vuln NSE Category

Scripts

http-enum	Enumerates directories used by popular web applications and servers.
http-iis-webdav-vuln	Checks for a vulnerability in IIS 5.1/6.0 that allows arbitrary users to access secured WebDAV folders by searching for a password-protected folder and attempting to access it. This vulnerability was patched in Microsoft Security Bulletin MS09-020 http://www.microsoft.com/technet/security/bulletin/ms09-020.mspx.
http-passwd	Checks if a web server is vulnerable to directory traversal by attempting to retrieve `/etc/passwd` using various traversal methods such as requesting `../../../../etc/passwd`.
http-vmware-path-vuln	Checks for a path-traversal vulnerability in VMWare ESX, ESXi, and Server (CVE-2009-3733), originally released by Justin Morehouse (justin.morehouse[at)gmail.com) and Tony Flick (tony.flick(at]fyrmassociates.com), and presented at Shmoocon 2010 (http://fyrmassociates.com/tools.html).
realvnc-auth-bypass	Checks if a VNC server is vulnerable to the RealVNC authentication bypass (CVE-2006-2369).
smb-check-vulns	Check for vulnerabilities: MS08-067, a Windows RPC vulnerability Conficker, an infection by the Conficker worm Unnamed regsvc DoS, a denial-of-service vulnerability I accidentically found in Windows 2000 SMBv2 exploit (CVE-2009-3103, Microsoft Security Advisory 975497)
sql-injection	Spiders an HTTP server looking for URLs containing queries vulnerable to an SQL injection attack.