The chargen service is running.

The Gopher service is running.

The UUCP service is running.

The netstat service is running, which provides sensitive information to remote attackers.

The rsh/rlogin service is running.

A component service related to NIS+ is running.

The OS/2 or POSIX subsystem in NT is enabled.

The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.

WinGate is being used.

A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.

A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete.

A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.

An application-critical Windows NT registry key has inappropriate permissions.

An application-critical Windows NT registry key has an inappropriate value.

Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux.

PIM software for Royal daVinci does not properly password-protext access to data stored in the .mdb (Microsoft Access) file, which allows local users to read the data without a password by directly accessing the files with a different application, such as Access.

Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client.

Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command.

SSH 2.0.11 and earlier allows local users to request remote forwarding from privileged ports without being root.

mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database.