Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us

What We Scan For

Misc. Vulnerabilities

Name Summary
04WebServer Multiple Remote Vulnerabilities Checks for version of 04WebServer
12Planet Chat Server ClearText Password Checks for the data encapsulation of 12Planet Chat Server
12Planet Chat Server Path Disclosure Checks for 12Planet Chat Server path disclosure
3Com Superstack 3 switch with default password Logs into 3Com Superstack 3 switches with default passwords
4D WebStar Symbolic Link Vulnerability Checks for 4D FTP Server
AirConnect Default Password 3Com AirConnect AP Default Password
Airport Administrative Port Connects to port 5009 and says 'Hello'
Airport Administrative Traffic Detection (192/udp) Sends a message to UDP port 192
Alcatel ADSL modem with firewalling off Checks Alcatel ADSL modem protection
Allied Telesyn Router/Switch found with default password Logs into Allied Telesyn routers and switches with default password
Allied Telesyn Router/Switch Web interface found with default password Logs into Allied Telesyn routers and switches Web interface with default password
AppleShare IP Server status query connects to port 548/tcp, issues DSIGetStatus
ArGoSoft Mail Server IMAP Server Directory Traversal Vulnerability Checks for directory traversal vulnerability in ArGoSoft IMAP server
ArGoSoft Mail Server _DUMP Command Information Disclosure Vulnerability Checks for _DUMP command information disclosure vulnerability in ArGoSoft POP3 server
AttachmateWRQ Reflection for Secure IT Server < 6.0 Build 24 Multiple Vulnerabilities Checks for multiple vulnerabilities in AttachmateWRQ Reflection for Secure IT Server < 6.0 build 24
AttachmateWRQ Reflection for Secure IT Server SFTP Format String Vulnerability Checks for format string vulnerability in AttachmateWRQ Reflection for Secure IT Server SFTP subsystem
Avaya P330 Stackable Switch found with default password Logs into Avaya switches with default password
Aventail ASAP detection Aventail ASAP Management Console management
Axis Camera Default Password Detects whether an Axis Network Camera has its default pass set
Bay Networks Accelar 1200 Switch found with default password Logs into Bay Networks switches with default password
BIND vulnerable to negative cache poison bug Checks the remote BIND version
BIND vulnerable to ZXFR bug Checks the remote BIND version
BlackBerry Enterprise Server Detection Detects BlackBerry Enterprise Server
BNC IRC Server Authentication Bypass Vulnerability Check BNC authentication bypass
Cabletron Web View Administrative Access Cabletron Web View Administrative Access
Cayman DSL router one char login Notifies that the remote cayman router allows one char logins
Check open ports Check if ports are still open
Checkpoint Secure Platform detection Checkpoint Secure Platform web console management
Cheops NG without password Cheops NG agent is running without authentication
Cisco 675 passwordless router Logs into the remote CISCO router
CiscoWorks Management Console Detection Checks for CiscoWorks
Citrix published applications Find Citrix published applications
Clearswift MIMEsweeper manager console detection Checks for MIMEsweeper manager console
Default password router Pirelli AGE mB Logs into the router Pirelli AGE mB
Default password router Zyxel Logs into the router Zyxel
DefaultNav checker DefaultNav checker
Detect slident and or fake identd Detect identd servers that return random tokens
Directory Scanner Directory Scanner
Dovecot Directory Traversal Vulnerability Tries to list contents of mbox root parent directory in Dovecot
Embedded Web Server Detection This scripts detects wether the remote host is an embedded web server
EMC Legato Networker Multiple Vulnerabilities Determines if Legato Networker is vulnerable
Enterasys Dragon Enterprise Reporting detection Checks for Enterasys Dragon Enterprise Reporting console
eSeSIX Thintune Thin Client Multiple Vulnerabilities Detect the presence of eSeSIX backdoor
eStara SoftPhone Detection Detects eStara SoftPhone
eStara SoftPhone SDP Data Attribute Buffer Overflow Vulnerability Checks version number of eStara SoftPhone
Etherleak etherleak check
Find if IIS server allows BASIC and/or NTLM authentication Find IIS authentication scheme
Firewall ECE-bit bypass Firewall ECE-bit bypass
FlexCast Detection Checks for FlexCast
Fortinet Fortigate console management detection Checks for Fortinet Fortigate management console
FortressSSH SSH_MSG_KEXINIT Remote Buffer Overflow Vulnerability Does a banner check for FortressSSH
Hobbit Monitor config Command Directory Traversal Vulnerability Tries to read a local file using hobbitd
hp jetdirect vulnerabilities Uses SNMP to determine if a flaw is present
HP LaserJet direct print Checks if lpd is useless
HP LaserJet display hack Changes the printer's display
HylaFAX hfaxd Password Check Vulnerability Checks for password check vulnerability in HylaFAX hfaxd
HylaFAX Remote Access Control Bypass Vulnerability Determines if HylaFAX is vulnerable to access control bypass.
IBM AS400 and iSeries POP3 Server Remote Information Disclosure Vulnerability Checks for remote information disclosure vulnerability in IBM AS400 and iSeries POP3 server
ICECast AVLlib remote buffer overflow Check icecast version
ICECast crafted URL DoS Check icecast version
ICECast directory traversal flaw Check icecast version
ICECast HTTP basic authorization DoS Check icecast version
ICECast libshout remote buffer overflow Check icecast version
ICECast remote buffer overflow Check icecast version
ICECast XSS check icecast version
icmp leak icmpleak check
Identd scan Get UIDs with identd
IgnitionServer Irc operator privilege escalation vulnerability checks the version of the remote ircd
IMAP Unencrypted Cleartext Logins Checks if IMAP daemon allows unencrypted cleartext logins
INN buffer overflow Checks INN version
Intellipeer POP3 server user account enumeration Checks for a flaw in Intellipeer pop3
Intrusion.com SecureNet provider detection Checks for Intrusion.com SecureNet provider console
Intrusion.com SecureNet sensor detection Checks for Intrusion.com SecureNet sensor console
IP protocols scan Scans IP protocols
IPSwitch IMail SMTP Buffer Overflow IPSwitch IMail SMTP Buffer Overflow
irix performance copilot Checks the presence of IRIX copilot
ISS deployment manager detection Checks for ISS deployment manager web interface
JigSaw < 2.2.4 Checks for version of JigSaw
Kerberos PingPong attack Checks for the presence of a bad krb server
Lighttpd Remote CGI Script Disclosure Vulnerability Checks for version of Sami HTTP server
Lime Wire Multiple Remote Unauthorized Access Checks for remote unauthorized access flaw in Lime Wire
Linksys Router default password Tests for the linksys default account
Linksys Wireless Internet Camera File Disclosure Tests for the Linksys CGI Disclosure
List of printers is available through CUPS Obtains the list of printers on the remote host
Macallan IMAP Server Directory Traversal Vulnerabilities Checks for a directory traversal vulnerability in Macallan
Mailman Password Retrieval Checks for Mailman Password Retrieval Vulnerability
MAILsweeper Archive File Filtering Bypass Checks the remote banner
MDaemon Content Filter Directory Traversal Vulnerability Checks for content filter directory traversal vulnerability in MDaemon
Motorola Vanguard with No Password Attempts to log into Vanguards.
NAI Management Agent leaks info Determines if the remote NAI WebShield SMTP Management trusts us
Netgear ProSafe Router password disclosure Enumerates user and password via soap
Netopia SNMP password disclosure flaw Checks to see if the router will disclose the admin password
Netscape /.perf accessible Makes a request like http://www.example.com/.perf
Netscape Messenging Server User List Checks the error messages issued by the pop3 server
NetworkActive Web Server Overflow Checks for version of NetworkActive Web Server
Nortel Baystack switch password test Logs into the remote Nortel terminal server
Nortel Default Accounts Logs into the remote switch with a default login/password pair
Nortel Networks passwordless router (user level) Logs into the remote Nortel Networks (Bay Networks) router
Nortel Networks passwordless router (manager level) Logs into the remote Nortel Networks (Bay Networks) router
Nortel Web Management Default Username and Password (ro/ro) Checks for the presence of default username and password
Nortel/Bay Networks default password Logs into the remote Nortel switch/router
Nortel/Bay Networks/Xylogics Annex default password Logs into the remote Nortel terminal server
notes.ini checker notes.ini checker
Open X11 Server X11 determines if X11 is open
OpenSSH < 4.4 Multiple GSSAPI Vulnerabilities Checks version number of OpenSSH
OpenSSH GSSAPI Credential Disclosure Vulnerability Checks for GSSAPI credential disclosure vulnerability in OpenSSH
OpenSSH Reverse DNS Lookup bypass Checks for the remote SSH version
OpenSSL password interception Checks for version of OpenSSL
OpenVPN Unprotected Management Interface Vulnerability Looks for banner of OpenVPN Management Interface
Passwordless Alcatel ADSL Modem Logs into the remote Alcatel ADSL modem
Passwordless Cayman DSL router Notifies that the remote cayman router has no password
Passwordless HP LaserJet Notifies that the remote printer has no password
Passwordless Lexmark Printer Notifies that the remote printer has no password
Pocsag password log in using password 'password'
Polipo Local Web Root Restriction Bypass Vulnerability Checks for local web root restriction bypass vulnerability in Polipo
POP Password Changer Unauthorized Password Change Vulnerability Determines if POP Password Changer is vulnerable to access control bypass.
POP2 Unencrypted Cleartext Logins Checks for unencrypted POP2 login capability
POP3 Unencrypted Cleartext Logins Checks if POP3 daemon allows unencrypted cleartext logins
Portable OpenSSH PAM timing attack Checks the timing of the remote SSH server
Proxy Web Server Cross Site Scripting Determine if the remote proxy is vulnerable to Cross Site Scripting vulnerability
Qpopper Insecure File Handling Vulnerabilities Checks for insecure file handling vulnerabilities in Qpopper
qpopper options buffer overflow qpopper options buffer overflow
QPopper Username Information Disclosure QPopper Username Information Disclosure
QuiXplorer Directory Traversal Tests for the QuiXplorer Directory traversal
ReadDesign checker ReadDesign checker
RealServer Memory Content Disclosure dumps the memory of a real g2 server
RealVNC Authentication Bypass Vulnerability Tries to bypass authentication using RealVNC
Record route Ping target with Record Route option
RedHat 6.2 inetd Stalls the remote inetd
Resin /caucho-status accessible Makes a request like http://www.example.com/caucho-status
Retrospect Client Denial of Service Vulnerability Checks version of Retrospect client
RIP poisoning Poison routing tables through RIP
Samba < 3.0.24 Multiple Flaws Checks the version of Samba
Samba Machine Trust Account Local Information Disclosure Vulnerability Checks the version of Samba
Sambar Transmits Passwords in PlainText Makes sure that Sambar runs on top of SSL
Sami HTTP Server v1.0.4 Checks for version of Sami HTTP server
Several GET locks web server Several GET requests in a row temporarily shut down the web server
ShareMailPro Username Identification Checks for the pop login error
SheerDNS directory traversal Determines if the remote DNS server handles malformed names
Shiva Integrator Default Password Logs into the remote Shiva router
Shiva LanRover Blank Password Checks for a blank password for the root account.
SIP Express Router Missing To in ACK DoS SER Missing To in ACK DoS
SIP Express Router Register Buffer Overflow SER Register Buffer Overflow
SMC2804WBR Default Password Logs in with default password on SMC2804WBR
SOCKS server detection Detect & inspect SOCKS4/5 servers
Squid Multiple Flaws Determines squid version
Squid null character unauthorized access Determines squid version
Squid Proxy Failed DNS Lookup Random Error Messages Checks for the usage of a freed pointer
Squid Proxy Set-Cookie Headers Information Disclosure Vulnerability Checks for Set-Cookie headers information disclosure vulnerability in Squid
SSH Tectia Server Host Authentication Authorization Bypass Vulnerability Checks for the remote SSH version
SSH Tectia Server SFTP Format String Vulnerability Checks for format string vulnerability in SSH Tectia Server SFTP subsystem
Sun Java System Web Proxy Server Unspecified Remote Denial Of Service Vulnerability Checks for unspecified remote denial of service vulnerability in Sun Java System Web Proxy Server
SunOne Web Proxy Unspecified Remote Buffer Overflows Checks for version of SunOne Web Proxy
sxdesign SIPd Status Server Detection SIP Status Server Detection
TCP Chorusing Counts the number of ACKs to a SYN
Tektronix /ncl_items.html Checks for the presence of /ncl_*.html
TinyWeb 1.9 Checks for version of TinyWeb
Tomcat /status information disclosure Makes a request like http://www.example.com/server-status
Traceroute traceroute
Trend Micro IMSS console management detection Checks for Trend Micro IMSS web console management
Trend Micro IWSS console management detection Checks for Trend Micro IWSS web console management
Trend Micro TMCM console management detection Checks for Trend Micro TMCM console management
Unknown services banners Displays the unknown services banners
Unreal IRCd IP cloaking weakness checks the version of the remote ircd
URLScan Detection Detects the presence of URLScan
UW-IMAP CRAM-MD5 Remote Authentication Bypass Vulnerability Checks the version of UW-IMAP
VMWare Host Determines if the remote host is VMWare
VNC security types Identifies the RFB protocol version (VNC) & security types
WebLogic Certificates Spoofing Checks the version of WebLogic
WebLogic Server hostname disclosure Make a request like GET . \r\n\r\n
Websense reporting console detection Checks for Websense reporting console
Webserver 4D Cleartext Passwords Checks for Webserver 4D
WebShield Appliance detection Checks for WebShield Appliance console management
WebWasher Classic HTTP CONNECT Unauthorized Access Weakness Checks for the presence of WebWasher Proxy
WinGate IMAP Server Directory Traversal Vulnerabilities Tries to create a directory in WinGate's main directory
Xerox DocuCentre / WorkCentre Postscript Directory Traversal Vulnerability Checks model number / software version of Xerox DocuCentre and WorkCentre devices
Xerox MicroServer Unauthorized Access Vulnerability Checks for authentication bypass vulnerability in Xerox MicroServer
Xerox MicroServer Web Server Multiple Vulnerabilities Checks for multiple vulnerabilities in Xerox MicroServer web server
Xerox MicroServer Web Server Remote Denial of Service Vulnerability Checks for web server remote denial of service vulnerability in Xerox MicroServer
Xerox WorkCentre Multi-Page Document Information Disclosure Vulnerability Checks for multi-page document information disclosure vulnerability in Xerox WorkCentre devices
Xerox WorkCentre Pro Multiple Remote Vulnerabilities Checks for multiple remote vulnerabilities in Xerox WorkCentre Pro
Xerox XRX06-001 Checks for multiple ESS / network controller and microServer vulnerabilities in Xerox WorkCentre devices
Xerox XRX06-002 Checks for multiple vulnerabilities in Xerox WorkCentre devices
Xerox XRX06-005 Checks Net Controller Software version of Xerox WorkCentre devices
Xerox XRX06-006 Checks Net Controller Software version of Xerox WorkCentre devices
XTramail control denial Overflows the remote server
ZyXEL Prestige Router Configuration Reset Determines if /rpFWUpload.html is world-readable


Vulnerability Scanning Solutions, LLC.