[PEN-TEST] mediocre reporting

[Brian DeLine <Brian_DeLine () HERMANMILLER COM>]

I've never dealt with Vigilante, but their sample report indicates that a
Windows NT box is susceptible to the Ftpd Args Core Dump vulnerability
(UNIX only vulnerability).  I imagine that this is a case of their
marketing people putting the sample report together.  I also notices that
they do not put CVE reference numbers with the vulnerabilities.

http://www.vigilante.com/securescan/sample_report/samplereport.pdf

> Date:    Sat, 2 Dec 2000 04:03:42 +0100
> From:    "Rietveld, Peter" <priet () CENTENNIUM NL>
> Subject: VVIGILANTe Security Scanner
> MIME-Version: 1.0
> Content-Type: text/plain; charset="iso-8859-1"
> Content-Transfer-Encoding: 7bit
>
> A related company is evaluating security scanners for PenTesting. They
have
> had a convincing marketing presentation of Vigilante. From their website
> *www.vigilante.com I 've gathered that they have somehow mixed:
>
>  a.. Fyodor nmap v2.53
>  b.. ISS Internet Scanner NT v6.1
>  c.. Linux traceroute v1.4a5
>  d.. NAI CyberCop NT v5.5
>  e.. SC Robert 3.0.1
>  f.. Slayer icmp v2.1
>  g.. VIGILANTe Exploit Arsenal v1.11
>  h.. VIGILANTe PortScanner v1.29
>  i.. VIGILANTe protocolid v1.26
>
> This product is supposed to catch something like 1000 security bugs, but
ah,
> how many does ISS find, or cybercop? I consider this to be a more or less
> gratuite claim, since it is not a hard claim, but more like something well
> it must be something like a thousand.
> Well, all this means they run more than one box, or run *Nix stuff on NT,
or
> vice versa. Anyway, I am just a bit curious. Anyone take a deeper look
into
> their product? Is it useable?