Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us

What We Scan For

General Vulnerabilities

Name Summary
602LAN SUITE Open Telnet Proxy Checks for telnet proxy in 602LAN SUITE
Aardvark Topsites Multiple Vulnerabilities Detect Aardvark Topsites version
Access Point detection Detects Wireless APs
AFS client version AFS client version
Amanda Index Server version Amanda Index Server version
AOLserver Default Password AOLserver Default Password
BIND vulnerable to DNS storm Checks the remote BIND version
Brightmail Control Center Default Account/Password Checks for default account / password in Brightmail Control Center
BrightStor ARCserve/Enterprise Backup Default Account Vulnerability Determines if the ARCServer Default account is present
cfengine detection and local identification check for the presence of cfengine with local identification version checks if possible
CheckPoint InterSpect Detect CheckPoint InterSpect
Chora Detection Checks for the presence of Chora
Cisco IDS Device Manager Detection Cisco IDS Management Web Server Detect
clarkconnectd detection clarkconnectd detection
Cobalt Web Administration Server Detection Cobalt Web Administration Server Detection
Compaq Web Based Management Agent Proxy Vulnerability Compaq Web Based Management Agent Proxy Vulnerability
Compaq Web-based Management Login Detect Predictable Compaq Web-based Management / HP System Management Agent Administrator Passwords
CVS file existence information disclosure weakness Logs into the remote CVS server and asks the version
CVS malformed entry lines flaw Logs into the remote CVS server and asks the version
CVS Multiple Unspecified Vulnerabilities Logs into the remote CVS server and asks the version
CVS pserver CVSROOT passwd file cmd exec Logs into the remote CVS server and asks the version
CVS pserver dir create bug Logs into the remote CVS server and asks the version
CVS pserver double free() bug Logs into the remote CVS server and asks the version
CVS pserver heap overflow Logs into the remote CVS server and asks the version
CVS server piped checkout access validation Logs into the remote CVS server and asks the version
DCShop exposes sensitive files DCShop exposes sensitive files
Delta UPS Daemon Detection Delta UPS Daemon Detection
Deprecated SSL Protocol Usage Checks for use of a deprecated SSL protocol
Determine if Bind 9 is running Determine which version of BIND name daemon is running
DHCP server info gathering Chats with the remote DHCP server
DNS AXFR Determines if the remote name server allows zone transfers
DNS Cache Snooping DNS Cache Snooping
DNS Server Detection detects a running name server
DNS Server Fingerprint detects a name server type and version
DNS Server on UDP and TCP Checks if the remote DNS servers answers on TCP too
Dropbear SSH server format string vulnerability Checks remote SSH server type and version
Enable local security checks Obtains the remote OS name and installed packages
Enhydra Multiserver Default Password Enhydra Multiserver Default Admin Password
F5 Device Default Support Password F5 Device Default Support Password
File Disclosure in osCommerce's File Manager Detect osCommerce's File Manager File Disclosure
File Disclosure in SurgeLDAP Detect SurgeLDAP File Disclosure
File Inclusion Vulnerability in Gemitel Detect Gimtel File Inclusion Vulnerability
FlexWATCH Authentication Bypassing Detect FlexWATCH Authentication Bypassing
Formmail Version Information Disclosure Formmail Version Information Disclosure
Get the IMAP Banner Grab and display the IMAP banner
Google Search Appliance Detection Detects a Google Appliance
HMAP Fingerprints the web server
Horde Detection Checks for the presence of Horde
Host FQDN Performs a name resolution
HP Integrated Lights-Out Detection Detects iLO
HP Jet Admin 6.5 or less Vulnerability HP JetAdmin 6.5 or less vulnerability
HP Jet Admin 7.x Directory Traversal HP JetAdmin directory traversal attack
HTTP Server type and version HTTP Server type and version
HTTP TRACE Look for an HTTP proxy on the way
HTTP version spoken HTTP version
ICMP domain name request Sends an ICMP Domain Name request
IDA Pro Detection IDA Pro Detection
IlohaMail Detection Checks for the presence of IlohaMail
IMP Detection Checks for the presence of IMP
Information about the scan Displays information about the scan
Invision Power Top Site List SQL Injection Detect Invision Power Top Site List SQL Injection
iPlanet Application Server Detection Sun ONE Application Server detection
IRC daemon identification IRCD version
IRCXPro Default Admin password Logs into the remote administrative interface of ircxpro
Kerberos 5 issues Check for kerberos
Kerberos IV cryptographic weaknesses Check for kerberos
Knox Arkeia Network Backup Agent Unauthorized Access Determines if the Arkeia Default account is present
Leafnode denials of service Check Leafnode version number for flaws
Linksys Router Default Password Linksys Router Default Password
Linux Distribution Detection Guesses the remote distribution version
Local Checks Failed Displays information about the scan
McAfee IntruShield management console Detect McAfee IntruShield Management Console
McAfee myCIO detection McAfee myCIO detection
Mediahouse Statistics Web Server Detect Mediahouse Statistics Web Server Detection
Microsoft Exchange Public Folders Information Leak Microsoft Exchange Public Folders Information Leak
Misc information on News server Misc information on News server
NetCharts Server Default Password NetCharts Server Default Password
NetGear Router Default Password NetGear Router Default Password
NetOp products information disclosure Detect if a NetOp product is configured to make the host name, IP address etc. public
Netscape Enterprise Default Administrative Password Netscape Enterprise Default Administrative Password
Netscape Enterprise Server default files Checks for Netscape Enterprise Server default files
Network Chemistry Wireless Sensor Detection Detects Wireless Sensor
NTP read variables NTP allows query of variables
ntpd Incorrect Group Privileges Vulnerability Checks for incorrect group privileges vulnerability in ntpd
Obtain /etc/passwd using NetInfo Uses NetInfo to read /etc/passwd remotely
Open News server Public NNTP server is open to outside
OpenFTPD Detection Determines the presence of OpenFTPD
Oracle Applications One-Hour Install Detect Oracle Applications One-Hour Install Detect
Oracle Web Administration Server Detection Oracle Web Administration Server Detect
OS Identification Determines the remote operating system
osCommerce Malformed Session ID XSS Vulnerability Detect osCommerce Malformed Session ID XSS
osTicket Backdoored Detect osTicker Backdoored
osTicket Detection Checks for the presence of osTicket
PHP-Nuke sql_debug Information Disclosure Make a request like http://www.example.com/?sql_debug=1
Predictable TCP sequence number TCP SEQ
Private IP address leaked in HTTP headers Checks for private IP addresses in HTTP headers
Private IP address Leaked using the PROPFIND method Checks for private IP addresses in PROPFIND response
psyBNC Server Detection Check for the presence of psyBNC.
Psychoblogger SQL Injection Detect Psychoblogger SQL Injection
Public CVS pserver Logs into the remote CVS server
Relative IP Identification number change Relative IP Identification number change
Remote Code Execution in Knowledge Builder Detect Knowledge Builder Code Execution
RiSearch OpenProxy Determines the presence of RiSearch's search.pl
RTSP Server type and version RTSP Server detection
S-HTTP detection Checks if the web server accepts the Secure method
SCO OpenServer multiple vulnerabilities Checks the remote SCO OpenServer
Shopping Cart Arbitrary Command Execution (Hassan) Shopping Cart Arbitrary Command Excution (Hassan)
SHOUTcast Server logfiles XSS SHOUTcast Server DoS detector vulnerability
SHOUTcast Server User-Agent / Host Header Denial of Service Vulnerability Checks for User-Agent / Host header denial of service vulnerability in SHOUTcast Server
SiteScope Web Administration Server Detection SiteScope Web Administration Server Detect
SiteScope Web Managegment Server Detect SiteScope Web Management Server Detect
SSH protocol version 1 enabled Negotiate SSH connections
SSH protocol versions supported Negotiate SSHd connections
SSH Server type and version SSH Server type and version
SSL Certificate Expiry Checks SSL certificate expiry
SSL ciphers checks the server certificate and available SSLv2 ciphers
Standard & Poors detection Detect if the remote host is a Standard & Poors' MultiCSP
Sun Cobalt Adaptive Firewall Detection Sun Cobalt Adaptive Firewall Detection
Sun JavaServer Default Admin Password Sun JavaServer Default Admin Password
Supported SSL Ciphers Suites Checks which SSL ciphers suites are supported
SWAT allows user names to be obtained by brute force Detect SWAT server port
TCP sequence number approximation Check for TCP approximations on the remote host
TFTP directory permissions (HP Ignite-UX) Determines if the remote host has writeable directories exposed via TFTP (HP Ignite-UX)
TFTP file detection (Cisco CallManager) Determines if the remote host has sensitive files exposed via TFTP (Cisco CallManager)
TFTP file detection (Cisco IOS CA) Determines if the remote host has sensitive files exposed via TFTP (Cisco IOS CA)
TFTP file detection (HP Ignite-UX passwd) Determines if the remote host has sensitive files exposed via TFTP (HP Ignite-UX passwd)
TFTP file detection (HP Ignite-UX) Determines if the remote host has sensitive files exposed via TFTP (HP Ignite-UX)
The remote BIND has dynamic updates enabled Determines if the UPDATE operation is implemented on the remote host
Tripwire for Webpages Information Disclosure Vulnerability Checks for information disclosure vulnerability in Tripwire for Webpages
TTL Anomaly detection Check for TTL anomalies on the remote host
UDDI detection Find UDDI
Ultraseek Web Server Detect Ultraseek Web Server Detect
Unconfigured web server Determines if the remote web server has been configured
Unprotected Netware Management Portal Unprotected Netware Management Portal
Unprotected PC Anywhere Service Unprotected PC Anywhere Service
Unreal Tournament Server Detection Detects Unreal Tournament Server
Usable remote name server Determines if the remote name server allows recursive queries
Version of BIND Sends a VERSION.BIND request
vqServer administrative port Detect vqServer's administrative port
WebDAV enabled Checks the presence of WebDAV
WhatsUp Gold Default Admin Account WhatsUp Gold Default Admin Account
WorldClient for MDaemon Server Detection Check for WorldClient for MDaemon
X-Micro Router Default Password X-Micro Router Default Password
Xoops myheader.php URL Cross Site Scripting Vulnerability Detect Xoops myheader.php URL XSS


Vulnerability Scanning Solutions, LLC.