NSS Result Hole List v17-03-00 by Narrow (nss@privacyx.com)
===========================================================
IF YOU HAVE SOMETHING TO ADD/UPDATE, PLEASE CONTACT ME!

Legend:
~~~~~~~
0 - Unknow
1 - Remote access/shell to Unix remote server
2 - Remote access to Windows remote server
3 - Allows an attacker to read files on remote server
4 - Allows an attacker to read/browse files on remote server
5 - Allows an attacker to execute commands on remote server
6 - Denial of Service (DoS) attack possible
7 - Local root access to Unix server
8 - Other

Start:
~~~~~~

+---------------------------------------+--------+
| Server Name				| Status |
+---------------------------------------+--------+
|		FTP			|	 |
|		~~~			|	 |
| wu-2.6.0(1)				| 1,8	 |
| wu-2.5.0(1)				| 1	 |
| wu-2.4.2VR17				| 1	 |
| wu-2.4(1)				| 5	 |
| wu-1.2(1)				| 5	 |
| wu-2.4.2-academ[BETA12-18]		| 1	 |
| ProFtpd1.2.0pre1-6			| 1	 |
| Serv-U 2.3, 2.2, 2.0c, 2.5(a-b)	| 6,2	 |
| NcFTP 2.4.2				| 5	 |
| War 1.65, 1.70			| 6,2	 |
| ExpressFS 2.0-9			| 6,2	 |
| WFTPD 2.34-40				| 6,2	 |
| Tiny FTPD 0.51			| 6,2	 |
| BisonWare FTP Server 3.5		| 6,2	 |
| NextFTP v1.82				| 0	 |
| Broker FTP Server 3.0			| 6	 |
| PFTPD 0.26				| 6	 |
| VFTPD v1.23				| 6	 |
| G6 FTP Server 2.0			| 6,2	 |
| Microsoft FTP Server 3-4		| 6,2	 |
| WS_FTP Server 1.0.2.EVAL		| 6	 |
| ArgoSoft FTP Server v1.04		| 6,2	 |
+---------------------------------------+--------+
|		HTTPD			|	 |
|		~~~~~			|	 |
| NCSA 1.3, 1.4.x, 1.5.x		| 6,1	 |
| DwHttpd 3.1a4				| 0	 |
| EWS 1.1				| 0	 |
| Microsoft-IIS 1-4.0			| 6,2,3	 |
| VqServer				| 0	 |
| Alibaba 2-3.0				| 6,3	 |
| TeamTrack 3.00			| 1	 |
| JWeb 1.0-5				| 6,2	 |
| Falcon Web Server 1.0.0.1006		| 0	 |
| Url Live! 1.0				| 0	 |
| THTTPD 2.04				| 1,6	 |
| EServ 2.50				| 0	 |
| Lotus Domino				| 8	 |
| Sambar 4.2.1				| 6	 |
| ZBServer 1.5				| 6,2	 |
| Savant Web Server 2.0			| 0	 |
| CamShot WebCam 2.5			| 6	 |
| Netscape FastTrack 2.01a		| 1	 |
| Apache 1.0.3
				| 8	 |
| WebSitePro 2.3.18			| 8	 |
| WebSuite 2.1				| 6	 |
| Netscape Enterprise 3.6		| 6,2,1? |
| WN 1.x / 2.0 / 2.1			| 1	 |
+---------------------------------------+--------+
|		IMAPD 			|	 |
|		~~~~~			|	 |
| IMAPD 10.*				| 1	 |
| IMAPD Service 8.3			| 1	 |
| Mercur IMAP4-Server v3.20.01		| 2	 |
+---------------------------------------+--------+
|		RPC			|	 |
|		~~~			|	 |
| amd					| 1	 |
| mountd				| 1	 |
| cmsd					| 1	 |
| status				| 1	 |
| nfsd					| 1	 |
| nisd					| 1	 |
| statd					| 1	 |
| yppasswd				| 1	 |
| ypsnarf				| 1	 |
| sadmins				| 1	 |
| pcnfsd				| 1	 |
| nlockmgr				| 1	 |
| ttdbserver				| 1	 |
| rstatd				| 1	 |
| autofsd				| 1	 |
+---------------------------------------+--------+
|		TROJAN			|	 |
|		~~~~~~			|	 |
| WinSATAN FTP Daemon			| 2	 |
| Sub-7 v2.0: 1243			| 2	 |
| Sub-7 v2.1: 27374			| 2	 |
| NetBus: 12345				| 2	 |
| GirlFriend: 21554			| 2	 |
| EvilFTP: 23456			| 2	 |
| GateCrasher: 6969			| 2	 |
| phAse Zero: 555			| 2	 |
+---------------------------------------+--------+
|		ROOTSHELL		|	 |
|		~~~~~~~~~		|	 |
| Root Shell: 600, 1524, 2222, 31337,	|	 |
| 65535, 65534				| 1	 |
+---------------------------------------+--------+
|		FINGER			|	 |
|		~~~~~~			|	 |
| Finger				| 5,6,7	 |
+---------------------------------------+--------+
|		POP2			|	 |
|		~~~~			|	 |
| POP2: v4.46, v3.35, v3.34, v2.3	| 1	 |
+---------------------------------------+--------+
|		POP3			|	 |
|		~~~~			|	 |
| QPOP 2.4b2, 2.41beta1, 3.0bxx, 2.2,	|	 |
| 2.3, 2.4				| 1	 |
| ScoPOP 2.1.4-R3, 5.0.0		| 1	 |
| FuseMail 2.7				| 2	 |
| IMail 5.07				| 6,2	 |
| UCB Pop Server 1.831beta		| 1	 |
| Rover POP3 Server 1.1			| 6,2	 |
| XtraMail POP3 Server v1.11		| 6,2	 |
| Mercur POP3-Server v3.20.01		| 2	 |
+---------------------------------------+--------+
|		MAIL			|	 |
|		~~~~			|	 |
| MS Exchange 5.0			| 6,2	 |
| SLMail v2.6, v3.1, v3.2		| 6,2	 |
| aVirt Mail				| 6,2	 |
| CMail Server 2.3-4			| 6,2	 |
| Netscape Messaging Server 3.62	| 6,2	 |
| InterScan VirusWall NT ESMPT 3.23	| 6,2,8	 |
| SMail 3.2				| 6,2	 |
| Internet Anywhere Mail Server 2.3.1	| 6,2	 |
| Skyfull Mail Server 1.1.4		| 6,2	 |
| ZetaMail 2.1 (SMTP)			| 6,2	 |
| NetcPlus SmartServer3			| 6,2	 |
| Zom-Mail 1.09				| 6,2	 |
| CSM Mail 2000-01A, 1999-07M,I,H,G,F,b | 6,2 	 |
| Sendmail 4.1, 5.5, 5.6x		| 1	 |
| Sendmail 8.0.x			| 7	 |
| Sendmail 8.65				| 6,1,7	 |
| Sendmail 8.7-9.x			| 6,7,1	 |
+---------------------------------------+--------+
|		NAMED			|	 |
|		~~~~~			|	 |
| Bind-4.9.3-6				| 6,1	 |
| Bind-8.(1-2)(.1-2)			| 6,1	 |
+---------------------------------------+--------+
|		CGI			|	 |
|		~~~			|	 |
| /cgi-bin/faxsurvey			| 5	 |
| /cgi-bin/wrap				| 4	 |
| /cgi-bin/webdist			| 5	 |
| /cgi-bin/handler			| 5	 |
| /cgi-bin/pfdispaly			| 5	 |
| /cgi-bin/view-source			| 3	 |
| /cgi-bin/php.cgi			| 3	 |
| /cgi-bin/aglimpse			| 5	 |
| /cgi-bin/webgais			| 5	 |
| /cgi-bin/campas			| 5	 |
| /cgi-bin/www-sql			| 8	 |
| /cgi-bin/info2www			| 5	 |
| /cgi-bin/man.sh			| 5	 |
| /scripts/convert.bas			| 3	 |
| /cgi-bin/whois_raw.cgi		| 5	 |
| /cgi-bin/nph-test-cgi			| 4	 |
| /cgi-bin/wguest.exe			| 3	 |
| /cgi-bin/rguest.exe			| 3	 |
| /cgi-bin/dbmlparser.exe		| 5	 |
| /samples/search/queryhit.htm		| 8	 |
| /msadc/Samples/SELECTOR/showcode.asp	| 3	 |
| /cgi-bin/perl.exe			| 5	 |
| /cgi-bin/htmlscript			| 3	 |
| /carbo.dll				| 0	 |
| /cgi-bin/textcounter.pl		| 8	 |
| /cfdocs/expelval/displayopenedfile.cfm| 3	 |
| /msadc/Samples/SELECTOR/codebrws.cfm	| 3	 |
| /iissamples/sdk/asp/docs/codebrws.cfm	| 3	 |
| /ASPSamp/AdvWorks/equipment/catalog_type.asp |5|
| /AdvWorks/equipment/catalog_type.asp	| 5	 |
| /cgi-bin/w3-msql			| 8	 |
| /_vti_pvt/service.pwd			| 8	 |
| /_vti_pvt/users.pwd			| 8	 |
| /_vti_pvt/authors.pwd			| 8	 |
| /_vti_pvt/administrators.pwd		| 8	 |
| /cfdocs/expelval/sendmail.cfm		| 5	 |
| /cfdocs/expelval/exprcalc.cfm		| 8	 |
| /showfile.asp				| 3	 |
| /cfdocs/expelval/openfile.cfm		| 3	 |
| /ws_ftp.ini				| 8	 |
| /cgi-dos/args.cmd			| 0	 |
| /cgi-shl/win-c-sample.exe		| 6,5	 |
| /cgi-bin/passwd.txt			| 8	 |
| /cgi-win/uploader.exe			| 8	 |
| /........./autoexec.bat		| 4	 |
| /cgi-bin/rwwwshell.pl			| 8	 |
| /cgi-bin/unlg1.1			| 8	 |
| /.html/............/autoexec.bat	| 4	 |
| /cgi-bin/add_ftp.cgi			| 0	 |
| /scripts/iisadmin/ism.dll?http/dir	| 8	 |
| ..\../				| 4	 |
| /cgi-bin/websendmail			| 5	 |
| /cgi-bin/AT-admin.cgi			| 5	 |
| /cgi-bin/AT-generate.cgi		| 5	 |
| /cgi-bin/jj				| 5	 |
| /cgi-bin/finger			| 5,8	 |
| /cgi-bin/bnbform.cgi			| 5	 |
| /cgi-bin/survey.cgi			| 5	 |
| /cgi-bin/AnyForm2			| 5	 |
| /cgi-bin/classifieds.cgi		| 5	 |
| /scripts/CGImail.exe			| 8	 |
| /search97.vts				| 3	 |
| /cgi-bin/fpexplorer.exe		| 4	 |
| /adsamples/config/site.csc		| 0	 |
| /cgi-bin/formmail.pl			| 8,5	 |
| /cgi-bin/w3-sql			| 8	 |
| /search				| 1,3	 |
| /cgi-bin/input.bat			| 5	 |
| /cgi-bin/input2.bat			| 5	 |
| /cgi-bin/test.bat			| 5	 |
| /cgi-bin/envout.bat			| 5	 |
| /cgi-bin/tst.bat			| 5	 |
| /msadc/msadcs.dll			| 2	 |
| /scripts/tools/newdsn.exe		| 8	 |
| /cgi-bin/get32.exe|dir		| 5	 |
| /cgi-bin/alibaba.pl|dir		| 5	 |
| /publisher/				| 8	 |
| /.htaccess				| 8	 |
| /.htpasswd				| 8	 |
| /cgi-bin/Cgitest.exe			| 8	 |
| /cgi-bin/GW5/GWWEB.EXE		| 6,8	 |
| /cgi-bin/webwho.pl			| 5	 |
| /scripts/webbbs.exe			| 3	 |
| /cgi-bin/query?mss=../config		| 3	 |
| /cgi-bin/search.cgi?letter=..\..\..\..\winnt |4|
| /cgi-bin/plusmail			| 1	 |
| /cgi-bin/imagemap.exe			| 5,2	 |
| /cgi-bin/excite			| 5	 |
| /scripts/uploadn.asp			| 8	 |
| /manage/cgi/cgiproc?Nocfile=/system/version.dat|8|
| /iissamples/issample/oop/qfullhit.htw	| 3	 |
| /iissamples/exair/search/qfullhit.htw | 3	 |
| /iissamples/issample/oop/qsumrhit.htw	| 3	 |
| /iissamples/exair/search/qsumrhit.htw | 3	 |
| /iishelp/iis/misc/iirturnh.htw	| 3	 |
| /scripts/wsisa.dll			| 4	 |
| /cfdocs/exampleapp/docs/sourcewindow.cfm| 3	 |
| /cfdocs/snippets/fileexist.cfm	| 8	 |
| /cfdocs/snippets/viewexample.cfm	| 3	 |
| /cfdocs/cfmlsyntaxcheck.cfm		| 8	 |
| /scripts/counter.exe			| 6	 |
| /cgi-bin/count.cgi			| 8	 |
| /scripts/proxy/w3proxy.dll		| 8	 |
| /WebShop/logs/cc.txt			| 8	 |
| /Orders/order.log			| 8	 |
| /cgi-bin/clickresponder.pl		| 5	 |
| /cgi-bin/click.pl			| 5	 |
| /cgi-bin/loadpage.cgi			| 3,5	 |
| /cgi-bin/search.cgi			| 3,5	 |
| /cgi-bin/postcard.pl			| 5	 |
| /cgi-bin/htsearch			| 3	 |
| /cgi-bin/infosrch.cgi			| 5	 |
| /cgi-bin/.fhp				| 5	 |
| /cgi-bin/sojourn.cgi			| 3	 |
| /scripts/fpcount.exe			| 2	 |
| /_vti_inf.html			| 8	 |
+---------------------------------------+--------+
|		SSH			|	 |
|		~~~			|	 |
| SSH-1.5-1.2.27			| 2,6	 |
+---------------------------------------+--------+
|		DDoS DAEMON		|        |
|		~~~~~~~~~~~		|	 |
| Trinoo Daemon: 27665			| 8	 |
+---------------------------------------+--------+