Open Source Security Tools : Practical Guide to Security Applications part 57 pdf

SNMP Obtain Cisco type via

SNMP Useless services X Display Manager

Con-trol Protocol (XDMCP) Useless services rexecd CAN-1999-0618

Useless services Systat CVE-1999-0103

Useless services Finger CVE-1999-0612

Useless services Telnet CAN-1999-0619

Useless services Echo port open CVE-1999-0103,

CAN-1999-0635 Useless services Check for Webmin

Useless services rlogin CAN-1999-0651

Useless services Chargen CVE-1999-0103

Useless services Quote of the day CVE-1999-0103

Useless services Identd enabled CAN-1999-0629

Useless services Check for a Citrix server 7276

Useless services Windows Terminal

Service Enabled

CAN-2001-0540 7258

Useless services netstat CAN-1999-0650

Useless services Daytime CVE-1999-0103

Useless services Writesrv

Useless services Discard port open CAN-1999-0636

Useless services xtux server detection CVE-2002-0431 4260

Windows SMB Registry : SQL7

Patches

CVE-2002-0642 5205

Windows Multiple ICQ

Vulner-abilities

CAN-2003-0235, CAN-2003-0236, CAN-2003-0237, CAN-2003-0238, CAN-2003-0239

7461, 7462, 7463,

7464, 7465, 7466

Windows Visual Basic for

Applica-tion Overflow

CAN-2003-0347 8534

Windows Domain account lockout

vulnerability

1973

Windows Certificate Validation

Flaw Could Enable Iden-tity Spoofing (Q328145)

CAN-2002-1183, CAN-2002-0862

5410

Windows DirectX MIDI Overflow

(819696)

CAN-2003-0346 7370

Windows Cumulative Patch for

Internet Information Services (Q327696)

CVE-2002-0147, CVE-2002-0149, CVE-2002-0150, CAN-2002-0224, CAN-2002-0869, CAN-2002-1182, CAN-2002-1180, CAN-2002-1181

4474

Windows SMB get domain SID CVE-2000-1200 959

Windows RPC Endpoint Mapper

can Cause RPC Service to Fail

CVE-2001-0662 3313

Windows SMB Registry : is the

remote host a PDC/BDC

CAN-1999-0659

Windows Buffer Overrun in

Mes-senger Service (828035)

CAN-2003-0717 8826

Windows scan for UPNP hosts CVE-2001-0876 3723

Windows Incomplete TCP/IP packet

vulnerability

CAN-2000-1039 2022

Windows WinAMP3 buffer

overflow

6515

Windows Opening Group Policy

Files (Q318089)

CVE-2002-0051 4438

Windows SMB Registry : Classic

Logon Screen Windows NetBIOS Name Server

Protocol Spoofing patch

CVE-2000-0673 1514

Windows Possible RPC Interface

compromise

CAN-2003-0528

Windows Buffer overrun in NT

kernel message handling

CAN-2003-0112 7370

Windows SMB Registry : Do not

show the last user name Windows Telnet Client NTLM

Authentication Vulnerability

CVE-2000-0834 1683

Windows Flaw in Windows

Function may allow DoS (823803)

CAN-2003-0525

Windows SmartFTP Overflow

Windows Flaw in message handling

through utility mgr

CAN-2003-0350 8205

Windows The ScriptLogic service is

running

7477, 7575

Windows Relative Shell Path patch CVE-2000-0663 1507

Windows Quicktime player buffer

overflow

CAN-2003-0168 7247

Windows SMB accessible registry CAN-1999-0562

Windows SMB NativeLanMan

Windows scan for UPNP/Tcp hosts

Windows XML Core Services patch

(Q318203)

CVE-2002-0057 3699

Windows Windows Messenger is

installed

CAN-1999-1484, CAN-2002-0228, CAN-2002-0472

668, 4028, 4316,

4675, 4827

Windows Using NetBIOS to retrieve

information from a Win-dows host

CAN-1999-0621

Windows Blackmoon FTP stores

passwords in cleartext

CAN-2003-0342 7646

Windows Unchecked buffer in

Windows Shell

CVE-2002-0070 4248

Windows Vulnerability in

Authenti-code Verification Could Allow Remote Code Exe-cution (823182)

CAN-2003-0660

Windows Drag And Zip Overflow

Windows SMB use domain SID to

enumerate users

CVE-2000-1200 959

Windows Microsoft’s SQL

Overflows

CAN-2002-1137, CAN-2002-1138, CAN-2002-0649, CVE-2002-0650, CAN-2002-1145, CAN-2002-0644, CAN-2002-0645, CAN-2002-0721

5310, 5311

Windows Flaw in SMB Signing

Could Enable Group Policy to be Modified (329170)

CAN-2002-1256

Windows SMB Registry : Winlogon

caches passwords Windows Flaw in RPC Endpoint

Mapper (MS03-010)

CAN-2002-1561

Windows Unchecked Buffer in XP

upnp

CVE-2001-0876 3723

Windows SMB on port 445

Windows SMB log in as users CAN-1999-0504,

CAN-1999-0506

Windows DrWeb Folder Name

Overflow

7022

Windows SMB Windows9x

pass-word verification vulnerability

CVE-2000-0979 1780

Windows Unprotected PC

Any-where Service Windows Cumulative Patch for

Internet Information Services (Q11114)

CAN-2003-0224, CAN-2003-0225, 2003-0226

7731, 7735, 7733

Windows SMB Registry :

permis-sions of keys that can lead

to admin

CAN-1999-0589

Windows Malformed RPC Packet

patch

CAN-2000-0544 1304

Windows IrDA access violation

patch

CVE-2001-0659 3215

Windows CesarFTP stores

pass-words in cleartext

CAN-2003-0329

Windows IRCXPro Clear Text

Passwords

7792

Windows Unchecked buffer in

Locate Service

CAN-2003-0003

Windows Buffer Overflow in

Windows Troubleshooter ActiveX Control (826232)

CAN-2003-0661

Windows Yahoo!Messenger is

installed

CAN-2002-0320, CAN-2002-0321, CAN-2002-0031, CVE-2002-0032, CAN-2002-0322

2299, 4162, 4163,

4164, 4173, 4837,

4838, 5579, 6121

Windows Buffer overrun in

Windows Shell (821557)

CAN-2003-0351

Windows Unchecked Buffer in

PPTP Implementation Could Enable DOS Attacks (Q329834)

CAN-2002-1214

Windows SMB Registry :

permis-sions of winlogon

CAN-1999-0589

Windows Flaw in Certificate

Enroll-ment Control (Q323172)

CAN-2002-0699

Windows Local Security Policy

Corruption

CVE-2000-0771 1613

Windows Buffer overrun in RPC

Interface (823980)

CAN-2003-0352

Windows IE VBScript Handling

patch (Q318089)

CVE-2002-0052 4158

Windows NT IP fragment

reassem-bly patch not applied (jolt2)

CVE-2000-0305 1236

Windows PFTP clear-text passwords

CAN-1999-0506, CVE-2000-0222, CAN-1999-0505, CAN-2002-1117

490

Windows Opera remote heap

cor-ruption vulnerability

7450

Windows Word can lead to Script

execution on mail reply

CVE-2002-1056 4397

Windows The remote host is

infected by a virus Windows SMB Registry : No dial in

Windows The alerter service is

running

CAN-1999-0630

Windows NTLMSSP Privilege

Escalation

CVE-2001-0016 2348

Windows Microsoft ISA Server

DNS - Denial Of Service (MS03-009)

CAN-2003-0011 7145

Windows Cumulative patch for

Windows Media Player

CVE-2002-0372, CVE-2002-0373, CAN-2002-0615

5107, 5109, 5110

Windows Malformed PPTP Packet

Stream vulnerability

CVE-2001-0017 2368

Windows CA Unicenter’s Transport

Service is running Windows Microsoft ISA Server

Winsock Proxy DoS (MS03-012)

CAN-2003-0110 7314

Windows SMB Registry :

permis-sions of WinVNC’s key

CVE-2000-1164 1961

Windows Cumulative VM update CAN-2002-0058,

CVE-2002-0078

4228, 4392

Windows Unchecked buffer in

ASP.NET worker process

CVE-2002-0369 4958

Windows Unchecked Buffer in XP

Redirector (Q810577)

CAN-2003-0004

Windows SMB Registry :

permis-sions of HKLM

CAN-1999-0589

Windows NT ResetBrowser frame

& HostAnnouncement flood patc

CVE-2000-0404 1262

Windows Windows Media Player

Library Access

CAN-2003-0348 8034

Windows Windows Debugger flaw

can Lead to Elevated Priv-ileges (Q320206)

CVE-2002-0367 4287

Windows Unchecked buffer in

MDAC Function

CVE-2002-0695, CVE-2003-0353, 2002-0695, CAN-2003-0353

5372

Windows Multiple flaws in the

Opera web browser

7056, 6962, 6811,

6814, 6754, 6755,

6756, 6757, 6759, 6218

Windows Buffer Overrun in

Mes-senger Service (real test)

CAN-2003-0717 8826

Windows SMB get host SID CVE-2000-1200 959

Windows Windows Network

Man-ager Privilege Elevation (Q326886)

CVE-2002-0720 5480

Windows Microsoft SQL TCP/IP

listener is running

CAN-1999-0652

Windows Windows RAS overflow

(Q318138)

CVE-2002-0366 4852

Windows Detect CIS ports

Windows Webserver file request

parsing

CVE-2000-0886 1912

Windows RealPlayer PNG deflate

heap corruption

CAN-2003-0141 7177

Windows Unchecked Buffer in

Windows Help(Q323255)

CAN-2002-0693, CAN-2002-0694 Windows Flaw in WinXP Help

center could enable file deletion

CAN-2002-0974 5478

Windows Unchecked buffer in

Network Share Provider (Q326830)

CAN-2002-0724 5556

Windows Gator/GAIN Spyware

Installed Windows WM_TIMER Message

Handler Privilege Eleva-tion (Q328310)

CAN-2002-1230 5927

Windows Java Media Framework

(JMF) Vulnerability Windows ARCserve hidden share CAN-2001-0960 3343

Windows SMB Registry :

permis-sions of the SNMP key

CAN-2001-0046 2066

Windows Cumulative patches for

Excel and Word for Windows

CVE-2002-0616, CVE-2002-0617, CVE-2002-0618, CVE-2002-0619

4821

Windows SMB Registry :

permis-sions of the Microsoft Transaction Server key

CAN-2001-0047 2065

Windows NetBIOS Name Service

Reply Information Leakage

CAN-2003-0661 8532

Windows SMB log in with W32/

Deloder passwords Windows DCE Services

Enumeration Windows Flaw in Microsoft VM

(816093)

CAN-2003-0111

Windows Microsoft’s SQL Version

Query

CAN-2000-1081, CVE-2000-0202, CVE-2000-0485, CAN-2000-1087, CAN-2000-1088, CAN-2002-0982, CAN-2001-0542, CVE-2001-0344

4135, 4847, 5014, 5205

Windows Opera web browser HREF

overflow

CAN-2003-0870

Windows Microsoft’s SQL Hello

Overflow

CAN-2002-1123 5411

Windows SMB shares enumeration

Windows SMB Registry : value of

SFCDisable Windows Gupta SQLBase

EXECUTE buffer overflow

6808

Windows Buffer Overrun In HTML

Converter Could Allow Code Execution (823559)

CAN-2003-0469

Windows Unchecked Buffer in

ntdll.dll (Q815021)

CAN-2003-0109 7116

Windows SMB enum services

Windows Cumulative Patch for MS

SQL Server (815495)

CAN-2003-0230, CAN-2003-0231, CAN-2003-0232

8274, 8275, 8276

Windows Windows Media Player

Skin Download Overflow

CAN-2003-0228