Every vulnerability is mapped to one vulnerability category. This includes vulnerabilities, potential vulnerabilities and information gathered checks. When a vulnerability matches multiple categories, our service determines which category is the best match and assigns the vulnerability to that category.
There are currently 30 vulnerability categories available in the KnowledgeBase and new categories are added frequently. Some vulnerability categories are platform-specific (for example Debian and SUSE) while others are more general (for example Database and Firewall). Learn moreLearn more
When vulnerability categories were first introduced in the product, most of the vulnerabilities in the KnowledgeBase were remote detections which were initially mapped to general categories like Database, Mail Services and Firewall. When authenticated scanning functionality was introduced, several platform-specific vulnerabilities were added to the KnowledgeBase and platform-specific categories were created to coincide with these new detections.
Categories:
A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
This category consists of QIDs that detect malicious programs that appear to perform a desirable function for the user but instead facilitates unauthorized access to the user’s computer system. Usually the malicious code bypasses normal authentication, securing remote access to the target computer, obtaining sensitive information while attempting to remain undetected.
1000 Potential UDP Backdoor
1001 "Back Orifice" Backdoor
1002 "girlfriend" backdoor
1004 Potential TCP Backdoor
1005 "Deep Throat" (Version 1) Backdoor
This category consists of QIDs that detect applications that are vulnerable to brute force attacks. Brute force attacks usually involve traversing the search space of possible keys until the correct key is found.
5000 FireWall-1 Login Access Enabled
5001 Discovery of Unix Account Names Vulnerability
5002 iPlanet Netscape Messaging Server POP E-mail Address Verification Vulnerability
5003 Potential TCP Backdoor
5004 CommuniGate Pro E-mail Address Verification Vulnerability
5005 NetBIOS Brute Force of Accounts
This category consists of QIDs that detect vulnerabilities or gather information in CGI web applications.
10000 phf CGI Vulnerability
10001 campas CGI Vulnerability
10002 Finger CGI Present
10003 PHP Buffer Overflow
10004 htmlscript CGI Directory Traversal Vulnerability
This category consists of QIDs that detect vulnerabilities or gather information in domain name servers and their implementations like BIND.
15001 Named Daemon Version Number Disclosure Vulnerability
15005 ISC BIND NXT Buffer Overflow (NXT bug) Vulnerability
15006 ISC BIND Name Server Denial of Service Vulnerability
15007 ISC BIND 8.2.2 Domain Cache Denial of Service Vulnerability
15008 Multiple Vendor ISC BIND Denial of Service (zxfr bug) Vulnerability
This category consists of QIDs that detect vulnerabilities or gather information in various databases.
19001 Microsoft SQL Weak Database Password
19002 Guessed Oracle Database Name
19003 Default Oracle Login(s) Found
19004 PostgreSQL Database Default Account Vulnerability
19005 Oracle Listener Log File Can Be Renamed Without Authentication
This is a platform-specific category for all vulnerabilities and informational checks that belong to Debian.
175000 Debian Security Update for Wget (DSA-1904)
175001 Debian Security Update for Samba (DSA-1908)
175002 Debian Security Update for Ipplan (DSA-1827)
175003 Debian Security Update for Linux (DSA-1872)
175004 Debian Security Update for Linux (DSA-1929)
This category consists of QIDs that detect vulnerabilities or gather information in web application systems that are related to e-commerce.
23000 Cart32 expdate Administrative Information Disclosure Vulnerability
23001 Multiple Vendor Web Shopping Cart Hidden Form Field Vulnerability
23002 Carey Internet Services Commerce.cgi Directory Traversal Vulnerability
23003 SmartWin CyberOffice Shopping Cart 2.0 Client Information Disclosure Vulnerability
23004 Smartwin Technology CyberOffice Shopping Cart 2.0 Price Modification Vulnerability
This category consists of QIDs that detect vulnerabilities or gather information in various file transfer protocol systems.
27000 Accessible Anonymous FTP Server
27001 Anonymous Access to FTP with a Blank Password Allowed
27002 Writeable Root Directory on FTP Server
27003 STAT FTP Command Information Disclosure Vulnerability
27005 World Readable and Writeable Directory on Anonymous FTP
This category consists of QIDs that detect vulnerabilities or gather information in implementations of RFC1196 that provide an interface to the 'finger' program at most network sites.
31000 Finger 0@" Information about Logged Users Disclosure Vulnerability
31001 "Finger .@" Information about Logged Users Disclosure Vulnerability
31002 Finger Daemon Accepts Forwarding of Requests
31003 Finger Service Discloses Logged Users
31004 FreeBSD fingerd File Disclosure Vulnerability
31005 Cfinger 1.2.2 and 1.3.2 User Listing
This category consists of QIDs that detect vulnerabilities or gather information in various firewall products.
34000 TCP Source Port Pass Firewall
34001 Novell BorderManager Denial of Service Vulnerability
34002 FireWall-1 Administration Ports
34003 Check Point FireWall-1 Name Disclosure
34004 FireWall-1 Client Authentication Enabled
This category consists of QIDs that detect vulnerabilities or gather information that could be useful in computer forensics.
125000 Kernel Routing Tables Information
125001 RPC Portmapper Information
125002 Network Filesystem (NFS) Exports Information
125003 Network Information Service (NIS) Information
125004 Host File Information
This category consists of QIDs that detect vulnerabilities or gather information in services or daemons.
38000 "Systat" Service Open
38001 "Netstat" Service Open
38002 UDP Test-Services
38003 TCP Test-Services
38004 WircSrv MOTD Read Vulnerability
38005 GAMSoft Telsrv DoS Vulnerability
This category consists of QIDs that detect vulnerabilities or gather information in hardware related protocols or hardware appliances.
43000 RIP Protocol Address Disclosure Vulnerability
43001 Cisco Catalyst 3500 XL Remote Arbitrary Command Execution Vulnerability
43002 Nortel Contivity Denial of Service and File Viewing Vulnerabilities
43003 Cisco IOS HTTP %% Vulnerability
43004 Cisco Router Online Help Vulnerability
43005 Cisco IOS HTTP Configuration Arbitrary Administrative Access Vulnerability
This category consists of vulnerabilities that detect informational types of data. Please note that not all informational checks fall into this category.
45002 Global User List
45003 Remote User List Disclosure Using NetBIOS
45004 Target Network Information
45005 Internet Service Provider
This category consists of QIDs that detect vulnerabilities or gather information about Microsoft Internet Explorer.
100000 Microsoft Internet Explorer Multiple Object Type Vulnerabilities (MS03-040)
100001 Microsoft Internet Explorer Multiple Vulnerabilities (MS03-032)
100002 Microsoft Internet Explorer Multiple Vulnerabilities (MS03-020)
100003 Microsoft Internet Explorer Cumulative Security Update Not Installed (MS03-048)
100004 Microsoft Internet Explorer Cumulative Security Update Not Installed (MS04-004)
This category consists of QIDs that detect vulnerabilities or gather information about vulnerabilities that can be exploited after getting local access to a box or vulnerabilities that need authenticated credentials to be detected.
115000 Red Hat tcpdump Malformed NFS Packet Buffer Overflow Vulnerability
115001 Red Hat Gaim Jabber Plug-In Buffer Overflow Vulnerability
115002 Red Hat Ghostscript PostScript File Arbitrary Command Execution Vulnerability
115003 Red Hat XChat DNS Command Character Stripping EXECL Vulnerability
115004 Red Hat GNU Mailman Pipermail Index Summary HTML Injection Vulnerability
This category consists of QIDs that detect vulnerabilities or gather information about mail services.
50000 POP3 Banner
50001 Qualcomm Qpopper POP3 Mail Service Buffer Overflow Vulnerability
50002 Berolist Mailing List Manager Vulnerability
50004 Avirt Rover POP Server Buffer Overflow Vulnerability
50005 True North Software Internet Anywhere POP Server Buffer Overflow Vulnerability
This category consists of QIDs that detect vulnerabilities or gather information about news services.
54000 InterNetNews Daemon (INND) News Server Buffer Overflow Vulnerability
54001 InterNetNews Daemon (INND) 2.X News Server Buffer Overflow Vulnerability
54002 Multiple Vendor INN Remote Vulnerability
54003 ISC INN News Server Buffer Overflow Vulnerability
54004 Atrium Software Cassandra NNTP Server 1.10 Buffer Overflow Vulnerability
This is a platform-specific category for all vulnerabilities and informational checks that belong to Oracle Enterprise Linux (OEL).
155001 Oracle Enterprise Linux firefox Security Update (ELSA-2009-0256)
155002 Oracle Enterprise Linux seamonkey Security Update (ELSA-2009-0257)
155003 Oracle Enterprise Linux sudo Security Update (ELSA-2009-0267)
155004 Oracle Enterprise Linux gstreamer-plugins-good Security Update (ELSA-2009-0271)
155005 Oracle Enterprise Linux gstreamer-plugins Security Update (ELSA-2009-0270)
This category consists of QIDs that detect vulnerabilities or gather information about various Office applications.
110000 Malformed Word Document Could Enable Macro to Run Automatically (MS01-034)
110001 Microsoft Outlook Update 300550 is Missing
110002 Microsoft Outlook Update 300551 is Missing
110003 Microsoft Excel and PowerPoint Malformed Document Can Bypass Macro Security (MS01-050)
110004 Microsoft Office XP SP1 Not Installed
This category consists of user-created OVAL vulnerabilities. See Adding OVAL Vulnerabilities for information.
This category consists of QIDs that detect vulnerabilities or gather information in proxy servers. Typically a proxy server acts as an intermediary for requests from clients seeking resources from other servers.
62000 Wingate Bounce Misconfiguration
62001 Socks Server
62002 Unauthenticated/Open Web Proxy Detected
62003 HTTP Proxy Supports non-HTTP Protocols
62004 Proxy Allows Directory Traversal Vulnerability
62005 TinyProxy buffer overflow vulnerability
This category consists of QIDs that detect vulnerabilities or gather information about remote procedure call related applications.
66001 mountd NFS Service Buffer Overflow Vulnerability
66002 NFS Exported Filesystems List Vulnerability
66003 NFS Exported Directories Mountable by Unauthorized Users
66004 ToolTalk Buffer Overflow Vulnerability
This category consists of QIDs that detect vulnerabilities or gather information about security policies. These are generally informational types of checks that detect the presence of anti-virus or various other settings that could be pushed with a windows group policy.
105000 Sophos Antivirus Scanner Detected
105001 McAfee Antivirus Scanner Detected
105002 Kaspersky Antivirus Detected
105003 Symantec Norton Antivirus Corporate Edition Detected
105004 Trend Micro Antivirus Detected
This category consists of QIDs that detect vulnerabilities or gather information about server message block or the netbios protocol.
70000 NetBIOS Name Accessible
70001 NetBIOS Shared Folder List Available
70002 NetBIOS Access to Shared Folders
70003 Null Session/Password NetBIOS Access
70004 NetBIOS Bindings Information
This category consists of QIDs that detect vulnerabilities or gather information about SNMP-based applications.
78000 General information about this host
78001 Interface list
78002 IP addresses
78003 Routing table
78004 ARP table
This is a platform-specific category for all vulnerabilities and informational checks that belong to SUSE Linux.
165000 SUSE Security Update for acroread (SUSE-SA:2007:011)
165001 SUSE Security Update for Sun Java 5 and 6 (SUSE-SA:2009:016)
165002 SUSE Security Update for krb5 (SUSE-SA:2009:019)
165003 SUSE Security Update for Mozilla Firefox (SUSE-SA:2009:023)
165005 SUSE Security Update for Mozilla Firefox (SUSE-SA:2009:012)
This category consists of QIDs that detect vulnerabilities or gather information about protocols that fall under the generic TCP/IP protocol suite.
82001 ICMP Mask Reply
82002 Host Responds to One ICMP Request Multiple Times (Smurf Variant)
82003 ICMP Timestamp Request
82004 Open UDP Services List
82005 Predictable TCP Initial Sequence Numbers Vulnerability
This is a platform-specific category for all vulnerabilities and informational checks that belong to Ubuntu Linux.
195002 Ubuntu Security Notification for Apache2 Vulnerabilities (USN-860-1)
195003 Ubuntu Security Notification for Libvorbis Vulnerabilities (USN-861-1)
195004 Ubuntu Security Notification for PHP5 Vulnerabilities (USN-862-1)
195005 Ubuntu Security Notification for Qemu-kvm Vulnerability (USN-863-1)
This category consists of web application vulnerabilities. See Web Application Vulnerabilities for information.
This category consists of QIDs that detect vulnerabilities or gather information about web servers.
86000 Web Server Version
86001 SSL Web Server Version
86002 SSL Certificate - Information
86003 Microsoft IIS 4.0 Filter Extensions Buffer Overflow Vulnerability (MS99-019)
86004 Enterprise Server "PageServices" File Disclosure Vulnerability
This category consists of QIDs that detect vulnerabilities or gather information about Microsoft Windows.
90000 Microsoft Media Server Denial of Service Vulnerability
90001 Microsoft NetMeeting Remote Desktop Sharing DoS Vulnerability (MS00-077)
90002 Microsoft Windows Media Unicast Services DoS Vulnerability (MS00-064)
90003 Microsoft Windows Media Services Severed Connection DoS Vulnerability (MS00-097)
90005 Disabled Windows File Protection
This category consists of QIDs that detect vulnerabilities or gather information about x-windows systems.
95000 Accessible X-Window Server
95001 X-Window Sniffing
95002 X Windows Font Server Denial of Service Vulnerability
95003 X11 Banner
95004 Sun Solaris fs.auto Remote Buffer Overrun Vulnerability