Vulnerabilities
The vulnerability category list will give you an overview of the types of vulnerabilities which SAINT® can detect.
You can also view SAINT's vulnerability checks by IAVA number. (Available to users registered in .mil and .gov domains only.)
CVE List
(Based on CVE version 20061101 and SANS Top 20 version 7.)| CVE | SAINT check ID | SAINT® Category | SANS Top 20 |
| rpc_mountd |
mountd vulnerabilities |
||
| rpc_tooltalkbo |
tooltalk version |
||
| mail_imap_bo |
imap version |
||
| mail_pop_qpop mail_pop_two |
pop version |
||
| rpc_nisd |
nisd vulnerability |
||
| dns_bindbo dns_potential |
DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| dns_bindbo dns_potential |
DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| dns_bindbo dns_potential |
DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| shell_ssh_fsecure shell_ssh_ssh |
SSH AttachmateWRQ vulnerabilities SSH vulnerabilities |
||
| ftp_bounce |
FTP bounce |
||
| rpc_statd |
rpc statd access |
||
| rpc_statd |
rpc statd access |
||
| web_prog_cgi_count |
http cgi access |
||
| dns_bindbo dns_potential |
DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| ftp_wuftpold |
FTP vulnerabilities |
||
| web_prog_cgi_webdist |
http cgi access |
||
| mail_imap_bo mail_pop_two mail_pop_uw |
imap version pop version |
||
| misc_inndbo |
innd vulnerabilities |
||
| web_prog_cgi_nphtestcgi |
http cgi info |
||
| mail_smtp_sendmail |
Sendmail vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| misc_talk |
talk vulnerabilities |
||
| web_prog_php_phpcgi |
http cgi access |
||
| rpc_sgifam |
SGI fam vulnerability |
||
| printer_bsdlpd printer_linuxlpd |
BSD lpd Linux lpd |
||
| web_prog_cgi_anyform web_prog_cgi_anyformtwo |
http cgi access |
||
| web_prog_cgi_phf |
http cgi access |
||
| web_prog_cgi_testcgi |
http cgi info |
||
| misc_tcpseq |
TCP sequence number prediction |
||
| ftp_wuftpold |
FTP vulnerabilities |
||
| mail_smtp_debug |
Sendmail vulnerabilities |
||
| mail_smtp_decode |
sendmail decode |
||
| misc_inndbo |
innd vulnerabilities |
||
| net_chargen |
packet flooding problems |
||
| misc_finger_redirect |
finger redirection |
||
| misc_finger_redirect |
finger redirection |
||
| mail_smtp_sendmail |
Sendmail vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| mail_smtp_sendmail |
Sendmail vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| mail_smtp_sendmail |
Sendmail vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| web_prog_cgi_campas |
http cgi access |
||
| web_prog_cgi_handler |
http cgi access |
||
| web_prog_cgi_aglimpse |
http cgi access |
||
| web_prog_cgi_wrap |
http cgi info |
||
| rpc_nfs_portmap |
NFS export via portmapper |
||
| web_prog_cgi_formmail |
http cgi access |
||
| web_prog_cgi_viewsource |
http cgi access |
||
| web_prog_cgi_webgais |
http cgi access |
||
| web_prog_cgi_uploader |
http cgi access |
||
| web_prog_cgi_wincsample |
http cgi access |
||
| net_snmp_read net_snmp_write |
Guessable Read Community Guessable Write Community |
||
| web_prog_iis_newdsn |
http IIS samples |
||
| web_prog_cgi_websendmail |
http cgi access |
||
| misc_finger_zero |
excessive finger info |
||
| mail_smtp_sendmail |
Sendmail vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| mail_smtp_sendmail |
Sendmail vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| mail_smtp_sendmail |
Sendmail vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| misc_solaris_rpcypupdated |
Solaris rpc ypupdated vulnerabilities |
||
| rpc_statd |
rpc statd access |
||
| ftp_servu |
Serv U vulnerabilities |
||
| web_prog_cgi_guestbook |
http potential problems |
||
| shell_ssh_fsecure shell_ssh_ssh |
SSH AttachmateWRQ vulnerabilities SSH vulnerabilities |
||
| net_snmp_openview net_snmp_openvieww |
Guessable Read Community Guessable Write Community |
||
| web_prog_cgi_jj |
http cgi access |
||
| web_prog_cgi_faxsurvey |
http cgi access |
||
| web_prog_cgi_htmlscript |
http cgi access |
||
| web_prog_cgi_info2www |
http cgi access |
||
| web_prog_cgi_pfdispaly |
http cgi access |
||
| web_prog_cgi_excite |
http potential problems |
||
| misc_wingate |
Open proxy |
||
| printer_bsdlpd |
BSD lpd |
||
| rpc_cmsd |
calendar manager |
||
| net_omniback |
HP Omniback vulnerabilities |
||
| ftp_beroftp ftp_proftpold ftp_wuftpold |
FTP vulnerabilities ProFTPD vulnerabilities |
||
| mail_smtp_sendmail |
Sendmail vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| web_prog_cfm_exprcalc |
http Cold Fusion |
||
| web_prog_cfm_openfile |
http Cold Fusion |
||
| rpc_statd |
rpc statd access |
||
| ftp_anonymous |
Anonymous FTP |
||
| pass_guessed |
guessed account password |
||
| pass_none |
guessed account password |
||
| pass_win |
guessed account password |
||
| pass_winnone |
guessed account password |
||
| pass_win |
guessed account password |
||
| pass_winnone |
guessed account password |
||
| net_asantepass net_avayapass net_axispass net_dynalinkpass net_gatewaypass net_netgearzebra net_password net_prestige net_utstarcom net_verticalpass |
default device password |
||
| net_asantepass net_avayapass net_axispass net_dynalinkpass net_gatewaypass net_netgearzebra net_password net_prestige net_utstarcom net_verticalpass |
default device password |
||
| web_prog_shell_ash web_prog_shell_bash web_prog_shell_csh web_prog_shell_ksh web_prog_shell_perl web_prog_shell_perlexe web_prog_shell_sh web_prog_shell_tcsh web_prog_shell_zsh |
http cgi shells |
||
| mail_smtp_relay mail_smtp_turn |
SMTP mail relay SMTP turn |
||
| net_smurf |
packet flooding problems |
||
| net_fraggle |
packet flooding problems |
||
| shell_r_trust |
remote shell access |
||
| net_snmp_read net_snmp_write |
Guessable Read Community Guessable Write Community |
||
| net_snmp_ilmi net_snmp_ilmiw net_snmp_ios net_snmp_nogah net_snmp_nogahw net_snmp_openview net_snmp_openvieww net_snmp_read net_snmp_write |
Guessable Read Community Guessable Write Community Cisco IOS SNMP access |
||
| misc_linuxnetbios |
Linux NetBIOS vulnerability |
||
| win_rwshare win_share |
open SMB shares |
||
| misc_icmp_netmask misc_icmp_timestamp |
ICMP information disclosure |
||
| misc_xhost |
unrestricted X server access |
||
| ftp_writable |
writable FTP directory |
||
| mail_smtp_expn mail_smtp_vrfy |
sendmail info |
||
| dns_transfer |
DNS zone transfer |
||
| win_policy_rights_debug win_policy_rights_driver win_policy_rights_lock win_policy_rights_os win_policy_rights_own win_policy_rights_priority win_policy_rights_ptoken win_policy_rights_share win_policy_rights_token win_policy_rights_trav |
Windows account rights Note: Authentication is required to detect this vulnerability |
||
| win_policy_account_passcomplex win_policy_account_passhist win_policy_account_passlen win_policy_account_passmax win_policy_account_passmin |
Windows account policy |
||
| rpc_nfs_unres |
unrestricted NFS export |
||
| win_registry |
registry access |
||
| web_security_autoindex |
http server autoindex |
||
| win_policy_audit_acctmgmt win_policy_audit_acctmgmtfail win_policy_audit_enabled win_policy_audit_logon win_policy_audit_logonfail win_policy_audit_objaccess win_policy_audit_objaccessfail win_policy_audit_policy win_policy_audit_policyfail win_policy_audit_system win_policy_audit_systemfail |
Windows auditing Note: Authentication is required to detect this vulnerability |
||
| win_policy_account_lockout |
Windows account policy |
||
| win_policy_account_adminrename |
Windows default account names |
||
| win_policy_perm_run win_policy_perm_runonce win_policy_perm_schedule win_policy_perm_uninstall win_registry |
Windows registry permissions registry access Note: Authentication is required to detect this vulnerability |
||
| win_policy_account_lastuser |
last user name disclosure Note: Authentication is required to detect this vulnerability |
||
| misc_finger_info |
excessive finger info |
||
| rpc_sprayd |
sprayd vulnerability |
||
| shell_r_rexec |
rexec on the Internet |
||
| rpc_rstatd |
rstatd vulnerability |
||
| rpc_rquotad |
rquotad vulnerability |
||
| rpc_rusers |
rusersd vulnerability |
||
| rpc_rexd |
REXD access |
||
| misc_identsvc |
auth vulnerability Note: Authentication is required to detect this vulnerability |
||
| misc_messengersvc |
NT Alerter and Messenger Services vulnerability Note: Authentication is required to detect this vulnerability |
||
| misc_sunrpcsvc |
sunrpc portmapper vulnerability Note: Authentication is required to detect this vulnerability |
||
| misc_echosvc |
echo vulnerability Note: Authentication is required to detect this vulnerability |
||
| misc_discardsvc |
discard vulnerability Note: Authentication is required to detect this vulnerability |
||
| misc_systatsvc |
systat vulnerability Note: Authentication is required to detect this vulnerability |
||
| misc_daytimesvc |
daytime vulnerability Note: Authentication is required to detect this vulnerability |
||
| net_chargen |
packet flooding problems |
||
| misc_gophersvc |
gopher vulnerabilities |
||
| misc_uucpsvc |
uucp vulnerability Note: Authentication is required to detect this vulnerability |
||
| ftp_fsp |
File Service Protocol |
||
| shell_r_rlogin shell_r_rsh |
remote login on the Internet remote shell on the Internet |
||
| rpc_nisdsvc |
nisd vulnerability |
||
| win_patch_authenticode win_patch_bytecode win_patch_certvalid win_patch_com win_patch_connman win_patch_cursor win_patch_debugger win_patch_dhtmledit win_patch_directx win_patch_excel win_patch_gdiplus win_patch_hcp win_patch_help win_patch_helpcenter win_patch_htmlconv win_patch_htmlhelp win_patch_htmlhelpcross win_patch_hyperlink win_patch_hyperterm win_patch_ie_crossdom win_patch_ie_css win_patch_ie_dhtml win_patch_ie_modal win_patch_ie_patch win_patch_ie_srcbo win_patch_ie_travellog win_patch_indexing win_patch_jdbc win_patch_jet win_patch_jetiv win_patch_kerneldebug win_patch_kernelpe win_patch_liclog win_patch_listbox win_patch_locator win_patch_mciwndx win_patch_mdac win_patch_messenger win_patch_ms04011 win_patch_msasn1 win_patch_netdde win_patch_netmeeting win_patch_nt4sp6asrp1 win_patch_ntdll win_patch_ntrpc win_patch_officexp win_patch_ole win_patch_posixbo win_patch_rasphonebook win_patch_redirect win_patch_rpc win_patch_rpcdos win_patch_rpcrunlib win_patch_rpcss win_patch_shareprovider win_patch_shell win_patch_shellapp win_patch_shellclsid win_patch_shellexecute win_patch_shellpath win_patch_skins win_patch_sp2srp1 win_patch_taskbo win_patch_troubleshooter win_patch_uncprovider win_patch_upnp win_patch_urlscript win_patch_utility win_patch_wins win_patch_wmf win_patch_wmppng win_patch_wordpadwfwc win_patch_workstation win_patch_wpconv win_patch_xpshell win_patch_zipfolder |
Windows updates needed Microsoft Office vulnerabilities Internet Explorer vulnerabilities License Logging Service Windows Locator vulnerability NetDDE vulnerability WINS vulnerability Note: Authentication is required to detect this vulnerability |
||
| rpc_tooltalkbo |
tooltalk version |
||
| rpc_cmsd |
calendar manager |
||
| rpc_amd |
amd buffer overflow |
||
| misc_inndbo |
innd vulnerabilities |
||
| web_proxy_squid |
Squid vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| web_prog_iis_showcode |
http IIS samples |
||
| web_prog_iis_code |
http IIS samples |
||
| web_prog_iis_codebrws web_prog_iis_sdkcodebrws |
http IIS samples |
||
| web_server_netscape_fasttrack web_server_netscape_netscape |
Netscape vulnerabilities |
||
| web_server_netscape_fasttrack web_server_netscape_netscape |
Netscape vulnerabilities |
||
| web_server_netscape_fasttrack web_server_netscape_netscape |
Netscape vulnerabilities |
||
| web_prog_cfm_startstop |
http Cold Fusion |
||
| web_server_netscape_fasttrack web_server_netscape_netscape |
Netscape vulnerabilities |
||
| web_tool_cim |
Compaq Insight Manager http server |
||
| web_tool_cim |
Compaq Insight Manager http server |
||
| database_oracle_tns |
Oracle TNS Listener |
||
| ftp_aix |
AIX FTP vulnerabilities |
||
| misc_dhcp |
dhcpd vulnerabilities |
||
| rpc_nfsd |
mountd vulnerabilities |
||
| dns_bindbo dns_potential |
DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| shell_ssh_ssh |
SSH vulnerabilities |
||
| dns_bindbo dns_potential |
DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| dns_bindbo dns_potential |
DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| ftp_servu |
Serv U vulnerabilities |
||
| dns_bindbo dns_potential |
DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| dns_bindbo dns_potential |
DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| dns_bindbo dns_potential |
DNS vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| web_server_netscape_fasttrack web_server_netscape_netscape |
Netscape vulnerabilities |
||
| misc_inndbo |
innd vulnerabilities |
||
| web_server_iis_iis |
http IIS access Note: Authentication is recommended to improve the accuracy of this check |
||
| ftp_beroftp ftp_proftpold ftp_wuftpold |
FTP vulnerabilities ProFTPD vulnerabilities |
||
| ftp_beroftp ftp_proftpold ftp_wuftpold |
FTP vulnerabilities ProFTPD vulnerabilities |
||
| ftp_beroftp ftp_proftpold ftp_wuftpold |
FTP vulnerabilities ProFTPD vulnerabilities |
||
| web_server_zeus |
Zeus vulnerabilities |
||
| web_server_zeus |
Zeus vulnerabilities |
||
| ftp_proftpold |
ProFTPD vulnerabilities |
||
| web_prog_cfm_sourcewindow |
http Cold Fusion |
||
| web_prog_cfm_viewex |
http Cold Fusion |
||
| web_prog_cfm_syntax |
http Cold Fusion |
||
| ftp_wftpd |
WFTPD vulnerabilities |
||
| web_prog_cgi_imagemap |
http cgi access |
||
| web_prog_cgi_wwwboard |
http cgi info |
||
| ftp_wuftpold |
FTP vulnerabilities |
||
| web_server_omni |
OmniHTTPd vulnerabilities |
||
| mail_smtp_eximbo |
Exim vulnerability |
||
| rpc_sadmind |
sadmind |
||
| database_mssql_mssql |
Microsoft SQL Server Note: Authentication is recommended to improve the accuracy of this check |
||
| web_server_rds |
ODBC RDS |
||
| shell_ssh_ssh |
SSH vulnerabilities |
||
| mail_smtp_sendmail |
Sendmail vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| mail_pop_iaemailserver mail_smtp_iaemailserver |
Internet Anywhere vulnerabilities |
||
| web_proxy_squid |
Squid vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| mail_smtp_sendmail |
Sendmail vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| web_cms_fp_fpcount |
http FrontPage |
||
| web_server_read |
http server read access |
||
| web_server_thttpd |
thttpd vulnerabilities |
||
| web_proxy_squid |
Squid vulnerabilities Note: Authentication is recommended to improve the accuracy of this check |
||
| mail_pop_iaemailserver |
Internet Anywhere vulnerabilities |
 | = CVE specifically mentioned in SANS Top 20 |
Vulnerability Categories
SAINT checks for one or more vulnerabilities in each of the following categories.
 Critical Problems |
 Areas of Concern |
 Potential Problems |
Back to SAINT