VLAD The Scanner is a tool that administrators can use to check for the existence of any of the vulnerabilities listed by the SANS Institute as one of the Top Ten Threats.
The original document released by SANS is available at http://www.sans.org/topten.htm
1. BIND weaknesses: nxt, qinv and in.named allow immediate root compromise.
2. Vulnerable CGI programs and application extensions (e.g., ColdFusion) installed on web servers.
4. RDS security hole in the Microsoft Internet Information Server (IIS).
8. User IDs, especially root/adminstrator with no passwords or weak passwords.
9. IMAP and POP buffer overflow vulnerabilities or incorrect configuration
10. Default SNMP community strings set to "public" and "private"