Vulnerability Tests


The following are a small sample of the vulnerability tests we bring to bare in our practice. Typically we deploy industry standard vulnerability test suites from such organizations as Tru-Secure, Security Space, ISS and others.  These test suites are updated continuously through our associating with the leading security software vendors in the industry.

Test ID Test Title Security Risk
10776 Power Up Information Disclosure High
10775 E-Shopping Cart Arbitrary Command Execution (WebDiscount) High
10777 Zope ZClass permission mapping bug High
10386 No 404 check Other
10773 MacOS X Finder reveals contents of Apache Web files Medium
10774 ShopPlus Arbitrary Command Execution High
10772 PHP-Nuke copying files security vulnerability (admin.php) High
10770 sglMerchant Information Disclosure Vulnerability High
10769 Checks for High
10765 SQLQHit Directory Stracture Disclosure Medium
10756 MacOS X Finder reveals contents of Apache Web directories Medium
10750 phpMyExplorer dir traversal High
10739 Novell Web Server NDS Tree Browsing High
10725 SIX Webboard's generate.cgi High
10733 InterScan VirusWall Remote Configuration Vulnerability High
10721 ncbook/book.cgi High
10716 OmniPro httpd 2.08 scripts source full disclosure Medium
10715 BEA WebLogic Scripts Server scripts Source Disclosure Medium
10720 sdbsearch.cgi High
10569 Zope Image updating Method High
10447 Zope DocumentTemplate package problem High
10327 Zeus shows the content of the cgi scripts High
10512 YaBB High
10321 wwwboard passwd.txt High
10317 wrap Low
10365 Windmail.exe allows any user to execute arbirary comands High
10306 whois_raw Medium
10616 webspirs.cgi High
10304 WebSpeed remote configuration High
10476 WebsitePro buffer overflow High
10303 WebSite pro reveals the physical file path of web directories Low
10301 websendmail High
10373 TalentSoft Web+ version detection Low
10367 TalentSoft Web+ Input Validation Bug Vulnerability Medium
10300 webgais High
10592 webdriver High
10526 IIS : Directory listing through WebDAV Low
10505 Directory listing through WebDAV Low
10298 Webcart misconfiguration High
10470 WebActive world readable log file Low
10610 way-board High
10295 OmniHTTPd visadmin exploit Medium
10294 view_source High
10645 ustorekeeper High
10291 uploader.exe High
10290 Upload cgi High
10696 ttawebtop High
10491 ASP/ASA source using Microsoft Translate f: bug High
10282 test-cgi High
10584 technote's main.cgi High
10493 SWC Overflow High
10503 Reading CGI script sources using /cgi-bin-sdb High
10639 store.cgi High
10349 sojourn.cgi High
10253 Cobalt siteUserMod cgi High
10252 Shells in /cgi-bin High
10614 High
10623 Savant original form CGI access High
10514 Directory listing through Sambar's search.dll Low
10711 Sambar webserver pagecount hole High
10246 Sambar Web Server CGI scripts High
10479 Roxen Server /%00/ bug High
10478 Tomcat's snoop servlet gives too much information Low
10207 Roxen counter module High
10627 ROADS' High
10649 processit Medium
10188 printenv Medium
10187 Cognos Powerplay WE Vulnerability Medium
10459 Poll It v2.0 cgi High
10181 PlusMail vulnerability High
10574 PHPix directory traversal vulnerability High
10701 php safemode High
10655 PHP-Nuke' opendir High
10630 PHP-Nuke security vulnerability (bb_smilies.php) Medium
10535 php log High
10628 php IMAP overflow High
10513 php file upload High
10670 PHP3 Physical Path Disclosure Vulnerability Low
10177 php.cgi High
10593 phorum's common.cgi High
10176 phf High
10174 pfdispaly High
10173 perl interpreter can be launched as a CGI High
10664 perlcal High
10511 /perl directory browsable ? Low
10611 pals-cgi High
10477 Tomcat's /admin is world readable High
10591 pagelog.cgi High
10348 ows-bin High
10613 Oracle XSQL Sample Application Vulnerability Low
10165 nph-test-cgi High
10164 nph-publish.cgi High
10587 Check for dangerous Novell webserver default files High
10586 news desk High
10360 newdsn.exe check High
10352 Netscape Server ?wp bug Medium
10364 netscape publishingXpert 2 PSUser problem Medium
10156 Netscape FastTrack 'get' Medium
10468 Netscape Administration Server admin password Medium
10153 Netscape Server ?PageServices bug Medium
10494 Netauth High
10665 tektronix's _ncl_items.shtml Low
10516 multihtml cgi High
10142 MS Personal WebServer ... High
10357 RDS / MDAC Vulnerability (msadcs.dll) located High
10356 Microsoft's Index server reveals ASP source code High
10359 mkilog.exe check High
10473 MiniVend Piped command High
10641 mailnews.cgi High
10566 mmstdod.cgi High
10541 KW whois High
10604 Allaire JRun Directory Listing Low
10131 jj cgi High
10128 infosrch.cgi High
10127 info2www High
10358 /iisadmin is world readable High
10576 Check for dangerous IIS default files High
10121 /scripts directory browsable Medium
10370 IIS dangerous sample files High
10372 /scripts/repost.asp High
10120 IIS perl.exe problem Low
10695 IIS .IDA ISAPI filter applied Medium
10575 Check for IIS .cnf file leakage Other
10537 IIS directory traversal High
10671 IIS Remote Command Execution High
10577 Check for bdir.htr files Other
10371 /iisadmpwd/aexp2.htr High
10492 IIS IDA/IDQ Path Disclosure Low
10661 IIS 5 .printer ISAPI filter applied Low
10115 idq.dll directory traversal High
10112 icat Medium
10484 Read any file thanks to ~nobody/ High
10385 ht://Dig's htsearch reveals web server path Low
10106 Htmlscript High
10495 htgrep High
10105 htdig Medium
10602 hsx directory traversal High
10606 HSWeb document path Low
10101 Home Free search.cgi directory traversal High
10100 Handler High
10099 High
10098 guestbook.cgi High
10095 glimpse High
10405 shtml.exe reveals full path Low
10467 shows the listing of any dir Medium
10369 Microsoft Frontpage dvwssr.dll backdoor High
10078 Microsoft Frontpage 'authors' exploits Medium
10077 Microsoft Frontpage exploits High
10076 High
10071 Finger cgi High
10067 Faxsurvey Medium
10065 EZShopper 3.0 High
10064 Excite for WebServers High
10570 Unify eWave ServletExec 3.0C file upload High
10609 empower cgi path Low
10060 Dumpenv Low
10058 Domino HTTP server exposes the set up of the filesystem Low
10629 Lotus Domino administration databases Medium
10056 /doc directory browsable ? High
10518 /doc/packages directory browsable ? High
10679 directory pro web traversal High
10583 dcforum High
10403 DBMan CGI server information leakage Medium
10402 CVSWeb detection Low
10465 CVSWeb 1.80 gives a shell to cvs commiters Medium
10049 Count.cgi High
10612 commerce.cgi High
10444 JRun's viewsource.jsp High
10041 Cobalt RaQ2 cgiwrap High
10552 cgiforum High
10039 /cgi-bin directory browsable ? Medium
10037 CERN httpd problem Low
10035 Campas High
10506 High
10034 RedHat 6.0 cachemgr.cgi High
10686 BroadVision Physical Path Disclosure Vulnerability Low
10383 bizdb1-search.cgi located High
10027 bigconf High
10507 Sun's Java Web Server remote command execution High
10460 High
10025 High
10601 Basilix includes download Medium
10023 bypass Axis Storpoint CD authentification High
10638 auktion.cgi High
10363 ASP source using %2e trick High
10362 ASP source using ::$DATA trick High
10480 Apache::ASP source.asp High
10704 Apache Directory Listing Low
10644 anacondaclip High
10016 AN-HTTPd tests CGIs High
10015 AltaVista Intranet Search High
10014 tst.bat High
10013 High
10011 get32.exe High
10669 A1Stats Medium
10007 ShowCode possible High
10004 IIS possible DoS using ExAir's search Medium
10003 IIS possible DoS using ExAir's query Medium
10002 IIS possible DoS using ExAir's advsearch Medium
10001 ColdFusion Vulnerability High
10521 Extent RBS ISP High
10778 Unprotected SiteScope Service Other
10475 Buffer overflow in WebSitePro webfind.exe High
10297 Web server traversal High
10416 Sambar /sysadmin directory 2 High
10415 Sambar sendmail /session/sendmail High
10417 Sambar /cgi-bin/ installed ? High
10340 rpm_query CGI Low
10618 Pi3Web tstisap.dll overflow High
10594 Oracle XSQL Stylesheet Vulnerability High
10656 Resin traversal High
10562 Master Index directory traversal vulnerability High
10589 iPlanet Directory Server traversal High
10075 FormHandler.cgi High
10581 Cold Fusion Administration Page Overflow High
10489 Analogx Web server traversal High
10597 wwwwais High
10299 webdist.cgi High
10296 w3-msql overflow High
10393 spin_client.cgi buffer overrun High
10178 php.cgi buffer overrun High
10564 IIS phonebook High
10143 MSQL CGI overflow High
10140 MediaHouse Statistic Server High
10122 imagemap.exe High
10376 htimage.exe overflow High
10040 cgitest.exe buffer overrun High
10650 VirusWall's catinfo overflow High
10542 UltraSeek 3.1.x Remote DoS High