The RAZOR Security Team Sponsored by BindView





VLAD The Scanner

Vulnerability Information

VLAD The Scanner is a tool that administrators can use to check for the existence of any of the vulnerabilities listed by the SANS Institute as one of the Top Ten Threats.  

The original document released by SANS is available at http://www.sans.org/topten.htm

 

SANS Top Ten Most Critical Security Threats

1.  BIND weaknesses: nxt, qinv and in.named allow immediate root compromise.

2.  Vulnerable CGI programs and application extensions (e.g., ColdFusion) installed on web servers.

3.  Remote Procedure Call (RPC) weaknesses in rpc.ttdbservd (ToolTalk), rpc.cmsd (Calendar Manager), and rpc.statd that allow immediate root compromise.

4.  RDS security hole in the Microsoft Internet Information Server (IIS).

5.  Sendmail buffer overflow weaknesses, pope attacks and MIMEbo, that allow immediate root compromise.

6.  sadmind and mountd

7.  Global file sharing and inappropriate information sharing via NetBIOS and Windows NT ports 135->139 (445 in Windows 2000), or UNIX NFS exports on port 2049, or Macintosh Web sharing or AppleShare/IP on prots 80, 427, and 548.

8.  User IDs, especially root/adminstrator with no passwords or weak passwords.

9.  IMAP and POP buffer overflow vulnerabilities or incorrect configuration

10.  Default SNMP community strings set to "public" and "private"



Contact: info@razor.bindview.com | | Bindview Home