General Vulnerabilities
Name
Summary
602LAN SUITE Open Telnet Proxy
Checks for telnet proxy in 602LAN SUITE
Aardvark Topsites Multiple Vulnerabilities
Detect Aardvark Topsites version
Access Point detection
Detects Wireless APs
AFS client version
AFS client version
Amanda Index Server version
Amanda Index Server version
AOLserver Default Password
AOLserver Default Password
BIND vulnerable to DNS storm
Checks the remote BIND version
Brightmail Control Center Default Account/Password
Checks for default account / password in Brightmail Control Center
BrightStor ARCserve/Enterprise Backup Default Account Vulnerability
Determines if the ARCServer Default account is present
cfengine detection and local identification
check for the presence of cfengine with local identification version checks if possible
CheckPoint InterSpect
Detect CheckPoint InterSpect
Chora Detection
Checks for the presence of Chora
Cisco IDS Device Manager Detection
Cisco IDS Management Web Server Detect
clarkconnectd detection
clarkconnectd detection
Cobalt Web Administration Server Detection
Cobalt Web Administration Server Detection
Compaq Web Based Management Agent Proxy Vulnerability
Compaq Web Based Management Agent Proxy Vulnerability
Compaq Web-based Management Login
Detect Predictable Compaq Web-based Management / HP System Management Agent Administrator Passwords
CVS file existence information disclosure weakness
Logs into the remote CVS server and asks the version
CVS malformed entry lines flaw
Logs into the remote CVS server and asks the version
CVS Multiple Unspecified Vulnerabilities
Logs into the remote CVS server and asks the version
CVS pserver CVSROOT passwd file cmd exec
Logs into the remote CVS server and asks the version
CVS pserver dir create bug
Logs into the remote CVS server and asks the version
CVS pserver double free() bug
Logs into the remote CVS server and asks the version
CVS pserver heap overflow
Logs into the remote CVS server and asks the version
CVS server piped checkout access validation
Logs into the remote CVS server and asks the version
DCShop exposes sensitive files
DCShop exposes sensitive files
Delta UPS Daemon Detection
Delta UPS Daemon Detection
Deprecated SSL Protocol Usage
Checks for use of a deprecated SSL protocol
Determine if Bind 9 is running
Determine which version of BIND name daemon is running
DHCP server info gathering
Chats with the remote DHCP server
DNS AXFR
Determines if the remote name server allows zone transfers
DNS Cache Snooping
DNS Cache Snooping
DNS Server Detection
detects a running name server
DNS Server Fingerprint
detects a name server type and version
DNS Server on UDP and TCP
Checks if the remote DNS servers answers on TCP too
Dropbear SSH server format string vulnerability
Checks remote SSH server type and version
Enable local security checks
Obtains the remote OS name and installed packages
Enhydra Multiserver Default Password
Enhydra Multiserver Default Admin Password
F5 Device Default Support Password
F5 Device Default Support Password
File Disclosure in osCommerce's File Manager
Detect osCommerce's File Manager File Disclosure
File Disclosure in SurgeLDAP
Detect SurgeLDAP File Disclosure
File Inclusion Vulnerability in Gemitel
Detect Gimtel File Inclusion Vulnerability
FlexWATCH Authentication Bypassing
Detect FlexWATCH Authentication Bypassing
Formmail Version Information Disclosure
Formmail Version Information Disclosure
Get the IMAP Banner
Grab and display the IMAP banner
Google Search Appliance Detection
Detects a Google Appliance
HMAP
Fingerprints the web server
Horde Detection
Checks for the presence of Horde
Host FQDN
Performs a name resolution
HP Integrated Lights-Out Detection
Detects iLO
HP Jet Admin 6.5 or less Vulnerability
HP JetAdmin 6.5 or less vulnerability
HP Jet Admin 7.x Directory Traversal
HP JetAdmin directory traversal attack
HTTP Server type and version
HTTP Server type and version
HTTP TRACE
Look for an HTTP proxy on the way
HTTP version spoken
HTTP version
ICMP domain name request
Sends an ICMP Domain Name request
IDA Pro Detection
IDA Pro Detection
IlohaMail Detection
Checks for the presence of IlohaMail
IMP Detection
Checks for the presence of IMP
Information about the scan
Displays information about the scan
Invision Power Top Site List SQL Injection
Detect Invision Power Top Site List SQL Injection
iPlanet Application Server Detection
Sun ONE Application Server detection
IRC daemon identification
IRCD version
IRCXPro Default Admin password
Logs into the remote administrative interface of ircxpro
Kerberos 5 issues
Check for kerberos
Kerberos IV cryptographic weaknesses
Check for kerberos
Knox Arkeia Network Backup Agent Unauthorized Access
Determines if the Arkeia Default account is present
Leafnode denials of service
Check Leafnode version number for flaws
Linksys Router Default Password
Linksys Router Default Password
Linux Distribution Detection
Guesses the remote distribution version
Local Checks Failed
Displays information about the scan
McAfee IntruShield management console
Detect McAfee IntruShield Management Console
McAfee myCIO detection
McAfee myCIO detection
Mediahouse Statistics Web Server Detect
Mediahouse Statistics Web Server Detection
Microsoft Exchange Public Folders Information Leak
Microsoft Exchange Public Folders Information Leak
Misc information on News server
Misc information on News server
NetCharts Server Default Password
NetCharts Server Default Password
NetGear Router Default Password
NetGear Router Default Password
NetOp products information disclosure
Detect if a NetOp product is configured to make the host name, IP address etc. public
Netscape Enterprise Default Administrative Password
Netscape Enterprise Default Administrative Password
Netscape Enterprise Server default files
Checks for Netscape Enterprise Server default files
Network Chemistry Wireless Sensor Detection
Detects Wireless Sensor
NTP read variables
NTP allows query of variables
ntpd Incorrect Group Privileges Vulnerability
Checks for incorrect group privileges vulnerability in ntpd
Obtain /etc/passwd using NetInfo
Uses NetInfo to read /etc/passwd remotely
Open News server
Public NNTP server is open to outside
OpenFTPD Detection
Determines the presence of OpenFTPD
Oracle Applications One-Hour Install Detect
Oracle Applications One-Hour Install Detect
Oracle Web Administration Server Detection
Oracle Web Administration Server Detect
OS Identification
Determines the remote operating system
osCommerce Malformed Session ID XSS Vulnerability
Detect osCommerce Malformed Session ID XSS
osTicket Backdoored
Detect osTicker Backdoored
osTicket Detection
Checks for the presence of osTicket
PHP-Nuke sql_debug Information Disclosure
Make a request like http://www.example.com/?sql_debug=1
Predictable TCP sequence number
TCP SEQ
Private IP address leaked in HTTP headers
Checks for private IP addresses in HTTP headers
Private IP address Leaked using the PROPFIND method
Checks for private IP addresses in PROPFIND response
psyBNC Server Detection
Check for the presence of psyBNC.
Psychoblogger SQL Injection
Detect Psychoblogger SQL Injection
Public CVS pserver
Logs into the remote CVS server
Relative IP Identification number change
Relative IP Identification number change
Remote Code Execution in Knowledge Builder
Detect Knowledge Builder Code Execution
RiSearch OpenProxy
Determines the presence of RiSearch's search.pl
RTSP Server type and version
RTSP Server detection
S-HTTP detection
Checks if the web server accepts the Secure method
SCO OpenServer multiple vulnerabilities
Checks the remote SCO OpenServer
Shopping Cart Arbitrary Command Execution (Hassan)
Shopping Cart Arbitrary Command Excution (Hassan)
SHOUTcast Server logfiles XSS
SHOUTcast Server DoS detector vulnerability
SHOUTcast Server User-Agent / Host Header Denial of Service Vulnerability
Checks for User-Agent / Host header denial of service vulnerability in SHOUTcast Server
SiteScope Web Administration Server Detection
SiteScope Web Administration Server Detect
SiteScope Web Managegment Server Detect
SiteScope Web Management Server Detect
SSH protocol version 1 enabled
Negotiate SSH connections
SSH protocol versions supported
Negotiate SSHd connections
SSH Server type and version
SSH Server type and version
SSL Certificate Expiry
Checks SSL certificate expiry
SSL ciphers
checks the server certificate and available SSLv2 ciphers
Standard & Poors detection
Detect if the remote host is a Standard & Poors' MultiCSP
Sun Cobalt Adaptive Firewall Detection
Sun Cobalt Adaptive Firewall Detection
Sun JavaServer Default Admin Password
Sun JavaServer Default Admin Password
Supported SSL Ciphers Suites
Checks which SSL ciphers suites are supported
SWAT allows user names to be obtained by brute force
Detect SWAT server port
TCP sequence number approximation
Check for TCP approximations on the remote host
TFTP directory permissions (HP Ignite-UX)
Determines if the remote host has writeable directories exposed via TFTP (HP Ignite-UX)
TFTP file detection (Cisco CallManager)
Determines if the remote host has sensitive files exposed via TFTP (Cisco CallManager)
TFTP file detection (Cisco IOS CA)
Determines if the remote host has sensitive files exposed via TFTP (Cisco IOS CA)
TFTP file detection (HP Ignite-UX passwd)
Determines if the remote host has sensitive files exposed via TFTP (HP Ignite-UX passwd)
TFTP file detection (HP Ignite-UX)
Determines if the remote host has sensitive files exposed via TFTP (HP Ignite-UX)
The remote BIND has dynamic updates enabled
Determines if the UPDATE operation is implemented on the remote host
Tripwire for Webpages Information Disclosure Vulnerability
Checks for information disclosure vulnerability in Tripwire for Webpages
TTL Anomaly detection
Check for TTL anomalies on the remote host
UDDI detection
Find UDDI
Ultraseek Web Server Detect
Ultraseek Web Server Detect
Unconfigured web server
Determines if the remote web server has been configured
Unprotected Netware Management Portal
Unprotected Netware Management Portal
Unprotected PC Anywhere Service
Unprotected PC Anywhere Service
Unreal Tournament Server Detection
Detects Unreal Tournament Server
Usable remote name server
Determines if the remote name server allows recursive queries
Version of BIND
Sends a VERSION.BIND request
vqServer administrative port
Detect vqServer's administrative port
WebDAV enabled
Checks the presence of WebDAV
WhatsUp Gold Default Admin Account
WhatsUp Gold Default Admin Account
WorldClient for MDaemon Server Detection
Check for WorldClient for MDaemon
X-Micro Router Default Password
X-Micro Router Default Password
Xoops myheader.php URL Cross Site Scripting Vulnerability
Detect Xoops myheader.php URL XSS