
10499Local Security Policy Corruption
10426SMB Registry : permissions of Schedule
10933EFTP tells if a given file exists
10517pam_smb / pam_ntdom overflow
10707McAfee myCIO detection
10253Cobalt siteUserMod cgi
10950rpc.walld format string
10191ProFTPd pre6 buffer overflow
11075dwhttpd format string
11361Mambo Site Server Cookie Validation
11086Sendmail custom configuration file
11422Unconfigured web server
11184vxworks ftpd buffer overflow Denial of Service
10355vqServer web traversal vulnerability
10289Microsoft Media Server 4.1 - DoS
10101Home Free search.cgi directory traversal
10473MiniVend Piped command
11274WihPhoto file reading
10879Shell Command Execution Vulnerability
10677Apache /server-status accessible
10319wu-ftpd SITE NEWER vulnerability
10629Lotus Domino administration databases
11500Beanwebb's guestbook
11341SSH1 SSH Daemon Logging Failure
10793Cobalt Web Administration Server Detection
11660TextPortal Default Passwords
11590MPC SoftWeb Guestbook database disclosure
10091FTPGate traversal
11088Sendmail debug mode leak
10083FTP CWD ~root
11021irix rpc.passwd overflow
10910Obtains local user information
11105ARCserve hidden share
10233snmp service
10991IIS Global.asa Retrieval
11210Apache < 2.0.44 file reading on Win32
10017Annex DoS
11595Windows Media Player Skin Download Overflow
10408Insecure Napster clone
10545Cisco Catalyst Web Execution
10660Oracle tnslsnr security
10795Lotus Notes ?OpenServer Information Disclosure
11510BIND 4.x resolver overflow
10378LCDproc buffer overflow
10173perl interpreter can be launched as a CGI
10397SMB LanMan Pipe Server browse listing
11102Awol code injection
10352Netscape Server ?wp bug
10603Winsock Mutex vulnerability
10781Outlook Web anonymous access
10140MediaHouse Statistic Server Buffer Overflow
11472viewpage.php arbitrary file reading
11680Webfroot Shoutbox Directory Traversal
10939MSDTC denial of service by flooding with nul bytes
11126SOCKS4A hostname overflow
11582TrueGalerie admin access
10635Marconi ASX DoS
11741lednews XSS
11607Apache < 2.0.46 on OS/2
11399ClearTrust XSS
10728Determine if Bind 9 is running
11243Unpassworded 4Dgifts account
11613CP syslog overflow
10709TESO in.telnetd buffer overflow
11494l2tpd DoS
10401SMB Registry : NT4 Service Pack version
10873GroupWise Web Interface 'HTMLVER' hole
11318BIND 9 overflow
11241Unpassworded EZsetup account
10633Savant DoS
11177Flaw in Microsoft VM Could Allow Code Execution (810030)
10259Sendmail mailing to files
11002DNS Server Detection
10032CA Unicenter's File Transfer Service is running
10903Users in the 'System Operator' group
10865Checks for MS HOTFIX for snmp buffer overruns
11109Achievo code injection
11000MPEi/X Default Accounts
11701hpux ftpd RETR vulnerability
10831PHP Rocket Add-in File Traversal
11155LiteServe URL Decoding DoS
10037CERN httpd problem
10898Users information : Never changed password
10389Cart32 ChangeAdminPassword
11018MS Site Server Information Leak
10539Useable remote name server
10480Apache::ASP source.asp
10104HP LaserJet direct print
10665tektronix's _ncl_items.shtml
11298axis2400 webcams
11085Personal Web Sharing overflow
11405dmisd service
10535php log
10292uw-imap buffer overflow
11432Yahoo!Messenger is installed
11772Generic SMTP overflows
11519mod_jk chunked encoding DoS
11144Flaw in Certificate Enrollment Control (Q323172)
11170Alcatel OmniSwitch 7700/7800 switches backdoor
10257SmartServer pop3 overflow
11029Windows RAS overflow (Q318138)
10414WinLogon.exe DoS
11463Bugzilla Multiple Flaws
11213http TRACE XSS attack
11460SMB Registry : Classic Logon Screen
10760Alcatel ADSL modem with firewalling off
10324XTramail MTA 'HELO' denial
11726CSNews.cgi vulnerability
10695IIS .IDA ISAPI filter applied
11215Flaw in SMB Signing Could Enable Group Policy to be Modified (329170)
11262Default password (D13hh[) for root
10311Wingate POP3 USER overflow
11411Backup CGIs download
10345Passwordless Cayman DSL router
11220Netscape /.perf accessible
10701php safemode
10126in.fingerd pipe
11495tanned format string vulnerability
10777Zope ZClass permission mapping bug
10881SSH protocol versions supported
10241ypbind service
10608OpenSSH 2.3.1 authentication bypass vulnerability
10059Domino HTTP Denial
11248Unpassworded date account
10858SNMP bad length field DoS (2)
10990FTP Service Allows Any Username
10002IIS possible DoS using ExAir's advsearch
10058Domino HTTP server exposes the set up of the filesystem
10175Detect presence of PGPNet server and its version
10640Kerberos PingPong attack
11490D-Link DSL Broadband Modem
10734IrDA access violation patch
10581Cold Fusion Administration Page Overflow
11140UDDI detection
10396SMB shares access
11594CSCdea77143, CSCdz15393, CSCdt84906
11648BlackMoon FTP user disclosure
11313MCMS : Buffer overflow in Profile Service
11227Oracle 9iAS SOAP Default Configuration Vulnerability
10045Cisco 675 passwordless router
10390mstream agent Detect
10927BlackIce DoS (ping flood)
11634Proxy Web Server Cross Site Scripting
10478Tomcat's snoop servlet gives too much information
11653Mantis Multiple Flaws
10786Samba Remote Arbitrary File Creation
11353NFS fsirand
11403iPlanet Application Server Buffer Overflow
10569Zope Image updating Method
10846SilverStream directory listing
11499Sendmail buffer overflow due to type conversion
10483Unpassworded PostgreSQL
11524Coppermine Gallery Remote Command Execution
11327Nortel Baystack switch password test
11525WWW fingerprinting
11477DCP-Portal Path Disclosure
11647BLnews code injection
10212automountd service
10413SMB Registry : is the remote host a PDC/BDC
10012Alibaba 2.0 buffer overflow
10086Ftp PASV on connect crashes the FTP server
11658SunONE Application Server source disclosure
10618Pi3Web tstisap.dll overflow
11617Horde and IMP test disclosure
11322MS SQL Installation may leave passwords on system
10163Novell Border Manager
10308cgibin() in the KB
10716OmniPro HTTPd 2.08 scripts source full disclosure
11384Public CVS pserver
11208Netscape Enterprise Default Administrative Password
10890HTTP NIDS evasion
10062Eicon Diehl LAN ISDN modem DoS
10367TalentSoft Web+ Input Validation Bug Vulnerability
10964Windows Debugger flaw can Lead to Elevated Privileges (Q320206)
10642SMB Registry : SQL7 Patches
11633lovgate virus is installed
10436INN version check (2)
11523Samba trans2open buffer overflow
10580netscape imap buffer overflow after logon
10307Trin00 for Windows Detect
10634proftpd exhaustion attack
11682Philboard database access
10214database service
10717SHOUTcast Server DoS detector vulnerability
10799IBM-HTTP-Server View Code
11119SMB Registry : XP Service Pack version
10855Oracle XSQLServlet XSQLConfig.xml File
11528Flaw in Microsoft VM (816093)
11461Adcycle Password Disclosure
11032Directory Scanner
11349Sendmail Group Permissions Vulnerability
10661IIS 5 .printer ISAPI filter applied
11470WebChat XSS
11765scan for UPNP/Tcp hosts
11059Trend Micro OfficeScan Denial of service
11531PHPay Information Disclosure
11329The remote host is infected by a virus
11255Default password (root) for root
10087FTP real path
10080Linux FTP backdoor
10871DB2 DOS
11350Sendmail ETRN command DOS
11302Cumulative patch for Windows Media Player
11169SSH setsid() vulnerability
11100eXtremail format strings
10803Redhat Stronghold File System Disclosure
11678Super-M Son hServer Directory Traversal
10239tooltalk service
10149NetBeans Java IDE
11545Xeneo Web Server DoS
11236PHP-Nuke is installed on the remote host
10683iPlanet Certificate Management Traversal
10820F5 Device Default Support Password
10285thttpd 2.04 buffer overflow
10714Default password router Zyxel
10375Ken! DoS
10750phpMyExplorer dir traversal
10534FreeBSD 4.1.1 Finger
10342Check for VNC
11456PostgreSQL multiple flaws
11397vpopmail.php command execution
10171Oracle Web Server denial of Service
11385CVS pserver double free() bug
10809Sendmail -bt option
11128redhat Interchange
11761phpMyAdmin multiple flaws
10370IIS dangerous sample files
11675Philboard philboard_admin.ASP Authentication Bypass
11281cpanel remote command execution
11608Neoteris IVE XSS
11520HP Instant TopTools DoS
10936IIS XSS via 404 error
10497Microsoft Frontpage DoS
10549BIND vulnerable to ZXFR bug
10742Amanda Index Server version
10878Sun Cobalt Adaptive Firewall Detection
10526IIS : Directory listing through WebDAV
11770myServer DoS
10222nsemntd service
11755CesarFTP multiple overflows
10729Sendmail 8.11 local overflow
11194Unchecked Buffer in XP Shell Could Enable System Compromise (329390)
11376qpopper Qvsnprintf buffer overflow
10921RemotelyAnywhere SSH detection
10644anacondaclip CGI vulnerability
10136MDaemon crash
10479Roxen Server /%00/ bug
10518/doc/packages directory browsable ?
10273Detect SWAT server port
10309Passwordless Wingate installed
10570Unify eWave ServletExec 3.0C file upload
10897Users information : disabled accounts
10751Kazaa / Morpheus Client Detection
11729ion-p.exe vulnerability
10650VirusWall's catinfo overflow
11054fakeidentd overflow
11148Unchecked Buffer in Decompression Functions(Q329048)
11024p-smash DoS (ICMP 9 flood)
10826Unprotected Netware Management Portal
10669A1Stats Traversal
11698SQL injection in XPression Software
11030Apache chunked encoding
10514Directory listing through Sambar's search.dll
11160Windows Administrator NULL FTP password
11268OS fingerprint
11639Web-ERP Configuration File Remote Access
11154Unknown services banners
10737Oracle Applications One-Hour Install Detect
11390rsync array overflow
11609mod_survey ENV tags SQL injection
11394Lotus Domino XSS
10322Xitami Web Server buffer overflow
11010WebSphere Cross Site Scripting
11145Certificate Validation Flaw Could Enable Identity Spoofing (Q328145)
10926IE VBScript Handling patch (Q318089)
10562Master Index directory traversal vulnerability
10167NTMail3 spam feature
10246Sambar Web Server CGI scripts
11234Zope installation path disclose
10238tfsd service
10493SWC Overflow
10181PlusMail vulnerability
10835Unchecked Buffer in XP upnp
10857SNMP bad length field DoS
10943Cumulative Patch for Internet Information Services (Q327696)
10767Tests for Nimda Worm infected HTML files
10730Raptor FW version 6.5 detection
10736DCE Services Enumeration
10911Local users information : automatically disabled accounts
10960ServletExec 4.1 ISAPI Physical Path Disclosure
11743Post-Nuke Multiple XSS
10963Compaq Web Based Management Agent Proxy Vulnerability
11326Cumulative VM update
11282Nuked-Klan function execution
11474NetGear ProSafe VPN Login DoS
11708zentrack files reading
11377smb2www installed
11013Cisco VoIP phones DoS
11570MDaemon DELE DoS
11209Apache < 2.0.44 DOS device name
10006PC Anywhere
10041Cobalt RaQ2 cgiwrap
10988Netware NDS Object Enumeration
10648ftp 'glob' overflow
10377RealServer denial of Service
11688WF-Chat User Account Disclosure
11683Cumulative Patch for Internet Information Services (Q11114)
11753SquirrelMail's Multiple Flaws
10430SMB Registry : permissions of keys that can lead to admin
11357NFS cd ..
11534Microsoft ISA Server Winsock Proxy DoS (MS03-012)
11731VsSetCookie.exe vulnerability
11207War FTP Daemon USER/PASS Overflow
10251rpc.nisd overflow
10103HP LaserJet display hack
10018Knox Arkeia buffer overflow
11516AutomatedShops WebC.cgi buffer overflows
10096rsh with null username
10588Sendmail mime overflow
10023Bypass Axis Storpoint CD authentication
10498Test HTTP dangerous methods
10631IIS propfind DoS
10823OpenSSH UseLogin Environment Variables
10816Webalizer Cross Site Scripting Vulnerability
10213cmsd service
11754List of printers is available through CUPS
10385ht://Dig's htsearch reveals web server path
11440Bonsai Mutiple Flaws
10970GSR ACL pub
11764TMax Soft Jeus Cross Site Scripting
11369irix performance copilot
11629Poster version.two privilege escalation
10791Ultraseek Web Server Detect
10819PIX Firewall Manager Directory Traversal
11019Alcatel PABX 4400 detection
10788Solaris finger disclosure
10443Predictable TCP sequence number
11478paFileDB SQL injection
11433Microsoft ISA Server DNS - Denial Of Service (MS03-009)
11110SMB null param count DoS
10582HTTP version spoken
11183HTTP negative Content-Length buffer overflow
11271IMail account hijack
11273Invision PowerBoard code injection
11444PHP Mail Function Header Spoofing Vulnerability
11579FTgate DoS
10780CGIEmail's Cross Site Scripting Vulnerability (cgicso)
10670PHP3 Physical Path Disclosure Vulnerability
10117IIS 'GET ../../'
11062BadBlue invalid GET DoS
11090AppSocket DoS
11437osCommerce Cross Site Scripting Bugs
10398SMB get domain SID
11616DBTools DBManager Information Disclosure
10827SysV /bin/login buffer overflow (telnet)
11669p-news Admin Access
10556Broker FTP files listing
11649Blackmoon FTP stores passwords in cleartext
10989Nortel/Bay Networks default password
11253Unpassworded hax0r account
10733InterScan VirusWall Remote Configuration Vulnerability
10946Gnutella servent detection
10914Local users information : Never changed password
10770sglMerchant Information Disclosure Vulnerability
11621Snitz Forums Cmd execution
10967Shambala web server DoS
11705LeapFTP Overflow
11784Abyss httpd overflow
10074Firewall/1 UDP port 0 DoS
10812libgtop_daemon format string
10329BIND iquery overflow
11673Remote PC Access Server Detection
11267OpenSSL password interception
11466NiteServer FTP directory traversal
10947mod_python handle abuse
10530Passwordless Alcatel ADSL Modem
10391mstream handler Detect
10354vqServer administrative port
11366Trusting domains bad verification
10151NetBus 1.x
11733Bugbear.B worm
11409ePolicy orchestrator format string
11276CuteNews code injection
10424NAI Management Agent leaks info
10657NT IIS 5.0 Malformed HTTP Printer Request Header Buffer Overflow Vulnerability
11230Stronghold Swish
10120IIS perl.exe problem
10658Oracle tnslsnr version query
10019Ascend Kill
11046Apache Tomcat TroubleShooter Servlet Installed
11457SMB Registry : Winlogon caches passwords
10912Local users information : Can't change password
10244ypxfrd service
10833dtspcd overflow
10916Local users information : Passwords never expires
10183pnserver crash
11735Mnogosearch overflows
10882SSH protocol version 1 enabled
10888mod_ssl overflow
10249EXPN and VRFY commands
11156IRC daemon identification
11628WebLogic Certificates Spoofing
10862Microsoft's SQL Server Brute Force
10763Detect the HTTP RPC endpoint mapper
11078HTTP header overflow
10847SilverStream database structure
10066FakeBO buffer overflow
10226rquotad service
10005NetSphere Backdoor
10084ftp USER, PASS or HELP overflow
11535SheerDNS directory traversal
10622PPTP detection and versioning
10379LCDproc server detection
10223RPC portmapper
11176Tomcat 4.x JSP Source Exposure
11467JWalk server traversal
11244Unpassworded OutOfBox account
11396hp jetdirect vulnerabilities
11380CSCdz39284, CSCdz41124
10048Communigate Pro overflow
11028IIS .HTR overflow
11245Unpassworded root account
10453sawmill allows the reading of the first line of any file
10700Cisco IOS HTTP Configuration Arbitrary Administrative Access
10565Serv-U Directory traversal
11655D-Link router overflow
11471VChat information disclosure
11644ezPublish Directory Cross Site Scripting
11158Novell NetWare HTTP POST Perl Code Execution Vulnerability
11449ezPublish Cross Site Scripting Bugs
10772PHP-Nuke copying files security vulnerability (admin.php)
11527XMB Cross Site Scripting
11443Microsoft IIS UNC Mapped Virtual Host Vulnerability
10015AltaVista Intranet Search
11221Pages Pro CD directory traversal
11022eDonkey detection
11410Notes detection
11042Apache Tomcat DOS Device Name XSS
11612PXE server overflow
11777SMB share hosting copyrighted material
10654Oracle Application Server Overflow
11718Lotus /./ database lock
11260Default password (wank) for wank
11339scp File Create/Overwrite
11704icmp leak
10859SMB get host SID
10469ipop2d reads arbitrary files
10178php.cgi buffer overrun
11679VisNetic and Titan FTP Server traversal
10501Trinity v3 Detect
10007ShowCode possible
10198Quote of the day
11136/bin/login overflow exploitation
11123radmin detection
10186Portal of Doom
10427SMB Registry : permissions of HKLM
11336Cumulative patches for Excel and Word for Windows
10759Content-Location HTTP Header
10886BIND vulnerable to DNS storm
11600NetCharts Server Default Password
11064BadBlue invalid null byte vulnerability
11311shtml.exe overflow
11635Java Media Framework (JMF) Vulnerability
10504Still Image Service Privilege Escalation patch
11351Sendmail mail.local DOS
10852Oracle 9iAS Jsp Source File Reading
10050CSM Mail server MTA 'HELO' denial
10675CheckPoint Firewall-1 Telnet Authentication Detection
11338Lotus Domino Vulnerabilities
11426Kazaa is installed
10185POP3 Server type and version
11681Zeus Admin Interface XSS
10762RTSP Server type and version
10829scan for UPNP hosts
10520PIX's smtp content filtering
10071Finger cgi
10561cisco 675 http DoS
10227rstatd service
11543mod_access_referer 1.0.2 NULL pointer dereference
11408Apache < 2.0.43
10917SMB Scope
11540PPTP overflow
10872BadBlue Directory Traversal Vulnerability
11690JBoss source disclosure
10374uw-imap buffer overflow after logon
11074OfficeScan configuration file disclosure
10266UDP null size going to SNMP DoS
10935IIS ASP ISAPI filter Overflow
11231Unchecked Buffer in XP Redirector (Q810577)
10341Pocsag password
11225Oracle 9iAS OWA UTIL access
11776Carello detection
10440Check for Apache Multiple / vulnerability
10913Local users information : disabled accounts
11738RADIUS server detection
10107HTTP Server type and version
10410ICEcap default password
10064Excite for WebServers
11121xtel detection
10296w3-msql overflow
11321Sendmail 8.8.8 to 8.12.7 Double Pipe Access Validation Vulnerability
10417Sambar /cgi-bin/ installed ?
10010AliBaba path climbing
11537Ocean12 Guestbook XSS
10399SMB use domain SID to enumerate users
11272ISMail overflow
10632Webserver file request parsing
10031bootparamd service
11703WordPress code/sql injection
11638biztalk server flaws
10656Resin traversal
11435ActiveSync packet overflow
11124mldonkey telnet
11580UDP packets with source port of 53 bypass firewall rules
11146Microsoft RDP flaws could allow sniffing and DOS(Q324380)
10585IIS FrontPage DoS
10008WebSite 1.0 buffer overflow
11161RDS / MDAC Vulnerability Content-Type overflow
10681Netscape Messenging Server User List
10250Sendmail redirection check
10137MDaemon DoS
11556CISCO Secure ACS Management Interface Login Overflow
11401texi.exe path disclosure
11232Sendmail DNS Map TXT record overflow
10404SMB log in as users
11368Cross-Referencing Linux (lxr) file reading
10907Guest belongs to a group
11205War FTP Daemon CWD/MKD Buffer Overflow
11530WinAMP3 buffer overflow
11462Bugzilla Detection
11367Discard port open
11079Snapstream PVS web directory traversal
11434IBM Tivoli Relay Overflow
10180Ping the remote host
11404Multiple flaws in the Opera web browser
10447Zope DocumentTemplate package problem
10054Delegate overflow
10572IIS 5.0 Sample App vulnerable to cross-site scripting attack
11436guestbook tr3 password storage
10278Sendmail 8.6.9 ident
11561scriptlogic logging share
10655PHP-Nuke' opendir
10016AN-HTTPd tests CGIs
11734Argosoft DoS
10814Allaire JRun directory browsing vulnerability
11757NGC ActiveFTP Denial of Service
11565.forward in FTP root
10199RealServer Ramgen crash (ramcrash)
114753com RAS 1500 DoS
11120xtelw detection
10326Yahoo Messenger Denial of Service attack
11697IRCXPro Default Admin password
10972Multiple SSH vulnerabilities
10302robot(s).txt exists on the Web Server
10856PHP-Nuke sql_debug Information Disclosure
11198BitKeeper remote command execution
11732Webnews.exe vulnerability
10866XML Core Services patch (Q318203)
10332ftp writeable directories
10155Netscape Enterprise Server DoS
11749Vignette StoryServer TCL code injection
10768DoSable squid proxy server
11637MailMax IMAP overflows (2)
10369Microsoft Frontpage dvwssr.dll backdoor
11567CommunigatePro Hijacking
11715Header overflow against HTTP proxy
11706Spyke Flaws
10524SMB Windows9x password verification vulnerability
10210alis service
11104Directory Manager's edit_image.php
10472SSH Kerberos issue
11382CSCdv85279, CSCdw59394
10626MySQL various flaws
10169OpenLink web config buffer overflow
11625DrWeb Folder Name Overflow
10118IIS FTP server crash
11759Cajun p13x DoS
10150Using NetBIOS to retrieve information from a Windows host
10382Atrium Mercur Mailserver
10606HSWeb document path
11263Default password (lrkr0x) for gamez
11541Buffer overrun in NT kernel message handling
10718DCShop exposes sensitive files
11202Enhydra Multiserver Default Password
10686BroadVision Physical Path Disclosure Vulnerability
11418Sun rpc.cmsd overflow
11573SmallFTP traversal
10503Reading CGI script sources using /cgi-bin-sdb
10662Web mirroring
10451Dragon telnet overflow
10406IIS Malformed Extension Data in URL
10711Sambar webserver pagecount hole
10115idq.dll directory traversal
10321wwwboard passwd.txt
11585Sambar Transmits Passwords in PlainText
11204Apache Tomcat Default Accounts
11548bttlxeForum SQL injection
10906Users in the 'Replicator' group
11171HTTP unfinished line denail
11645wsmp3d command execution
11279Webmin Session ID Spoofing
11335mibiisa overflow
10433NT IP fragment reassembly patch not applied (jolt2)
10844ASP.NET Cross Site Scripting
11345SimpleBBS users disclosure
11352Sendmail Parsing Redirection DOS
11360Wordit Logbook
11452Oracle 9iAS web admin
11763Kerio WebMail interface flaws
10394SMB log in
11674BaSoMail SMTP Command HELO overflow
10216fam service
10553SMB Registry : permissions of WinVNC's key
10576Check for dangerous IIS default files
11661Unpassworded iiprotect administrative interface
10269SSH Overflow
10756MacOS X Finder reveals contents of Apache Web directories
10088Writeable FTP root
10449SMB Registry : value of SFCDisable
10488FTP Serv-U 2.5e DoS
10247Sendmail DEBUG
10680Test Microsoft IIS Source Fragment Disclosure
11374SunFTP directory traversal
10732IIS 5.0 WebDav Memory Leakage
11424WebDAV enabled
10147A Nessus Daemon is running
11237php 4.3.0
10604Allaire JRun Directory Listing
10994IPSwitch IMail SMTP Buffer Overflow
11138Citrix published applications
10464proftpd 1.2.0preN check
11448Siteframe Cross Site Scripting Bugs
10158NIS server
11114Canna Overflow
10220nlockmgr service
11773Linksys Gozila CGI denial of service
10400SMB accessible registry
11342PKCS #1 Version 1.5 Session Key Retrieval
10724Cayman DSL router one char login
10232showfhd service
11395Microsoft Frontpage XSS
11050php 4.2.x malformed POST
10491ASP/ASA source using Microsoft Translate f: bug
10267SSH Server type and version
10078Microsoft Frontpage 'authors' exploits
10755Microsoft Exchange Public Folders Information Leak
10902Users in the Admin group
10511/perl directory browsable ?
10090FTP site exec
10502Axis Camera Default Password
10807Jakarta Tomcat Path Disclosure
10682CISCO view-source DoS
10867php POST file uploads
11509GTcatalog password disclosure
10785SMB NativeLanMan
10560SuSE's identd overflow
11003IIS Possible Compromise
10476WebsitePro buffer overflow
11574Portable OpenSSH PAM timing attack
10364netscape publishingXpert 2 PSUser problem
10625IMAP4rev1 buffer overflow after logon
10358/iisadmin is world readable
11001MRTG mrtg.cgi File Disclosure
11458SMB Registry : No dial in
10463vpopmail input validation bug
10712quickstore traversal
11450Debian proftpd 1.2.0 runs as root
11514Netgear ProSafe Router password disclosure
11097TypSoft FTP STOR/RETR DoS
10139MDaemon Worldclient crash
11702zentrack code injection
11492Sambar XSS
10011get32.exe vulnerability
11348Sendmail long debug local overflow
114803com RAS 1500 configuration disclosure
10521Extent RBS ISP
11292CSCdv88230, CSCdw22408
10800Obtain OS type via SNMP
10892Obtains user information
11641BadBlue Remote Administrative Interface Access
11419Office files list
10039/cgi-bin directory browsable ?
10895Users information : automatically disabled accounts
10034RedHat 6.0 cachemgr.cgi
11473EMule DoS
10787tooltalk format string
11740Infinity CGI Exploit Scanner
11632CSCdx17916, CSCdx61997
11015Xerver web server DOS
11166KF Web Server /%00 bug
10081FTP bounce check
11782iXmail SQL injection
10744VisualRoute Web Server Detection
10441AFS client version
10154Netscape Enterprise 'Accept' buffer overflow
10193Usable remote proxy on any port
10810PHP-Nuke Gallery Add-on File View
11598MailMax IMAP overflows
10130ipop2d buffer overflow
10182Livingston Portmaster crash
10496Imail Host: overflow
10161rlogin -froot
10766Apache UserDir Sensitive Information Disclosure
11445Basit cms Cross Site Scripting Bugs
11400texi.exe information disclosure
11131Sambar web server DOS
11239Hidden WWW server name
11084Infinite HTTP request
11116phpMyAdmin arbitrary files reading
10172Passwordless HP LaserJet
11089Webseal denial of service
10190ProFTPd buffer overflow
11354Buffer overflow in FreeBSD 2.x lpd
10131jj cgi
11597Snitz Forums 2000 Password Reset and XSS
10838FastCGI Echo.exe Cross Site Scripting
11012ATA-186 password circumvention / recovery
10040cgitest.exe buffer overrun
10036CDK Detect
10527Boa file retrieval
10474GAMSoft TelSrv 1.4/1.5 Overflow
10395SMB shares enumeration
10870Login configurations
10533Web Shopper remote file retrieval
11061HTTP version number overflow
10264Default community names of the SNMP Agent
11587XMB SQL Injection
10754Cisco password not set
11406Buffer overflow in BSD in.lpd
10577Check for bdir.htr files
11004WhatsUp Gold Default Admin Account
11076Oracle webcache admin interface DoS
10889NIDS evasion
10224rexd service
10584technote's main.cgi
11699URLScan Detection
11420Sun portmap xdrmem_getbytes() overflow
11689Cisco IDS Device Manager Detection
10697WebLogic Server DoS
11031OpenSSH <= 3.3
11300Unchecked buffer in Network Share Provider (Q326830)
10192Proxy accepts CONNECT requests
10387cisco http DoS
11651Batalla Naval Overflow
10195Usable remote proxy
10961AirConnect Default Password
10861IE 5.01 5.5 6.0 Cumulative patch
10004IIS possible DoS using ExAir's search
10601Basilix includes download
11011SMB on port 445
11375smb2www remote command execution
10789Novell Groupwise WebAcc Information Disclosure
11068iPlanet chunked encoding
10548Enumerate Lanman shares via SNMP
10971GSR ICMP unreachable
11112Generic FTP traversal
10919Check open ports
10283TFN Detect
11769Zope Invalid Query Path Disclosure
10313WindowsNT PPTP flood denial
11151Webserver 4D Cleartext Passwords
10774ShopPlus Arbitrary Command Execution
11636ttCMS code injection
11362Simple File Manager Filename Script Injection
10201Relative IP Identification number change
11168Samba Unicode Buffer Overflow
11618Remote host replies to SYN+FIN
11550OpenBB SQL injection
11106NetTools command execution
11026Access Point detection
11744Post-Nuke SQL injection
11008PHP4 Physical Path Disclosure Vulnerability
11670GeekLog SQL vulns
11539NB1300 router default FTP account
10953Authentication bypassing in Lotus Domino
10908Users in the Domain Admin group
10538iWS shtml overflow
10386No 404 check
11482Post-Nuke information disclosure
11575Kerio personal Firewall buffer overflow
11143Exchange 2000 Exhaust CPU Resources (Q320436)
11280Usermin Session ID Spoofing
10450Dragon FTP overflow
10620EXPN overflow
11518Checkpoint Firewall open Web adminstration
11522Linksys Router default password
11546Xeneo web server %A DoS
10853Oracle 9iAS mod_plsql cross site scripting
11676Post-Nuke Rating System Denial Of Service
10783PCCS-Mysql User/Password Exposure
11196Cyrus IMAP pre-login buffer overrun
10284TFS SMTP 3.2 MAIL FROM overflow
10001ColdFusion Vulnerability
11099Pi3Web Webserver v2.0 Buffer Overflow
11668Webfroot shoutbox file inclusion
10938Apache Remote Command Execution via .bat files
10559XMail APOP Overflow
10407X Server
10806RPC Endpoint Mapper can Cause RPC Service to Fail
10705SimpleServer remote execution
11431XoloX is installed
11180DB4Web TCP relay
11722cgiWebupdate.exe vulnerability
10237sunlink mapper service
11750Psunami.CGI Command Execution
10523thttpd ssi file retrieval
10525LPC and LPC Ports Vulnerabilities patch
10536Anaconda remote file retrieval
11783Multiple IRC daemons format string attack
10262Mail relaying
10784ht://Dig's htsearch potential exposure/dos
11412IIS : WebDAV Overflow (MS03-007)
11423Flaw in Windows Script Engine (Q814078)
10896Users information : Can't change password
11307Unchecked buffer in Windows Shell
10703SMTP Authentication Error
10930HTTP Windows 98 MS/DOS device names DOS
11063LabView web server DoS
10837FAQManager Arbitrary File Reading Vulnerability
10456SMB enum services
11512Kerberos 5 issues
11504MultiTech Proxy Server Default Password
10376htimage.exe overflow
11643OneOrZero SQL injection
10651cfinger's version
10805Informix traversal
10555Domain account lockout vulnerability
10745WorldClient for MDaemon Server Detection
11725counter.exe vulnerability
10263SMTP Server type and version
11538ezPublish config disclosure
10047CMail's MAIL FROM overflow
11737NetGear Router Default Password
10325Xtramail pop3 overflow
10477Tomcat's /admin is world readable
11080poprelayd & sendmail authentication problem
10678Apache /server-info accessible
11261Default password (D13HH[) for root
10544format string attack against statd
11082Boozt index.cgi overflow
10160Nortel Contivity DoS
10752Apache Auth Module SQL Insertion Attack
10229sadmin service
10219nfsd service
11572Multiple ICQ Vulnerabilities
11256Default password (guest) for guest
11479paFileDB XSS
10197qpopper LIST buffer overflow
11324phpping code execution
11317Discover HP JetDirect EWS Password via SNMP
10966IMAP4buffer overflow in the BODY command
10073Finger redirection check
10775E-Shopping Cart Arbitrary Command Execution (WebDiscount)
10841SNMP port scan
11427LimeWire is installed
11576thttpd directory traversal thru Host:
10874Rich Media E-Commerce Stores Sensitive Information Insecurely
11756CuteFTP multiple flaws
11066SunSolve CD CGI user input validation
10383bizdb1-search.cgi located
11469SimpleChat information disclosure
11442Samba TNG multiple flaws
11414IMAP Banner
11515AutomatedShops WebC.cgi installed
10578Oops buffer overflow
11043iPlanet Search Engine File Viewing
11039mod_ssl off by one
10532eXtropia Web Store remote file retrieval
11270SMTP too long line
10999Linksys Router Default Password
11454SMB log in with W32/Deloder passwords
10513php file upload
10079Anonymous FTP enabled
10811ActivePerl perlIS.dll Buffer Overflow
11057Raptor Weak ISN
10429SMB Registry : permissions of winlogon
10997JRun directory traversal
10388Cassandra NNTP Server DoS
11133Generic format string
11371BSD ftpd Single Byte Buffer Overflow
10615Malformed PPTP Packet Stream vulnerability
11386Lotus Domino 6.0 vulnerabilities
11709SmartFTP Overflow
10875Avenger's News System Command Execution
10541KW whois
11646Turba Path Disclosure
10166Windows NT ftp 'guest' account
11691Desktop Orbiter Server Detection
11077HTTP Cookie overflow
11238Anti Nessus defenses
10531SMB Registry : Win2k Service Pack version
11051BIND9 DoS
11677ST FTP traversal
10619Malformed request to domain controller directory traversal and arbitrary command execution
10276TCP Chorusing
10692ftpd strtok() stack overflow
10085Ftp PASV denial of service
11141Crash SMC AP
10676CheckPoint Firewall-1 Web Authentication Detection
10668Malformed request to index server
10327Zeus shows the content of the cgi scripts
10168Detect talkd server port and protocol version
10044Checkpoint FW-1 identification
10962Cabletron Web View Administrative Access
10484Read any file thanks to ~nobody/
11073readmsg.php detection
11752Proxomitron DoS
11065HTTP method overflow
10056/doc directory browsable ?
11252Unpassworded toor account
10420Gauntlet overflow
11716Misconfigured Gnutella
11125mldonkey www
10904Users in the 'Backup Operator' group
11407proftpd 1.2.0rc2 format string vuln
11005LocalWeb2000 remote read
10038Cfinger's search.**@host feature
11306Unchecked buffer in ASP.NET worker process
11695Pi3Web Webserver v2.0 Denial of Service
10704Apache Directory Listing
10421Rockliffe's MailSite overflow
11393ColdFusion Path Disclosure
11127HTTP 1.0 header overflow
10274SyGate Backdoor
10735Generic flood
11316Sendmail remote header buffer overflow
11584webweaver FTP DoS
10590SWAT allows user names to be obtained by brute force
11455Passwordless frontpage installation
10346Mercur WebView WebClient
10353Interscan 3.32 SMTP Denial
10928EFTP buffer overflow
10437NFS export
10575Check for IIS .cnf file leakage
10248Sendmail 'decode' flaw
10146Tektronix /ncl_items.html
10061Echo port open
10200RealServer G2 buffer overrun
11363Gupta SQLBase EXECUTE buffer overflow
10564IIS phonebook
10486Relative Shell Path patch
10920RemotelyAnywhere WWW detection
11278Quicktime/Darwin Remote Admin Exploit
10522LPRng malformed input
11727CWmail.exe vulnerability
11219SYN Scan
10702Zope DoS
10445AnalogX denial of service by long CGI name
11712OpenSSH Reverse DNS Lookup bypass
11312DHCP server overflow / format string bug
11115gallery code injection
10438Netwin's DMail ETRN overflow
10817Interactive Story Directory Traversal Vulnerability
10550Obtain processes list via SNMP
10958ServletExec 4.1 / JRun ISAPI DoS
10630PHP-Nuke security vulnerability (bb_smilies.php)
11142IIS XSS via error
11554BadBlue Administrative Actions Vulnerability
10860SMB use host SID to enumerate local users
11117phpPgAdmin arbitrary files reading
11259Unpassworded StoogR account
11459SMB Registry : Do not show the last user name
11693PFTP clear-text passwords
11415SquirrelMail's Cross Site Scripting
10945Opening Group Policy Files (Q318089)
11416openwebmail command execution
10684yppasswdd overflow
11372HP-UX ftpd glob() Expansion STAT Buffer Overflow
10265An SNMP Agent is running
10489AnalogX web server traversal
11686mod_gzip format string attack
10891X Display Manager Control Protocol (XDMCP)
10026BFTelnet DoS
10315WINS UDP flood denial
10475Buffer overflow in WebSitePro webfind.exe
11557ideabox code injection
10540NSM format strings vulnerability
11758eLDAPo cleartext passwords
102083270 mapper service
11310myphpPageTool code injection
11588YaBB SE command execution
11157Trojan horses
10145Microsoft's SQL TCP/IP denial of service
10666AppleShare IP Server status query
10546Enumerate Lanman users via SNMP
11275GOsa code injection
10439OpenSSH < 2.1.1 UseLogin feature
10082FTPd tells if a user exists
11593SLMail SMTP overflows
10142MS Personal WebServer ...
11358The remote portmapper forwards NFS requests
11502ScozBook flaws
10993IIS ASP.NET Application Trace Enabled
10003IIS possible DoS using ExAir's query
10138MDaemon Webconfig crash
10298Webcart misconfiguration
11038SMTP settings
10667IIS 5.0 PROPFIND Vulnerability
10739Novell Web Server NDS Tree Browsing
10725SIX Webboard's generate.cgi
10818Alchemy Eye HTTP Command Execution
11481mod_auth_any command execution
11775Sambar CGIs path disclosure
11659ArGoSoft Mail Server multiple flaws
11671Ultimate PHP Board admin_ip.php code injection
11027AlienForm CGI script
11413Unchecked Buffer in ntdll.dll (Q815021)
11650MAILsweeper PowerPoint DoS
10573IIS 5.0 Sample App reveals physical path of web root
10028Determine which version of BIND name daemon is running
10365Windmail.exe allows any user to execute arbitrary commands
10802OpenSSH < 3.0.1
10057Lotus Domino ?open Vulnerability
10487WFTP 2.41 rc11 multiple DoS
10915Local users information : User has never logged on
10934MS FTPd DoS
11439Xoops path disclosure
10899Users information : User has never logged on
10297Web server traversal
10242yppasswd service
11293CSCdx07754, CSCdx24622, CSCdx24632
10256SLMail MTA 'HELO' denial
10771OpenSSH 2.5.x -> 2.9.x adv.option
10761Detect CIS ports
10885MS SMTP DoS
10143MSQL CGI overflow
11199Multiple vulnerabilities in CUPS
11226Oracle 9iAS default error information disclosure
11094WS FTP overflows
10547Enumerate Lanman services via SNMP
11501Justice guestbook
11162WebSphere Edge caching proxy denial of service
10252Shells in /cgi-bin
11389rsync modules
11615ttforum multiple flaws
11053IMC SMTP EHLO Buffer Overrun
10359ctss.idc check
10596Tinyproxy heap overflow
10360newdsn.exe check
10384IRIX Objectserver
11627WebLogic clear-text passwords
10509Malformed RPC Packet patch
11228Unreal Engine flaws XSS
10405shtml.exe reveals full path
10790rwhois format string attack
11214Microsoft's SQL Overflows
10485Service Control Manager Named Pipe Impersonation patch
10551Obtain network interfaces list via SNMP
11760Pod.Board Forum_Details.PHP Cross Site Scripting
10455Buffer Overrun in ITHouse Mail Server v1.04
11356Mountable NFS shares
10828SysV /bin/login buffer overflow (rlogin)
1159112Planet Chat Server ClearText Password
10125Imap buffer overflow
11665Apache < 2.0.46
11605IkonBoard arbitrary command execution
10022Axent Raptor's DoS
11113Samba Buffer Overflow
10121/scripts directory browsable
11179vBulletin's Calender Command Execution Vulnerability
11233N/X Web Content Management code injection
11323Security issues in the remote version of FlashPlayer
10741SiteScope Web Administration Server Detection
10940Windows Terminal Service Enabled
11666Post-Nuke information disclosure (2)
10156Netscape FastTrack 'get'
10900Users information : Passwords never expires
11687CrobFTP format string
11303mod_frontpage installed
11129HTTP 1.1 header overflow
11069HTTP User-Agent overflow
11589PT News Unauthorized Administrative Access
11048Resin DOS device path disclosure
10794PC Anywhere TCP
10646Lion worm
11098WS_FTP SITE CPWD Buffer Overflow
10014tst.bat CGI vulnerability
11044ICECast FileSystem disclosure
10459Poll It v2.0 cgi
11188X Font Service Buffer Overflow
10119NT IIS Malformed HTTP Request Header DoS Vulnerability
107473Com Superstack II switch with default password
11320The remote BIND has dynamic updates enabled
11108Omron WorldView Wnn Overflow
10055Sendmail 8.8.3 and 8.8.4 mime conversion overflow
10918Apache-SSL overflow
11072Basilix webmail dummy request vulnerability
11468php socket_iovec_alloc() integer overflow
10884NTP read variables
10941IPSEC IKE check
10092FTP Server type and version
11332wu-ftpd glob vulnerability (2)
10141MetaInfo servers
10765SQLQHit Directory Structure Disclosure
11325Word can lead to Script execution on mail reply
11203Motorola Vanguard with No Password
11092Apache 2.0.39 Win32 directory traversal
10778Unprotected SiteScope Service
11656Eserv Directory Index
10470WebActive world readable log file
11620Airport Administrative Port
10628php IMAP overflow
11096Avirt gateway insecure telnet proxy
10333Linux TFTP get file
10779CGIEmail's CGICso (Send CSO via CGI) Command Execution Vulnerability
11392Serv-U path disclosure
11583Microsoft Shlwapi.dll Malformed HTML form tag DoS
10215etherstatd service
11505Ecartis Username Spoofing
10797ColdFusion Debug Mode
10529Nortel Networks passwordless router (user level)
11430WinMX is installed
10822Multiple WarFTPd DoS
11235Too long OPTIONS parameter
11762StoneGate client authentication detection
11533Web Wiz Site News database disclosure
11195SSH Multiple Vulns
10432SMB Registry : permissions of keys that can change common paths
11277clarkconnectd detection
10998Shiva LanRover Blank Password
11720S-HTTP detection
11006RedHat 6.2 inetd
11212Unchecked buffer in Locate Service
10290Upload cgi
11544MonkeyWeb POST with too much data
10602hsx directory traversal
10782Formmail Version Information Disclosure
10072Finger dot at host feature
10295OmniHTTPd visadmin exploit

Preferences settings for this scan

max_hosts 16
max_checks 10
log_whole_attack yes
cgi_path /cgi-bin
port_range 1-1024
optimize_test yes
language english
checks_read_timeout 5
non_simult_ports 139, 445
plugins_timeout 320
safe_checks yes
auto_enable_dependencies no
use_mac_addr no
save_knowledge_base yes
kb_restore no
only_test_hosts_whose_kb_we_dont_have no
only_test_hosts_whose_kb_we_have no
kb_dont_replay_scanners no
kb_dont_replay_info_gathering no
kb_dont_replay_attacks no
kb_dont_replay_denials no
kb_max_age 864000
plugin_upload no
plugin_upload_suffixes .nasl, .inc
slice_network_addresses no
ntp_save_sessions yes
ntp_detached_sessions yes
server_info_nessusd_version 2.0.7
server_info_libnasl_version 2.0.7
server_info_libnessus_version 2.0.7
server_info_thread_manager fork
server_info_os Linux
server_info_os_version 2.4.22-a1-stand2
reverse_lookup no
ntp_keep_communication_alive yes
ntp_opt_show_end yes
save_session yes
detached_scan no
continuous_scan no

Summary of scanned hosts

HostHolesWarningsOpen portsState

http (80/tcp)
Port is open
domain (53/tcp)
Port is open

The remote host seems to generate Initial Sequence Numbers
(ISN) in a weak manner which seems to solely depend
on the source and dest port of the TCP packets.

The Raptor Firewall is known to be vulnerable to this flaw,
certain versions of Novell Netware, as may others be.

An attacker may use this flaw to establish spoofed connections
to the remote host.

Solution : If you are using a Raptor Firewall, see

If you are running Novell Netware 6, see:

or else contact your vendor for a patch


Risk factor : High
CVE : CAN-2002-1463
Remote OS guess : Linux Kernel 2.4.0 - 2.5.20

CVE : CAN-1999-0454
http (80/tcp)

The remote web servers is [mis]configured in that it
does not return '404 Not Found' error codes when
a non-existent file is requested, perhaps returning
a site map or search page instead.

Nessus enabled some counter measures for that, however
they might be insufficient. If a great number of security
holes are produced for this port, they might not all be accurate
http (80/tcp)
The remote web server type is :


Solution : We recommend that you configure (if possible) your web server to return
a bogus Server header in order to not leak information.

http (80/tcp)

The remote host is hosting the Pod.Board CGI suite,
a set of PHP scripts designed to manage online forums.

There is a cross site scripting issue in this suite which
may allow an attacker to steal the cookies of your legitimate
users, by luring them into clicking on a rogue URL.

Solution : None at this time
Risk Factor : Low/Medium
BID : 7933
http (80/tcp)
A web server is running on this port
http (80/tcp)
The following directories were discovered:
/cgi-bin, /cgi-bin2
http (80/tcp)

The remote host seems to be vulnerable to a security problem in
SquirrelMail. Its read_body.php didn't filter out user input for
'filter_dir' and 'mailbox', making a xss attack possible.

Upgrade to a newer version.

Risk factor : Medium
CVE : CAN-2002-1276, CAN-2002-1341
BID : 7019, 6302
http (80/tcp)

The remote pafiledb.php is vulnerable to a cross site scripting

An attacker may use this flaw to steal the cookies of your users

Solution : Upgrade to paFileDB 3.0
Risk factor : Medium
BID : 6021

The remote host does not discard TCP SYN packets which
have the FIN flag set.

Depending on the kind of firewall you are using, an
attacker may use this flaw to bypass its rules.

See also :

Solution : Contact your vendor for a patch
Risk factor : Medium
BID : 7487
http (80/tcp)

Basit cms 1.0 has a cross site scripting bug. An attacker may use it to
perform a cross site scripting attack on this host.

In addition to this, it is vulnerable to a SQL insertion
attack which may allow an attacker to get the control
of your database.

Solution : Upgrade to a newer version.
Risk factor : Medium
BID : 7139
http (80/tcp)

Siteframe 2.2.4 has a cross site scripting bug. An attacker may use it to
perform a cross site scripting attack on this host.

In addition to this, another flaw in this package may allow an attacker to
obtain the physical path to the remote web root.

Solution : Upgrade to a newer version.
Risk factor : Medium
BID : 7140, 7143
http (80/tcp)

The remote host is using XMB Forum.

This set of CGI is vulnerable to a cross-site-scripting issue
that may allow attackers to steal the cookies of your

Solution: Upgrade to a newer version.
Risk factor : Medium
CVE : CAN-2002-0316, CAN-2003-0375
BID : 4944, 8013
http (80/tcp)

ezPublish 2.2.7 has a cross site scripting bug. An attacker may use it to
perform a cross site scripting attack on this host.

In addition to this, another flaw may allow an attacker store hostile
HTML code on the server side, which will be executed by the browser of the
administrative user when he looks at the server logs.

Solution : Upgrade to a newer version.
Risk factor : Medium
CVE : CAN-2003-0310
BID : 7137, 7138
http (80/tcp)

The remote host is using ezPublish, a content management system.

There is a flaw in the remote ezPublish which lets an attacker
perform a cross site scripting attack. An attacker may use this
flaw to steal the cookies of your legitimate users.

Solution : Upgrade to ezPublish 3
Risk factor : Low/Medium
BID : 7616
http (80/tcp)

osCommerce is a widely installed open source shopping e-commerce solution.
An attacker may use it to perform a cross site scripting attack on
this host.

Solution : Upgrade to a newer version.
Risk factor : Medium
BID : 7156, 7151, 7153, 7158, 7155
http (80/tcp)

The remote host is running Tmax Soft JEUS, a web application
written in Java.

There is a cross site scripting issue in this software which
may allow an attacker to steal the cookies of your legitimate
users, by luring them into clicking on a rogue URL through
the misue of the file /url.jsp.

Solution : None at this time
Risk Factor : Low/Medium
BID : 7969
For your information, here is the traceroute to :


The remote host answers to an ICMP timestamp request. This allows an attacker
to know the date which is set on your machine.

This may help him to defeat all your time based authentication protocols.

Solution : filter out the ICMP timestamp requests (13), and the outgoing ICMP
timestamp replies (14).

Risk factor : Low
CVE : CAN-1999-0524
http (80/tcp)

The remote host has a CGI called 'testcgi.exe' installed
under /cgi-bin which is vulnerable to a cross site scripting

Solution: Upgrade to a newer version.
Risk factor : Low
BID : 7214
http (80/tcp)

The remote web server is running P-Synch, a password management
system running over HTTP.

There is a flaw in the CGIs nph-psa.exe and nph-psf.exe which
may allow an attacker to make this host include remote
files, disclose the path to the p-synch installation or
produce arbitrary HTML code (cross-site scripting).

Solution : Upgrade to the latest version of P-Synch
Risk factor : Low
BID : 7740, 7745, 7747
http (80/tcp)

Mambo Site Server is an open source Web Content Management System. An attacker
may use it to perform a cross site scripting attack on this host.

Solution: Upgrade to a newer version.
Risk factor : Medium
BID : 7135
http (80/tcp)
The remote web server seems to be vulnerable to the Cross Site Scripting vulnerability (XSS). The vulnerability is caused
by the result returned to the user when a non-existing file is requested (e.g. the result contains the JavaScript provided
in the request).
The vulnerability would allow an attacker to make the server present the user with the attacker's JavaScript/HTML code.
Since the content is presented by the server, the user will give it the trust
level of the server (for example, the trust level of banks, shopping centers, etc. would usually be high).

Risk factor : Medium


. Allaire/Macromedia Jrun:
. Microsoft IIS:
. Apache:
. ColdFusion:
. General:
BID : 5305, 7353, 7344, 8037
http (80/tcp)

Nuked-klan 1.3b has a cross site scripting bug. An attacker may use it to
perform a cross site scripting attack on this host.

In addition to this, another flaw may allow an attacker to obtain the physical
path of the remote CGI directory.

Solution : Upgrade to a newer version.
Risk factor : Medium
BID : 6916, 6917
http (80/tcp)

The remote Auction Deluxe server is vulnerable to
a cross site scripting attack.

As a result, a user could easily steal the cookies
of your legitimate users and impersonate them.

Solution : Upgrade to Auction Deluxe 3.30 or newer
Risk factor : Medium
CVE : CAN-2002-0257
BID : 4069
http (80/tcp)

DCP-Portal v5.3.1 has a cross site scripting bug. An attacker may use it to
perform a cross site scripting attack on this host.

Solution : Upgrade to a newer version.
Risk factor : Medium
BID : 7144, 7141
http (80/tcp)

The remote host is running the Neoteris IVE.

There is a cross site scripting issue in this
server (in the CGI swsrv.cgi) which may allow
an attacker to perform a session hijacking.

Solution : Upgrade to version 3.1 or Neoteris IVE
Risk factor : Medium
CVE : CAN-2003-0217
http (80/tcp)

The remote host is running the Xoops CGI suite.

There is a cross site scripting issue in this suite
which may allow an attacker to steal your users cookies.

The flaw lies in the cgi glossaire-aff.php.

You are advised to remove this CGI.

Solution : None at this time
Risk factor : Medium
BID : 7356
http (80/tcp)

The remote host is running the Bandmin CGI suite.

There is a cross site scripting issue in this suite
which may allow an attacker to steal your users cookies.

The flaw lies in the cgi bandwitdh/index.php

You are advised to remove this CGI.

Solution : None at this time
Risk factor : Medium
CVE : CAN-2003-0416
BID : 7729
http (80/tcp)

The remote host is running a version of pMachine which is vulnerable
to two flaws :
- It is vulnerable to a path disclosure problem which may allow
an attacker to gain more knowledge about this host

- It is vulnerable to a cross-site-scripting attack which may allow
an attacker to steal the cookies of the legitimates users of
this service

Solution : None at this time. Disable this CGI suite
Risk Factor : Low/Medium
BID : 7980, 7981