The following table summarizes a set of vulnerabilities, and casts data about them into DOVES format. Where the entries have corresponding DOVES entries, we've put a pointer to them.
No. | Vulnerability Name | Vulnerability Class | Description |
---|---|---|---|
1 | BackOrifice | Backdoors | Back Orifice default installation |
2 | Getadmin Present | Backdoors | GetAdmin utility present |
3 | NetBus | Backdoors | NetBus trojan horse allows complete remote control of Windows systems |
4 | defrexec | Brute Force | Rexec default account accessible |
5 | deftel | Brute Force | Telnet default account accessible |
6 | TelnetOpen | Brute Force | Telnet available with no login |
7 | Aglimpse | CGI-Bin | Glimpse HTTP aglimpse remote execution vulnerability |
8 | AnyForm | CGI-Bin | AnyForm CGI script allows remote execution of arbitrary commands |
9 | Campas | CGI-Bin | Campas cgi-bin file executes remote commands |
10 | CGI Textcounter | CGI-Bin | Textcounter CGI program allows remote command execution |
11 | cgiexec | CGI-Bin | CGI program executed an arbitrary command |
12 | FormMailExec | CGI-Bin | FormMail remote execution |
13 | GuestBookCheck | CGI-Bin | Guestbook could allow execut... |
14 | HTTP Glimpse Vulnerability | CGI-Bin | Glimpse HTTP aglimpse remote execution vulnerability |
15 | PHPBufferOverflow | CGI-Bin | php.cgi buffer overflow |
16 | vulncgi | CGI-Bin | CGI-BIN programs vulnerable |
17 | vulnphf | CGI-Bin | Phone book CGI phf allows remote execution of arbitrary commands |
18 | rlogin | Daemons | Rlogin -froot command could allow remote root access |
19 | tftp | Daemons | TFTP |
20 | popimap | Popd buffer overflow vulnerability (second writeup) | |
21 | smtp_outdated | Sendmail daemon outdated | |
22 | ftppwless | FTP | FTP daemon with no password |
23 | nfswrite | NFS | NFS writable |
24 | accountblankpw | NT Critical Issue | User account has blank password |
25 | accountuserpw | NT Critical Issue | User account has a password the same as the account name |
26 | adminblankpw | NT Critical Issue | Administrator account has blank password |
27 | adminnopw | NT Critical Issue | Administrator has no password |
28 | adminuserpw | NT Critical Issue | Administrator username same as password |
29 | winreg | NT Registry | Registry access unrestricted... |
30 | rshsvc | NT Services | Windows NT rsh service Running |
31 | Service User Pwd | NT Services | Windows NT service user password found |
32 | rexd | RPC | Rexd running |
33 | rpcstatd | RPC | RPC statd remote file creation and removal |
34 | rpcupdate | RPC | RPC ypupdated daemon allows remote commands execution as root |
35 | ToolTalk Overflow | RPC | CDE rpc.ttdbserver daemon allows root access |
36 | All Access NetBIOS share found | Shares | SMB share full access |
37 | nbperm | Shares | NetBIOS permutations attack vulnerability |
38 | Writable NetBIOS share | Shares | NetBIOS share writable |
39 | Apache cookie | Web Scan | Apache cookies buffer overflow |
40 | CgiPerlMailPrograms | Web Scan | CGI Perl mail program allow execution of arbitrary commands |
41 | ColdFusionEvaluator | Web Scan | ColdFusion Expression Evaluator allows remote file manipulation, including creation |
42 | Handler Check | Web Scan | IRIX handler CGI allows remote command execution |
43 | httpd | Web Scan | HTTP (WWW server) port active |
44 | httppassword | Web Scan | HTTP basic authorization password guessed |
45 | IIS RDS | Web Scan | IIS unauthorized ODBC data access with RDS |
46 | iiscmd | Web Scan | Win32 web servers could allow remote command execution through .CMD and .BAT files |
47 | Uploader | Web Scan | WebSite 1.1 uploader vulnerability |
48 | Webdist | Web Scan | SGI Webdist CGI script allow remote command execution |
49 | xcheck | X Windows | Open X display |
50 | Port 1524 Scan | Port Scan | NASA Specific: Scan for open port 1524 |
We suspect several, if not all, of the names of the vulnerabilities on our list are derived from the output of the ISS vulnerability scanner. See the URL http://www.softek.co.jp/NAS/iss/is_item.html (we don't provide a link because this site has some snazzy graphics that produce a black screen with the word Vulnerabilities, and nothing else, on some browsers; but if you load the page separately, it works fine).